1. Who we are
PulseWave is a personal wellness app developed and operated by COBI Management SRL, a Belgian société à responsabilité limitée (limited liability company) trading as HighRoad Software, with its registered office at Rue Haut Chemin 8, 1370 Jodoigne, Belgium, registered with the Belgian Crossroads Bank for Enterprises (BCE) and VAT under number BE 0676.613.701. In this policy, "we," "us," "our," and "HighRoad Software" refer to COBI Management SRL. "You" and "your" refer to anyone who downloads or uses PulseWave.
For the purposes of the EU General Data Protection Regulation (GDPR) and the UK GDPR, COBI Management SRL is the data controller of your personal data processed in connection with PulseWave and this website.
This policy explains what data PulseWave collects, how it's used, who it's shared with, and what rights you have over it. It applies to the PulseWave iOS and Android apps and to this website.
If you have questions, our privacy contact is privacy@highroadsoftware.com.
2. On-device inference and Firebase-backed records
AI inference and offline caches are on-device. The current repository also uses an anonymous authenticated Firebase session for cloud-backed app records. The distinction matters: journal content is not sent to an external AI model provider, but it can be transmitted to and stored in Firestore as described below.
- Journal entries and mood check-ins. Entries are cached in iOS Keychain-backed local storage and written to a per-user Firestore sub-collection under the anonymous or linked Firebase user ID. Firestore security rules restrict client access to the authenticated user. Journal content is not used for analytics, advertising or model training.
- AI coaching and thought reframes. PulseWave's coach works immediately with deterministic suggestions generated on your device. If you choose the optional model-install action, PulseWave downloads a GGUF language-model file from HighRoad Software or Hugging Face; the recommended Qwen2.5 0.5B Instruct file is approximately 491 MB. After installation, language-model inference runs locally using llama.rn. Prompts and coaching conversations are not sent to an external AI inference service or API. The file host receives normal download-request data such as your IP address, timestamp, requested file and technical connection information, but not your prompts. Underlying journal and mood records can still be stored in Firebase as described above; coaching inference remains local. The coach's suggestions are advisory only and do not produce legal or similarly significant effects on you within the meaning of Article 22 GDPR.
- Session history and breathing logs. Eligible practice records are cached locally and can be written to the authenticated per-user Firestore record for app functionality, progress and continuity (see section 5).
Camera measurement at launch. The launch version keeps the experimental camera-coherence measurement unavailable while its signal accuracy is being validated. It does not offer or collect camera frames or derived camera measurements through that feature. If a later version enables it, we will update this policy and the App Store privacy disclosures before release, request camera permission and explicit in-app consent, and explain whether any derived health-related values leave the device.
3. Data we do collect
3a. Usage analytics
If you enable app-improvement analytics, we use Firebase Analytics to understand how PulseWave is used in aggregate. Events include things like "session started," "breathing protocol selected," or "premium screen viewed." They do not contain your name, email, journal content, mood notes, or other text you enter. Firebase may associate events with an app-instance identifier and technical information such as device type, OS version, app version, and approximate region. PulseWave is built without advertising-ID support, does not collect the IDFA, and does not use these events for cross-app tracking or advertising.
3b. Crash reports
If you enable diagnostics, Firebase Crashlytics can collect crash logs when the app fails unexpectedly and Firebase Performance Monitoring can collect technical performance measurements. These may include stack traces, device model, OS and app version, launch or network-performance data, and a non-advertising app-instance identifier. We configure diagnostic events not to include your journal text, mood notes or coaching prompts. Avoid entering sensitive information in an optional bug report.
3c. Anonymous session and optional named sign-in
PulseWave can be used without creating a named account, but the current repository creates an anonymous Firebase Auth user ID for its cloud-backed records. If you later link Sign in with Apple or Google:
- We receive a unique user ID from the identity provider. For Sign in with Apple, Apple may relay a private email address and the name you choose to share. For Google Sign-In, we may receive the email, display name and profile-photo URL associated with your Google account.
- Your user ID links your Firestore document (session history, program progress, preferences) so you can restore your data on a new device.
- We do not use your email to send marketing communications without your explicit opt-in.
3d. Subscription data
In-app purchases and subscriptions are managed by RevenueCat. When you purchase a subscription, RevenueCat receives your Apple App Store receipt and provides us with your subscription status (active, expired, trial). We do not receive your payment details. RevenueCat's privacy policy is available at revenuecat.com/privacy.
3e. No advertising tracking
PulseWave does not request App Tracking Transparency permission, does not collect the Apple advertising identifier (IDFA), and does not track you across apps or websites owned by other companies.
3f. Notifications, remote configuration, file delivery, and support
If you enable notifications, Firebase Cloud Messaging and Apple Push Notification service process a device push token and the technical delivery data needed to send the notification. PulseWave does not put journal text, mood notes or coaching prompts in a notification payload. You can disable notifications in PulseWave Settings or iOS Settings.
Firebase Remote Config delivers configuration values, such as whether a feature is available or which in-app presentation is active. Firebase Cloud Storage delivers optional audio files, and Cloud Functions performs account deletion, receipt verification, referral operations and user-requested bug-report handling. Data export is assembled by the App from local data and Firestore records accessible to the authenticated user. These operations process the user ID, request metadata and content required for the chosen action. A bug report is optional and may include text you choose to submit plus redacted diagnostics.
4. Legal basis for processing (EU/EEA users)
For users in the European Economic Area, we process data on the following legal bases:
- Legitimate interests — essential security, fraud prevention, service integrity and responding to support requests, balanced against your rights.
- Contract performance — creating the anonymous session and processing per-user app records, linked-account data and subscription data needed to deliver requested features.
- Consent — optional analytics, diagnostics, notifications, optional model download and any future health-related camera processing that you explicitly enable. You can change available choices in PulseWave Settings and revoke system permissions in iOS Settings.
Journal and mood entries that reveal health. A voluntary entry may become special-category health data under GDPR Article 9 because of what you write or the context in which it is used. Before a public EEA release enables cloud processing of such entries, the shipping app must record a separate, explicit consent under Article 9(2)(a), explain the Firestore path at the point of choice and let you withdraw without losing unrelated core features. A privacy policy or a general analytics preference is not, by itself, that consent. If the submitted build does not provide this gate, cloud journal and mood processing must remain disabled for affected users until it does.
5. Firebase and cloud storage
HighRoad Software uses Google Firebase services including Auth, Firestore, Analytics, Crashlytics, Performance Monitoring, Cloud Messaging, Remote Config, Cloud Functions and Cloud Storage to support anonymous and linked accounts, per-user app records, optional analytics and diagnostics, notifications, configuration, file delivery and app operations.
If you use PulseWave without creating a named account, an anonymous Firebase Auth user ID and token are created to maintain the per-user session. The ID is a persistent app identifier, even though it is not initially linked to a name or email.
Under either an anonymous or linked account, the per-user Firestore record can store session history, program progress, breathing protocol favourites, app preferences and journal entries. Firebase client security rules restrict client access to the authenticated user. Access by authorised HighRoad Software administrators is limited to circumstances where it is reasonably necessary for security, legal compliance or support, and journal content is not used for analytics, advertising or model training.
Firebase and Google Cloud data may be processed in the service locations configured for the project and accessed from countries outside the EEA, including the United States. Where required, transfers rely on an applicable adequacy mechanism or Google's contractual safeguards, including standard contractual clauses. You can find Google's data processing terms at firebase.google.com/terms/data-processing-terms.
6. Third-party processors summary
| Service | Provider | Purpose | Data transferred |
|---|---|---|---|
| Firebase Auth | Anonymous and signed-in sessions | User ID, email (optional) | |
| Firebase Firestore | Per-user app records, offline continuity and linked-account restore | Session logs, program progress, preferences, journal entries and other user content tied to the anonymous or linked user ID | |
| Firebase Analytics | Aggregate usage events | Event names, device type, OS version | |
| Firebase Crashlytics & Performance | Optional crash and performance diagnostics | Stack traces, performance data, app-instance ID, device model, OS and app version | |
| Firebase Cloud Messaging | Optional notifications | Push token and technical delivery data | |
| Firebase Remote Config | Feature and presentation configuration | App-instance and technical request data; configuration values returned to the App | |
| Firebase Cloud Functions | Account deletion, receipt verification, referrals and support operations | User ID, request metadata, receipt or user-submitted content required for the chosen operation | |
| Firebase Cloud Storage | Optional audio-file delivery | User ID or session token, requested file and technical connection data | |
| Sign in with Apple / Google Sign-In | Apple Inc. / Google LLC | Optional account authentication | Provider user ID and, if you choose to share them, email, name or profile-photo URL |
| RevenueCat | RevenueCat Inc. | Subscription management | App Store receipt, subscription status |
| Optional AI model download | Hugging Face, Inc. or HighRoad Software | Deliver a user-requested GGUF model file | IP address, timestamp, requested file, and technical connection information; no prompts or journal content |
We do not sell your data to any third party. None of the above processors may use PulseWave data for their own advertising purposes. Our processor agreements require them to protect personal data to a standard consistent with this policy, Apple's requirements and applicable data-protection law, and to process it only on documented instructions except where law requires otherwise.
6a. Website cookies
Our website at highroadsoftware.com — including the PulseWave pages at /apps/pulsewave/ — uses only essential cookies. We do not deploy advertising, profiling or cross-site tracking cookies on this website. For the full list and your choices, see our Cookie Policy.
6b. Automated decision-making
For the purposes of Article 22 of the GDPR, we confirm that the App's AI coach does not produce decisions that have legal or similarly significant effects on you. The coach's outputs are educational, advisory, and dismissible. You retain full agency to ignore, override or never run a suggestion. No subscription, account, content access or pricing decision is automated based on profiling of your data.
6c. Data security incident notification
If we become aware of a personal-data breach affecting your data, we will notify the competent supervisory authority within 72 hours of becoming aware, where required under GDPR Article 33. Where the breach is likely to result in a high risk to your rights and freedoms, we will notify you directly without undue delay under GDPR Article 34.
6d. Data Protection Officer (DPO)
HighRoad Software does not currently meet the criteria of GDPR Article 37 that would require the appointment of a Data Protection Officer. Privacy enquiries are handled by our privacy contact at privacy@highroadsoftware.com.
7. Children's privacy
PulseWave is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal data through the app, please contact us at privacy@highroadsoftware.com and we will delete it promptly.
8. Data retention
- On-device data (offline caches and locally generated coaching output): retained until you clear it through the App, delete the app, or delete your account as applicable. Journal, mood and eligible practice records may also exist in Firestore as described below.
- Firestore data: retained as long as your account exists. Deleted within 30 days of an account deletion request.
- Analytics events: retained for 14 months in Firebase Analytics. No user-entered content is attached; Firebase app-instance and technical device information may be associated with events.
- Crash logs: retained for 90 days.
- Optional bug reports: retained while needed to investigate and resolve the report and removed with an associated account-deletion request unless a longer period is legally required.
- Subscription records: retained by RevenueCat for as long as needed to manage your subscription and comply with financial regulations.
9. Your rights
Depending on where you live, you may have rights including:
- The right to access the personal data we hold about you.
- The right to correct inaccurate data.
- The right to delete your data (see below).
- The right to restrict or object to certain processing.
- The right to data portability (receiving your data in a machine-readable format).
- For EU/EEA users: the right to lodge a complaint with your national data protection authority.
To exercise any of these rights, contact us at privacy@highroadsoftware.com. We will respond within 30 days.
9a. California residents (CCPA / CPRA)
If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA/CPRA"), gives you specific rights regarding your personal information. This section supplements the rest of this policy.
Categories of personal information we collect
- Identifiers — a Firebase user ID, an optional Apple or Google account identifier, and a Firebase app-instance identifier. PulseWave does not collect the IDFA.
- Commercial information — subscription status (active, expired, trial) via RevenueCat.
- Internet or other network activity — aggregate analytics events (session started, protocol selected) and crash reports.
- Profile information — a display name or profile-photo URL if your chosen sign-in provider supplies it and you choose to share it.
- Inferences — the on-device AI coach may infer mood and practice patterns from your local data; these inferences are not transmitted to us and are not used to build a profile we hold.
Categories of sensitive personal information
If you choose to log mood entries or journal content, these may be considered sensitive personal information under the CPRA. The current repository processes this content on your device and stores the related record in per-user Firestore storage under the anonymous or linked Firebase identity described in section 2. This is not a separate “sync” opt-in. The data is protected by authentication rules and the administrator-access limits in section 5, and is not used for advertising or advertising profiling.
Sale and sharing of personal information
We do not sell or share personal information for cross-context behavioural advertising, as those terms are defined under the CPRA. We have not sold or shared personal information for these purposes in the preceding 12 months. As a result, we do not provide a "Do Not Sell or Share My Personal Information" link — there is nothing to opt out of. If our practices ever change, we will update this policy and provide the required opt-out mechanism before any such activity begins.
California-specific rights and how to exercise them
- Right to know what personal information we collect, use, disclose and (if applicable) sell or share.
- Right to delete personal information we have collected.
- Right to correct inaccurate personal information.
- Right to limit the use of sensitive personal information for purposes other than those reasonably expected.
- Right to non-discrimination for exercising these rights.
To exercise any of these rights, email privacy@highroadsoftware.com with the subject "California Privacy Request — PulseWave." We will verify your identity using account credentials (if you have an account) or by confirming details only you would know. You may designate an authorised agent to act on your behalf with appropriate proof of authorisation.
10. Deleting your account and data
You can request full deletion of your account from within the app: Settings → Account → Delete Account. This action:
- Deletes your Firebase Auth account.
- Deletes your entire Firestore document, including session history, program progress, and journal entries.
- Clears all locally cached app data.
If you cannot access the app, send a deletion request to privacy@highroadsoftware.com with the subject "Account Deletion Request." We will process it within 30 days.
11. Security
The current architecture uses HTTPS in transit, Firebase security rules that restrict per-user Firestore access to authenticated users, provider encryption at rest, iOS app sandboxing and Keychain-backed secure storage for supported local caches. PulseWave does not claim end-to-end encryption: authorised infrastructure administrators and service providers may process data only as described in this policy.
No system is completely secure. If you have a security concern, please email privacy@highroadsoftware.com.
12. Changes to this policy
If we make material changes to this policy, we'll notify you through the app or by email (if we have your address). The "last updated" date at the top of this page reflects the most recent revision. Continuing to use PulseWave after a change takes effect means you accept the updated policy.
Data controller and privacy contact
COBI Management SRL, trading as HighRoad Software
Registered office: Rue Haut Chemin 8, 1370 Jodoigne, Belgium
BCE / VAT: BE 0676.613.701
Privacy: privacy@highroadsoftware.com
Support: support@highroadsoftware.com
Website: highroadsoftware.com
For data subject requests, please use the subject line "Privacy Request — PulseWave" and include the email address or Apple/Google user ID associated with your account. Belgian residents may also lodge a complaint with the Belgian Data Protection Authority (Autorité de protection des données / Gegevensbeschermingsautoriteit) at autoriteprotectiondonnees.be.