PRIVACY POLICY - SACHI HEALTH

---

1. INFORMATION WE COLLECT

You provide:

• Email and password, or Sign in with Apple credentials (for account)
• Optional name
• Personal health information you choose to log (symptoms, measurements, lifestyle data)
• Responses to survey questions
• Meeting availability information (if you schedule calls with us)

Automatically collected:

• Device information (model, operating system version, unique device identifiers)
• App version and screen resolution
• Language setting and time zone
• Country/region (based on IP address, not precise location)
• App usage data including which screens you view, when you open/close the app, and engagement time per session
• Session data (session duration, session count, first open time, last engagement time)
• Crash reports and performance data

From Apple Health (with your permission):

• Health data you authorize

From Sign in with Apple (if you use it):

• Name and email address (or private relay email) provided by Apple

2. HOW WE USE YOUR INFORMATION

To provide and improve the app:

• Provide a general wellness app for personal health tracking
• Help you view and understand your personal health information
• Respond to support requests
• Send beta updates
• Analyze usage patterns to improve app functionality and user experience
• Understand which features are used most and how users navigate the app
• Identify and fix technical issues, crashes, and bugs
• Measure app performance and engagement
• Optimize screen layouts and user flows
• Comply with legal obligations

We do NOT:

• Diagnose or treat medical conditions
• Replace medical advice from healthcare providers
• Make medical recommendations
• Provide clinical or diagnostic services
• Sell your data

Call Recording & Transcription (Optional):

• 1-on-1 onboarding calls may be recorded with your consent
• We use Fireflies.ai to transcribe calls for product improvement
• You'll be asked to consent before recording (you can decline)
• Transcripts are analyzed to understand user needs and improve features
• Contact privacy@sachi-health.com to request deletion of recordings

3. WHO WE SHARE YOUR INFORMATION WITH

We do NOT sell your information.

We share information only with service providers who help us operate the app:

Provider	Service
Amazon Web Services (AWS)	Data storage (S3, RDS), authentication (Cognito), serverless computing (Lambda), API management (API Gateway). Your personal health data is stored here.
Google LLC (Firebase)	Analytics and app performance monitoring. Firebase collects device information, usage patterns, and technical data to help us understand how the app is used and identify issues. Firebase does NOT receive your personal health data.
Google LLC (Workspace/Gmail)	Email delivery for account notifications and communications
Apple	TestFlight beta distribution, HealthKit data sync, Sign in with Apple authentication
Calendly	Meeting scheduling (optional – only if you schedule calls with us)
Fireflies.ai	Call transcription (optional – only if you consent to recording)

Service providers process data only on our behalf under contract and cannot use it for their own purposes.

4. SIGN IN WITH APPLE

If you create an account using Sign in with Apple:

What Apple provides us:

• Your name (or a display name you choose)
• Your email address (or Apple's private relay email address)
• A unique identifier for your account

What we do:

• Use this information only to create and manage your account
• Respect your choice to hide your email (if you use Apple's private relay)

What we do NOT do:

• Access your Apple ID password
• Access other information in your Apple account
• Use this information for advertising

Your control:

• Manage Sign in with Apple in: iOS Settings → Apple ID → Password & Security → Apps Using Apple ID
• Apple Sign in with Apple Privacy: https://support.apple.com/en-us/HT210426

5. APPLE HEALTHKIT

If you import data from Apple Health:

Important: This app is for personal wellness tracking only. Data imported from Apple Health is for your informational use and does not replace medical advice.

We:

• Import only data you authorize
• Save it to AWS
• Help you view and track your personal health data
• Write analyzed data back to Apple Health

We do NOT:

• Use it for advertising
• Share with third parties
• Sell it
• Use it to diagnose or treat conditions

Control: Change permissions anytime in iOS Settings → Privacy & Security → Health → Sachi Health

Apple HealthKit Privacy: https://www.apple.com/legal/privacy/data/en/health-kit/

6. ANALYTICS & COOKIES

We use Firebase Analytics to collect information about how you use the app. This helps us:

• Understand which features are most valuable
• Identify and fix bugs and crashes
• Improve app performance and user experience
• Measure engagement and retention

Analytics Identifiers:

Firebase uses analytics identifiers (similar to cookies) to track app usage across sessions. These identifiers:

• Are automatically generated when you first open the app
• Help us understand usage patterns without identifying you personally
• Are separate from your account information
• Do not have access to your health data

7. DATA RETENTION

• While active: We keep your data indefinitely (needed for health tracking over time)
• After deletion: We keep data for 30 days, then permanently delete
• Analytics data: Aggregated analytics data is retained for up to 14 months for product improvement purposes
• Call recordings and transcripts: Deleted 90 days after recording (or immediately upon request)
• Delete your account: Email privacy@sachihealth.com

8. SECURITY

We protect your information with:

• Encryption in transit (HTTPS/TLS)
• Encryption at rest (AES-256)
• Hashed passwords (never stored in plain text)
• Access controls
• Monitoring and logging

Our infrastructure providers (AWS, Google, Apple) maintain security certifications including SOC 2 Type II and ISO 27001.

9. AGE RESTRICTIONS

You must be at least 18 years old to use this app. We do not knowingly collect information from anyone under 18. If you are under 18, do not use the app or provide any information. If we learn we have collected information from someone under 18, we will delete it immediately.

10. YOUR PRIVACY RIGHTS

You can:

• Access your data
• Delete your account anytime
• Correct information
• Control Apple Health permissions
• Request deletion of call recordings and transcripts
• Withdraw consent to data processing by deleting your account or contacting us
• Request information about what analytics data has been collected

State Privacy Laws: We comply with applicable state privacy laws. Residents of states with privacy laws have rights to access, delete, and correct your data.

California residents: You may designate an authorized agent to make requests on your behalf. To verify the authorized agent, we may require written permission from you.

To exercise your rights: Email privacy@sachihealth.com

We respond within 30 days.

11. BETA TESTING & COMMUNICATION

• This is a beta via Apple TestFlight
• You can leave anytime by uninstalling
• We may send beta updates and request feedback

12. WHATSAPP USER ADVISORY GROUP (OPTIONAL)

If you join our optional WhatsApp User Advisory Group:

• Your WhatsApp name, phone, and messages are visible to other group members
• You can leave anytime
• WhatsApp privacy policy applies: https://www.whatsapp.com/legal/privacy-policy

14. CHANGES TO THIS POLICY

We may update this policy as our practices change. We will notify you of material changes via email or in-app notification.

Continued use of the app after changes means you accept the updated policy.