At Respiro, your privacy is fundamental. We built the app with a privacy-first approach:
stress detection runs entirely on your device, and we collect only what's needed to make the app work.
What We Collect
We collect only what's necessary to provide a personalized stress relief experience:
- Email address (if you create an account) — for authentication via email OTP (one-time password). We support Sign in with Apple and Google Sign-In
- Practice session data — which practices you complete, duration, and mood check-ins (Inner Weather). Used for personalization and weekly insights
- Anonymized usage analytics — app opens, screen views, feature usage. Sent to Amplitude for product improvement
- Device type and app version — for technical support and compatibility
- Subscription status — managed by RevenueCat to verify your PRO access
What we do NOT collect:
- No health data (we don't use HealthKit or any wearable)
- No location data
- No contacts, photos, or microphone access
- No browsing history or advertising identifiers
On-Device Processing
Smart Stress Detection runs entirely on your device.
Respiro analyzes 7 behavioral signals — app open times, session frequency, practice patterns,
mood check-in trends, and more — to detect rising stress and suggest the right technique.
This analysis never leaves your phone. No data is sent to any server for stress computation.
All personalization (4-stage recommendation engine, 11 signals) is computed locally using on-device data stored in SwiftData.
Guest Users
You can use Respiro without creating an account. As a guest:
- All practice data is stored locally on your device only
- Smart stress detection works fully on-device
- No personal information is sent to our servers
- You can still purchase PRO via the App Store (anonymous RevenueCat ID)
If you later create an account, local data stays on your device. Server sync begins only after sign-in.
How We Use Your Data
- Deliver personalized practice recommendations based on your history
- Generate daily insights and weekly progress reports
- Send push notifications (stress suggestions, daily reminders) — only if you opt in
- Improve the app based on aggregated, anonymized usage patterns
- Provide customer support when you contact us
We never sell your data to advertisers or third parties.
Third-Party Services
We use trusted, industry-standard services:
- Supabase — Database and authentication (SOC 2 Type II certified). Stores user accounts and synced practice data
- RevenueCat — Subscription management (Apple-compliant). Manages PRO access and purchase verification
- Amplitude — Product analytics. Receives anonymized usage events (app opens, practice completions, feature interactions). No personal identifiers are sent unless you have an account
- Apple — App distribution, in-app purchases, and push notifications via APNs
Each service processes data only as needed to provide their services, under their own privacy policies.
Notifications
Respiro may send push notifications for:
- Stress suggestions — when behavioral signals indicate rising stress (computed on-device, notification sent locally)
- Daily practice reminders — at a time you choose in Settings
- Milestone celebrations — when you reach practice milestones
All notifications require your explicit permission. You can disable them anytime in iOS Settings or within the app.
Your Rights
You have full control over your data:
- Delete — Remove your account and all server-side data instantly from Settings > Account > Delete Account
- Opt out of analytics — Disable in app Settings
- Revoke notifications — Disable in iOS Settings at any time
- Use without account — Guest mode keeps everything local
When you delete your account, all data is permanently removed from our servers within 30 days. Local data is deleted immediately.
Data Security
- All network traffic encrypted via HTTPS/TLS
- Database encryption at rest (Supabase)
- Authentication via secure OTP (no passwords stored)
- Row Level Security (RLS) on all database tables
- Minimal data retention — we don't keep what we don't need
Children's Privacy
Respiro is not intended for children under 13 years of age. We do not knowingly collect
personal information from children. If you believe a child has provided us with personal data,
please contact us immediately.
Changes to This Policy
We may update this policy when we add new features or services. When we make significant changes,
we'll notify you through the app. The "Last updated" date at the top indicates when this policy was last revised.