Privacy

Privacy policy

Last updated: 1 June 2026. Draft. Pending legal review before App Store submission.

In plain language

HearO is an exposure-therapy tool for veterans living with combat-related PTSD. We collect the minimum required to make the app remember your preferences between sessions and let you see your own progress over time. Your real-time pulse from Apple Health stays on your device. We never log when you open the crisis sheet or call ERAN.

Who we are

HearO is published by the HearO project team. For privacy questions, write to privacy@hearo.app.

What data we collect

When you create an account and use the app, we store the following on our backend (Supabase, hosted in the EU):

  • Account: your email address (via Apple, Google, or email/password sign-in) and a display name. We use this to identify your account and nothing else.
  • Preferences: the scene you've chosen, the list of trigger sounds you've consented to hear, and the intensity-ceiling value you ended your last session on per sound. So the app remembers where you left off.
  • Session records: for each completed session: which scene, which sounds played, your pulse sampled at ~4 Hz across the session, and the three-option reflection you chose at the end. So you can see your own progress over time.
  • Reminder schedule: if you enable daily reminders, the time and timezone you chose. So we can send the push at the right hour.

What stays on your device, and never reaches us

  • Your real-time pulse from Apple Health. The live heart-rate stream from your Apple Watch is read by the app on your device to drive the breathing animation and auto-soften logic. It is only ever transmitted to our backend as the sampled curve at session end, and only because that's how progress tracking works. If you don't want any pulse data leaving your device, turn off pulse permission and the rest of the app still works.
  • Crisis sheet taps and calls to ERAN. When you tap the i icon to open the crisis sheet, or when you tap "Call ERAN 1201", the app does not send a request to our backend. This is a deliberate privacy choice. You must be able to trust that asking for help is not surveilled.
  • Audio playback. The trigger sounds and voice narration play locally on your device. We don't track which sounds you encountered in real time; only the per-session record at the end carries that information.

Who we share with

No one, by default. Specifically:

  • We do not sell or rent your data.
  • We do not use third-party advertising networks. The app contains no ads.
  • We do not use third-party analytics SDKs that fingerprint or profile you. If we add basic product analytics later (e.g. PostHog), it will be limited to non-identifying event metadata and your account ID, and we will update this policy before turning it on.
  • Supabase (our database and authentication provider) stores your data on our behalf. They are a sub-processor; their privacy commitments are at supabase.com/privacy.
  • If the law compels us to disclose data (lawful subpoena, court order), we will only do so for the minimum scope required and notify you where permitted.

Where your data lives

Account and session data live in Supabase, hosted in the European Union. Apple Health data stays on your device. Audio assets and voice narration clips are bundled in the app. They don't sit on a server you talk to.

How long we keep it

For as long as your account exists. If you delete your account in the app or by email, we delete your profile, preferences, session records, and reminder schedule within 30 days. Anonymized aggregates (e.g., "how many sessions ran this month") may survive in our system for product analysis; nothing tied to you personally.

Your rights

Under GDPR (if you're in the EU/UK), Israel's Protection of Privacy Law, and most other modern privacy frameworks, you have the right to:

  • Access: see what we have on you. Email us and we'll send you a copy.
  • Correct: fix anything that's wrong. Most of it you can change in the app directly.
  • Delete: wipe your account and everything tied to it. In-app, or by email.
  • Object / restrict: tell us to stop processing some category of data. We'll figure out together what that means in your case.
  • Portability: get your data in a machine-readable format (JSON). Email us.

Email privacy@hearo.app for any of these. If we don't resolve your concern, you can complain to your local data protection authority.

Children

HearO is built for adults. The persona is combat veterans. The app is not directed at children under 18, and we do not knowingly collect data from anyone under 18. If you believe a child has signed up, email us and we'll delete the account.

Not medical advice

HearO is a wellness tool grounded in exposure-therapy principles. It is not a medical device, has not been evaluated by any health regulator, and does not provide diagnosis or treatment. If you are in acute distress, the crisis sheet calls ERAN 1201 (or your equivalent local hotline). If you are in immediate danger, call your local emergency number.

Changes to this policy

When this policy changes, we update the "Last updated" date at the top and notify active users in the app the next time they open it. For material changes (new data we collect, new third parties involved), we will require a fresh acceptance before continuing.

Contact

privacy@hearo.app for privacy questions. hello@hearo.app for anything else.