Privacy Policy

Last updated: March 23, 2026

1. Information We Collect

Account information: When you create an account, we collect your email address and display name. We use Supabase Auth for authentication via magic links or OAuth providers.

Sleep data: If you connect a wearable device (Oura, Fitbit, WHOOP) or upload Apple Health data, we store normalized sleep session data including sleep stages, duration, heart rate, HRV, and sleep scores.

Usage data: We collect anonymous analytics via Vercel Analytics and Plausible to understand how people use our calculators. We do not use cookies for tracking.

2. How We Use Your Data

We use your sleep data solely to provide personalized sleep recommendations, AI coaching insights, trend analysis, and weekly digest emails. We never sell your personal data to third parties.

AI coaching features send aggregated, anonymized sleep metrics to language model providers (via OpenRouter) to generate personalized advice. No personally identifiable information is included in AI prompts.

3. Data Security

All data is stored in Supabase Postgres with Row Level Security (RLS) enabled — only you can access your own data. OAuth tokens from wearable providers are encrypted with AES-256 at the application level before storage. All connections use HTTPS/TLS encryption.

4. Third-Party Services

We use the following third-party services: Supabase (database and auth), Vercel (hosting), Stripe (payments), Resend (emails), OpenRouter (AI), Plausible (analytics), and Google AdSense (advertising for free users). Each service has its own privacy policy.

5. Advertising

Free users see display advertisements powered by Google AdSense. Pro subscribers enjoy an ad-free experience on dashboard pages. AdSense may use cookies to serve ads based on browsing history.

6. Data Retention and Deletion

You can delete your account and all associated data at any time from your dashboard settings. When you delete your account, all sleep sessions, AI insights, device connections, and profile data are permanently removed.

7. Contact

For privacy questions or data requests, email privacy@sleepstackapp.com.