Privacy Policy

1. Information We Collect

1.1 Session Data

The App collects the following session-related information:

• Session type (sauna, cold, contrast)
• Duration, temperature, and bench level
• Calculated sweat loss and hydration estimates
• Session timestamps and notes
• Protocol tracking and compliance

1.2 Body Metrics

To calculate sweat loss estimates, the App collects:

• Weight
• Sex
• Height (optional)

This data is stored locally on your device and used only for calculations.

1.3 Heart Rate & Biometric Data

If you connect a Bluetooth Low Energy (BLE) heart rate monitor, the App collects:

• Real-time heart rate samples during sessions (BPM at ~1-second intervals)
• Heart rate zone distribution and session averages
• Derived analytics: estimated calorie burn, cold shock metrics, thermal load scores, and acclimatization trends

Heart rate data is stored locally on your device. We do not transmit raw heart rate samples to any server. BLE connections are established directly between your device and your heart rate monitor — we do not act as an intermediary.

1.4 Apple Health Data (iOS)

With your explicit permission, the App may read from and write to Apple Health:

• Workout sessions and active energy burned (when HR-based calorie estimates are available)
• Dietary water entries for bidirectional hydration sync

Apple Health sync is optional and requires your explicit consent through Apple's permission dialogs. Data exchanged with Apple Health stays on your device — it is not uploaded to our servers. You can revoke access at any time in App settings or your device's Health settings.

1.5 Hydration Data

The App tracks daily water intake including amounts, timestamps, and beverage types.

1.6 Account Information

The App offers three sign-in options:

• Anonymous (Default): No personal information collected. Data stored locally only.
• Google Sign-In: Email and name collected for cloud backup.
• Apple Sign-In: Email and name collected for cloud backup.

1.7 Device Information

We collect a device fingerprint (hashed identifier) to:

• Track trial period status and prevent abuse
• Associate referral codes with devices (Android only)

This fingerprint does not identify you personally and cannot be used to track you across other apps.

1.8 Location Data (Venue Leaderboards)

If you choose to join a participating venue's leaderboard — an optional feature you activate by entering a venue code — and you grant location permission, the App checks your device's location at the start and end of a session to confirm you are physically at that venue. This is called geofencing: each venue has a fixed location and a small radius (approximately 100 metres).

• Location is used only to determine whether a session counts toward a venue's board — not for advertising, profiling, or continuous tracking.
• Sessions logged outside a venue's geofence stay in your private history but are not added to that venue's board.
• If you decline location permission you can still use the App normally; venue attribution may instead rely on a code or QR shown at the venue.

Location features are off unless you join a venue leaderboard. You can leave a venue board at any time in App settings, which stops further location checks for that venue. See Section 7 for what a venue can see.

2. Data Storage

2.1 Local Storage (Primary)

The App operates with a privacy-first, offline-first approach. Your session data, body metrics, hydration logs, and settings are stored locally on your device using SQLite. We do not have access to this data.

2.2 Cloud Storage (Optional)

If you sign in with Google or Apple, you may optionally enable cloud backup:

• Backup data is stored in Google Firebase
• Data is encrypted in transit
• Only you can access your backup data
• Cloud backup is a premium feature

2.3 Trial and Subscription Data

We store the following in Firebase:

• Device fingerprint and trial status
• Subscription status (via RevenueCat)
• Referral code data (Android only)

2.4 Data Retention

We retain your data as follows:

• Local data: Retained on your device until you uninstall the app or clear app data
• Cloud backup data: Retained until you delete your account in-app (immediate removal)
• Subscription records: Managed by the app stores (Apple App Store / Google Play) and RevenueCat; cancel subscriptions through the respective store
• Device fingerprint: Retained indefinitely for trial abuse prevention (contains no personal information)

3. How We Use Your Data

We use your data to:

• Calculate sweat loss and hydration estimates
• Calculate health insights estimates
• Compute heart rate analytics including estimated calorie burn, cold shock tracking, thermal load scores, and acclimatization trends (when HR data is available)
• Sync session data with Apple Health (iOS, if enabled)
• Track session history and protocol compliance
• Provide cloud backup (if enabled)
• Manage trial periods and subscriptions
• Process referral rewards (Android only)
• Send push notifications (if enabled)
• Generate shareable session images
• Show your display name and session statistics on a venue leaderboard you have chosen to join, and verify venue attendance via location (optional — see Section 7)

4. Legal Basis for Processing (EU/UK Users)

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data under the following legal bases in accordance with the GDPR / UK GDPR:

• Performance of a contract (Art. 6(1)(b)): to provide the App's core functionality — calculating sweat and hydration estimates, tracking sessions, managing your account and subscription.
• Consent (Art. 6(1)(a)): for optional features you explicitly enable — cloud backup, Apple Health sync, push notifications, Bluetooth heart rate monitoring, and joining a venue leaderboard (including the related location/geofence checks). You may withdraw consent at any time in App settings.
• Legitimate interests (Art. 6(1)(f)): for device fingerprinting to prevent trial abuse, for security measures, and for improving App stability. These interests are balanced against your rights and we use the minimum data necessary.
• Legal obligation (Art. 6(1)(c)): where required by applicable law (for example, responding to lawful requests from authorities).

Special-category health data (heart rate, body metrics) is processed on the basis of your explicit consent (Art. 9(2)(a)) and is stored locally on your device; we do not receive it on our servers unless you enable cloud backup.

5. Third-Party Services

5.1 Firebase

We use Google Firebase for:

• Anonymous and social authentication
• Cloud data storage (backup)
• Trial tracking and referral tracking (referrals on Android only)

Firebase's privacy policy applies to this data processing.

5.2 RevenueCat

We use RevenueCat for subscription management:

• Receives purchase receipts from app stores
• Validates subscription status
• No payment details are stored by us

5.3 Apple Health (iOS)

With your permission, the App integrates with Apple Health:

• Writes workout sessions and active energy burned (when HR-based calorie estimates are available)
• Writes and reads dietary water entries for bidirectional hydration sync

Data read from Apple Health (such as hydration entries from other apps) is displayed in the App in real time but is not copied into the App's local database. Data written to Apple Health (such as workout sessions and calories) remains in Apple Health under Apple's privacy policy. All Apple Health data exchange happens locally on your device — we do not receive, store, or process any Apple Health data on our servers.

5.4 Social Platforms

When you share session images to social platforms (Instagram, Twitter, etc.), those platforms' privacy policies apply. We do not receive data from these shares.

6. International Data Transfers

Zen Zero Pty Ltd is based in Australia. Where cloud services are used (for authentication, trial tracking, cloud backup, or subscription management), your data may be processed on servers located in the United States or other countries outside the EEA, the UK, or Australia.

For transfers of personal data outside the EEA or the UK, we rely on the following safeguards:

• Standard Contractual Clauses (SCCs): our subprocessors Google Firebase and RevenueCat have incorporated the European Commission's Standard Contractual Clauses into their Data Processing Agreements, which we have accepted.
• Supplementary measures: data in transit is encrypted using HTTPS/TLS, and access to cloud infrastructure is restricted to authenticated personnel.

You may request a copy of the relevant transfer mechanism by contacting us at the address in Section 15.

7. Data Sharing

We do not sell or share your personal data with third parties, except:

• With service providers (Firebase, RevenueCat) as described above
• With a participating venue whose leaderboard you have chosen to join (see Section 7.1)
• When required by law
• To protect our rights or safety
• With your explicit consent

7.1 Venue & Community Leaderboards (Optional)

Some venues — saunas, gyms, cold plunge studios, and similar — run an Altaflip community leaderboard. Participation is entirely optional and begins only when you enter that venue's code. If you join one:

• What the venue sees: your first name (or chosen display name) and session statistics such as session count, total minutes, and streaks. The venue does not receive your email, contact details, body metrics, heart rate data, location coordinates, or individual session history.
• Public display: the leaderboard may be shown publicly — for example on a screen in the venue or at a web address for that venue — so other members and visitors may see your display name and ranking. Choose a display name you are comfortable showing publicly.
• Prize challenges: a venue may run a timed challenge. If you win, we may send you a push notification with a claim code, and we share the list of winning display names and their claim codes with the venue so you can collect the prize. We do not share your contact information with the venue.
• Venue summaries: we may send the venue periodic aggregate summaries (for example, total sessions and number of active members). These do not identify individual members beyond the leaderboard described above.

You can leave a venue leaderboard at any time in App settings; your name is removed from that venue's board going forward. Leaving does not delete your personal session history, which remains private to you. These leaderboard features are new and may change, expand, or be discontinued over time; material changes will be reflected in this policy.

8. Push Notifications

The App may send push notifications such as:

• Session reminders
• Streak protection alerts
• Protocol reminders
• Post-session hydration prompts

You can enable or disable notifications in App settings or device settings at any time.

9. Data Security

We implement security measures including:

• Local data stored in SQLite on your device
• HTTPS encryption for all network communications
• Secure Firebase authentication
• Hashed device fingerprints (not reversible)

Since most data is stored locally, you are responsible for your device's security.

10. Your Rights

10.1 Access

You can view all your data through the App interface.

10.2 Deletion

To delete your data:

• Local data: Uninstall the App or clear app data in device settings
• Cloud data and account: Open the App → Cloud Backup (or Profile) → Account section → Delete Account. Deletion is processed immediately and removes your Firebase account and all cloud backups. See our Account Deletion page for full details.

Device-based trial tracking data is retained after account deletion to prevent trial abuse. This data does not identify you personally.

10.3 Portability

You can export your session data through the App's backup feature.

11. Children's Privacy

The App is not intended for children under 13. We do not knowingly collect information from children under 13. If you believe we have collected information from a child under 13, please contact us and we will promptly delete it.

12. California Residents (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you specific rights regarding your personal information.

• We do not sell your personal information. We have not sold personal information in the preceding 12 months and have no plans to do so.
• We do not share your personal information for cross-context behavioural advertising.
• Right to know: you may request details of the personal information we collect and how it is used (see Sections 1 and 3).
• Right to delete: you may delete your data at any time using the in-app account deletion flow (see Section 10.2).
• Right to non-discrimination: we will not discriminate against you for exercising your CCPA rights.

To exercise these rights, contact us at the address in Section 15 with the subject line "CCPA Request."

13. Website

13.1 Website Data Collection

Our website (altaflip.com) is primarily informational and promotional. We do not use analytics tracking or collect personal information directly through the website. There are no account registrations, contact forms, or newsletter signups on the website.

13.2 Hosting and Infrastructure

Our website uses third-party hosting and security services that automatically process certain data:

• IP addresses (for security and abuse prevention)
• Request information (browser type, device, pages visited)
• Geographic location (country-level)

This data is used solely for security, performance optimization, and abuse prevention.

13.3 Cookies

Our website does not set tracking or advertising cookies. Our hosting provider may set functional cookies for security purposes (such as bot detection and security challenges). These cookies are essential for website security and cannot be disabled.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Continued use of the App or website after changes constitutes acceptance of the updated policy.