Privacy Policy

1. Introduction

Sparklab LLC (“we,” “us,” or “our”) operates Sathi.fit, a multi-app health and wellness platform. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our website, applications, and related services (collectively, the “Services”).

By using Sathi.fit, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use our Services.

2. Information We Collect

2.1 Account Information

When you create an account, we collect your email address and password. If you sign in through a third-party provider, we may receive your name and email from that provider.

2.2 Health & Biometric Data

With your explicit consent, we collect health and biometric data from connected wearable devices and fitness platforms, including but not limited to:

• Sleep patterns, duration, stages, and efficiency
• Heart rate, heart rate variability (HRV), and resting heart rate
• Activity data including steps, calories, distance, and workouts
• Readiness and recovery scores
• Blood oxygen saturation (SpO2) and respiratory rate
• Skin temperature and stress levels

This data may come from Oura Ring, Garmin, WHOOP, Polar, Suunto, Strava, or other supported providers via our integration partner OpenWearables.

2.3 AI Therapist Conversations

If you use our ParentPulse AI therapist feature, the messages you send are processed by a third-party AI service (Anthropic’s Claude API) to generate responses. With your explicit consent, conversation pairs may be stored for your reference. You can revoke this consent and delete all stored conversations at any time.

2.4 Therapy Session Data

If you book sessions with licensed therapists through ParentPulse, we collect booking details, session scheduling information, and payment records. Video therapy sessions are conducted through LiveKit and are not recorded by us.

2.5 Community & Wellbeing Data

If you participate in community features, we collect the content of your posts and replies. Posts may be made anonymously to other users but are associated with your account internally. Wellbeing check-in data (mood, energy, anxiety, sleep quality) is stored linked to your account.

2.6 Payment Information

Payments are processed by Stripe. We do not store your credit card numbers or bank account details. We retain Stripe customer IDs, subscription status, and transaction records.

2.7 Technical & Device Data

We automatically collect technical information such as your browser type, device type, operating system, IP address, and general usage patterns to maintain and improve the Services.

3. How We Collect Data

• Directly from you: When you create an account, fill out forms, post in the community, or use the AI therapist.
• From wearable devices: When you connect a wearable provider (Oura, Garmin, WHOOP, Polar, Suunto, Strava) through OAuth authorization, we receive your health data from those services.
• Automatically: Technical data is collected through standard web technologies when you access our Services.

4. How We Use Your Data

• Providing, maintaining, and improving the Services
• Displaying your health metrics, trends, and correlations across connected devices
• Generating AI-powered responses and guidance through the ParentPulse AI therapist
• Facilitating therapist bookings and video sessions
• Processing payments and managing subscriptions
• Sending transactional emails (booking confirmations, notifications)
• Detecting, preventing, and addressing security issues
• Complying with legal obligations

We do not sell your personal data or health data to third parties. We do not use your health data for advertising purposes.

5. AI & Machine Learning

Our AI therapist feature uses Anthropic’s Claude API. When you send a message to the AI therapist, your message is transmitted to Anthropic for processing. Important details:

• Anthropic operates a zero-data-retention policy for API usage — your messages are not used to train their AI models.
• Conversation logging on our platform is optional and requires your explicit consent. You can enable or disable it at any time.
• You can delete all your stored AI conversations through the consent settings in your account.
• We do not use your health data or therapy conversations to train any AI or machine learning models.

6. Third-Party Services

We use the following third-party services to operate Sathi.fit:

Each third-party service processes data in accordance with their own privacy policies. We select partners who maintain strong privacy and security practices.

7. Data Sharing

We may share your information in the following circumstances:

• Service providers: With the third-party services listed above, solely for operating the Services.
• Therapists: When you book a session, relevant booking details are shared with your selected therapist.
• Legal requirements: When required by law, regulation, legal process, or government request.
• Safety: When necessary to protect the rights, property, or safety of our users or the public.
• Business transfers: In connection with a merger, acquisition, or sale of assets, with notice to affected users.

8. Data Retention

• Account data: Retained while your account is active and for a reasonable period after deletion.
• Health data: Retained while your wearable provider is connected. Disconnecting a provider stops new data collection.
• AI conversations: Retained only with your consent and deletable at any time.
• Payment records: Retained as required by applicable financial regulations.
• Community posts: Retained until deleted by you or removed by our moderation team.

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption of data in transit (TLS/HTTPS)
• Encryption of data at rest in our database
• Row-level security policies ensuring users can only access their own data
• Secure OAuth 2.0 token management for wearable connections
• Webhook signature verification for payment processing
• Regular security reviews of our infrastructure

While we strive to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

10. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete data
• Request deletion of your data
• Export your data in a portable format
• Withdraw consent for data processing
• Disconnect any wearable provider and stop data collection
• Delete your AI therapist conversation history
• Object to or restrict certain processing activities

To exercise any of these rights, please contact us at privacy@sathi.fit.

11. Children’s Privacy

Sathi.fit is not intended for use by children under the age of 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal data, please contact us and we will take steps to delete it.

12. International Data Transfers

Your data may be processed and stored in countries outside your country of residence, including the United States. We ensure appropriate safeguards are in place for international data transfers, including contractual protections with our service providers.

13. Cookies & Tracking

We use essential cookies for authentication and session management. We do not currently use third-party analytics, advertising trackers, or non-essential cookies. If this changes, we will update this policy and provide appropriate notice and controls.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised “Last updated” date. Your continued use of the Services after changes constitutes acceptance of the updated policy.

15. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us: