Privacy Policy

We collect the following types of information:

• Account information: Email address, name, birth year, country, and postcode, provided during registration and onboarding
• Health data: Daily steps, sleep duration and stages, heart rate (including resting and sleep-time samples), blood oxygen (SpO2) readings, exercise sessions, calories burned (active and total), distance, respiratory rate, and body temperature. On Android, this data is read from your parent's smartwatch via Google Health Connect, which acts as the on-device source. CoNucleus only reads the metrics listed above and does not access other Health Connect data types.
• Family relationship data: Child and parent profiles, family group associations
• Medical baseline: Health conditions, medications, mobility level, height, and weight entered during onboarding

• Generate weekly health insight emails for the child
• Provide the parent with a view of their own data inside the mobile app
• Communicate with you about your account and service updates

We do not use health data to train machine-learning models, to make medical diagnoses, or for advertising.

Your data is stored in a cloud-hosted PostgreSQL database. All data is encrypted in transit using TLS. Access is restricted to authorised services only. We follow industry-standard security practices to protect your information.

We use the following services to operate CoNucleus. Each processes only the minimum data necessary to provide its function:

• Clerk: authentication and account management
• Resend: email delivery (join code emails and weekly insight emails)
• Vercel: application hosting
• Prisma Postgres (Prisma Data Platform) : encrypted database hosting for account, family, and health data
• Google Health Connect : on-device platform we read from on Android. Health Connect remains under your control; you can revoke our access at any time from the Health Connect app.

We do not sell, rent, or share your personal or health data with third parties for marketing or advertising purposes. We may share data if required by law or to protect the rights and safety of our users.

Your data is retained for as long as your account is active. You can delete your account and all associated data at any time by emailing us at conuparent@gmail.com. When you request deletion, we permanently remove the associated User record, family relationships, medical baseline, and all health records (steps, sleep, heart rate, SpO2, exercise sessions, calories, distance, respiratory rate, body temperature) within 30 days. Backups are purged within 90 days.

Deleting the parent's mobile app or revoking Health Connect access stops new data collection but does not automatically delete data already on our servers. Email us to delete that data.

You have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Withdraw consent at any time

We may update this policy from time to time. If we make significant changes, we will notify you via email.

For privacy inquiries, please email us at conuparent@gmail.com.