Privacy Policy

Last Updated: January 28, 2025

Introduction

NeuroHelm ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Personal Information

  • Account Data: Email address, display name when you register via Google Sign-In
  • Health Data: Symptom logs, supplement intake, medication tracking, diet plans, and wellness notes you voluntarily enter. On Android devices where you grant permission, we also read biometric data from Google Health Connect (steps, heart rate, resting heart rate, heart rate variability, sleep duration, and calories burned).
  • Usage Data: App interactions, feature usage patterns

Automatically Collected Information

  • Device type and operating system
  • App version
  • Crash reports and performance data

Google Health Connect (Android)

NeuroHelm integrates with Google Health Connect on Android to read biometric data from your wearable device or fitness apps. This integration is entirely optional and requires your explicit permission.

Data types read from Health Connect: Steps, Heart Rate, Resting Heart Rate, Heart Rate Variability (HRV), Sleep Duration, and Calories Burned.

Health Connect data is never sold to third parties, never used for advertising, and never shared outside of the NeuroHelm service. It is used solely to display your biometric trends alongside your symptom logs.

You can revoke Health Connect permissions at any time via Android Settings → Health Connect → App permissions → NeuroHelm. You can also delete all your data from within the app or by contacting us at privacy@leili.fi.

How We Use Your Information

  • To provide and maintain the Service
  • To personalize your health tracking experience
  • To generate reports and insights based on your data
  • To process subscription payments
  • To communicate with you about the Service
  • To improve and develop new features

Data Storage and Security

Your data is stored securely using Google Firebase, which employs industry-standard encryption both in transit (TLS/SSL) and at rest. We implement appropriate technical and organizational measures to protect your personal information.

Data Sharing

We do not sell your personal information. We may share data with:

  • Service Providers: Firebase (data storage), RevenueCat (subscription management), Google (authentication)
  • Legal Requirements: When required by law or to protect our rights

GDPR Rights (EU/EEA Users)

If you are located in the European Union or European Economic Area, you have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing of your personal data
  • Right to Restrict Processing: Request limitation of processing
  • Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at privacy@leili.fi. We will respond within 30 days.

Legal Basis for Processing: We process your data based on your consent (for health data) and legitimate interests (for service provision).

HIPAA Notice (US Users)

Important: NeuroHelm is a personal health tracking application designed for individual consumer use. We are not a "covered entity" or "business associate" as defined under HIPAA. HIPAA regulations do not apply to data stored in this app.

Do not use this app to store protected health information (PHI) from healthcare providers.

Medical Disclaimer

NeuroHelm is not a medical device and does not diagnose, treat, cure, or prevent any medical condition. The information provided is for general wellness and informational purposes only.

Always consult a qualified healthcare professional for medical advice, diagnosis, or treatment.

Data Retention

We retain your personal data for as long as your account is active or as needed to provide you services. You can request deletion of your account and associated data at any time by contacting us.

Children's Privacy

Our Service is not intended for users under 16 years of age. We do not knowingly collect personal information from children under 16.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

Email: privacy@leili.fi