Privacy Policy

Last Updated: June 21, 2025

Introduction

NeuroHelm ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Personal Information

  • Account Data: Email address, display name when you register via Google Sign-In
  • Health Data: Symptom logs, supplement intake, medication tracking, diet plans, and wellness notes you voluntarily enter. On Android devices where you grant permission, we also read biometric data from Google Health Connect (steps, heart rate, resting heart rate, heart rate variability, sleep duration, and calories burned).
  • Usage Data: App interactions, feature usage patterns

Automatically Collected Information

  • Device type and operating system
  • App version
  • Crash reports and performance data

Google Health Connect (Android)

NeuroHelm integrates with Google Health Connect on Android to read biometric data from your wearable device or fitness apps. This integration is entirely optional and requires your explicit permission.

Data types read from Health Connect: Steps, Heart Rate, Resting Heart Rate, Heart Rate Variability (HRV), Sleep Duration, and Calories Burned.

Health Connect data is never sold to third parties, never used for advertising, and never shared outside of the NeuroHelm service. It is used solely to display your biometric trends alongside your symptom logs.

You can revoke Health Connect permissions at any time via Android Settings → Health Connect → App permissions → NeuroHelm. You can also delete all your data from within the app or by contacting us at privacy@leili.fi.

How We Use Your Information

  • To provide and maintain the Service
  • To personalize your health tracking experience
  • To generate reports and insights based on your data
  • To process subscription payments
  • To communicate with you about the Service
  • To improve and develop new features
  • To operate, display, and moderate community features such as posts, comments, and user interactions

Data Storage and Security

Your data is stored securely using Google Firebase, which employs industry-standard encryption both in transit (TLS/SSL) and at rest. We implement appropriate technical and organizational measures to protect your personal information.

Community & Social Features

When you participate in the NeuroHelm community, we collect your chosen social name, the text and images you post, your comments and replies, emoji reactions, and @mention interactions.

Your social name, posts, and comments are visible to other authenticated NeuroHelm users. Your email address and health data are never exposed through community features.

Images you attach to social posts are uploaded to secure cloud storage and are visible to other users. You may delete your posts and associated images at any time.

AI Content Moderation

All community content — including posts, comments, and replies — is automatically reviewed by an AI moderation system to help maintain a safe and supportive environment.

The moderation system checks for hate speech, medical misinformation, spam, and self-harm content. Flagged content is temporarily hidden pending review.

If your content is flagged, you may submit an appeal for human review. We aim to process appeals promptly.

Data Sharing

We do not sell your personal information. We may share data with:

  • Service Providers: Firebase (data storage), RevenueCat (subscription management), Stripe (payment processing), Google (authentication)
  • Legal Requirements: When required by law or to protect our rights

GDPR Rights (EU/EEA Users)

If you are located in the European Union or European Economic Area, you have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing of your personal data
  • Right to Restrict Processing: Request limitation of processing
  • Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at privacy@leili.fi. We will respond within 30 days.

Legal Basis for Processing: We process your data based on your consent (for health data) and legitimate interests (for service provision).

HIPAA Notice (US Users)

Important: NeuroHelm is a personal health tracking application designed for individual consumer use. We are not a "covered entity" or "business associate" as defined under HIPAA. HIPAA regulations do not apply to data stored in this app.

Do not use this app to store protected health information (PHI) from healthcare providers.

Medical Disclaimer

NeuroHelm is not a medical device and does not diagnose, treat, cure, or prevent any medical condition. The information provided is for general wellness and informational purposes only.

Always consult a qualified healthcare professional for medical advice, diagnosis, or treatment.

Data Retention

We retain your personal data for as long as your account is active or as needed to provide you services. You can request deletion of your account and associated data at any time by contacting us.

Children's Privacy

Our Service is not intended for users under 16 years of age. We do not knowingly collect personal information from children under 16.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

Email: privacy@leili.fi