Privacy Policy

This Privacy Policy explains how Windows & Waves collects, uses, stores, and protects your information when you access or use our website and application (the “Service”).

We are committed to protecting your privacy and handling your information in a transparent and secure manner. The Service allows users to log and track personal data, including health-related information, and we take appropriate measures to safeguard such data.

This Privacy Policy describes the types of information we collect, how we use it, and the choices you have regarding your information.

We may collect the following categories of information:

Account Information:

Information you provide when creating or managing an account, such as your email address and authentication identifiers.

User-Generated Data:

Information you choose to input into the Service, including but not limited to symptoms, medication logs (including dosage and timing), daily check-ins, wave logs, journal entries, and other self-tracked data.

Usage and Device Information:

Information about how you access and use the Service, such as your IP address, device type, browser type, operating system, and interactions with the Service.

Payment Information:

If you purchase a subscription, payment information is processed by third-party payment providers (such as Stripe). Windows & Waves does not store full payment card details.

We use your information for the following purposes:

• To provide, operate, and maintain the Service
• To process and analyze user-provided data in order to generate analytics, visualizations, and other features you request
• To facilitate payments and manage subscriptions, including through third-party payment providers (such as Stripe)
• To communicate with you, including responding to inquiries and providing important updates about the Service
• To improve the performance, reliability, and user experience of the Service
• To comply with legal obligations and enforce our Terms of Service

We do not sell your personal information.

We may share your information with trusted third-party service providers that help us operate, maintain, and improve the Service. These providers process information on our behalf and only as necessary to perform their functions. Such providers include:

Infrastructure and Hosting Providers (e.g., Vercel):

used to host and deliver the Service
(Privacy Policy)

Database and Authentication Providers (e.g., Supabase):

used to store data and manage user accounts and authentication
(Privacy Policy)

Payment Processors (e.g., Stripe):

used to process subscription payments and billing
(Privacy Policy)

These third-party providers are contractually obligated to protect your information and are not permitted to use it for their own purposes.

We may also disclose information if required to do so by law or in response to valid legal requests.

Windows & Waves does not currently use cookies or similar tracking technologies for analytics or advertising purposes.

We may use essential technologies necessary to operate and secure the Service.

If we introduce cookies or analytics tools in the future, we will update this Privacy Policy accordingly.

We implement reasonable administrative, technical, and organizational measures to protect your information from unauthorized access, disclosure, alteration, or destruction.

These measures include the use of secure hosting infrastructure, encryption in transit, authentication systems, and access controls provided by trusted third-party providers.

Payment information is processed by third-party payment providers (such as Stripe), and Windows & Waves does not store full payment card details.

However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

We retain your information for as long as your account is active or as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements.

If you choose to delete your account, we will delete your personal information from our active systems within a reasonable period, except where retention is required by law or for legitimate business purposes.

Please note that limited information may be retained in backups or logs for a short period before being permanently deleted.

You have control over your information and may exercise the following rights:

• Access and export your data
• Update or delete certain data directly within the Service
• Delete your account at any time

If you need assistance accessing, updating, or deleting your information, you may contact us at support@windowsandwaves.com.

Windows & Waves is not a covered entity under the Health Insurance Portability and Accountability Act (“HIPAA”) and is not intended to create or maintain protected health information as defined under HIPAA.

The Service is designed for personal use only and is not intended for use by healthcare providers or for clinical purposes.

If you choose to use the Service in a manner that involves regulated health information, you are solely responsible for ensuring compliance with any applicable laws or regulations.

The Service is not intended for individuals under the age of 18, and we do not knowingly collect personal information from individuals under 18. If we become aware that we have collected personal information from a user under 18, we will take steps to delete such information.

We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date and may provide notice within the Service.

Your continued use of the Service after such changes become effective constitutes your acceptance of the updated Privacy Policy.

If you have any questions about this Privacy Policy or our data practices, please contact us at support@windowsandwaves.com.