Login

Privacy Policy

This privacy policy (“policy”) explains how Vasana, Inc. (“Vasana”,”us”, “we”, “our”) collects, uses, and protects the data you provide when you visit and use www.vasana.ai (“website”, “service”) and our mobile application. We reserve the right to change this policy at any time, and we will notify you of any changes. Please check this page regularly to ensure you are up to date with the latest information.

Effective: 12 May 2026

Who we are

Vasana, Inc. (“Vasana”, “we”, “us”, “our”) provides the Vasana mobile application and the www.vasana.ai website (together, the “Services”). Our company values include putting members first. We are committed to protecting and respecting your privacy in connection with your use of our content and products. You can contact us at hello@vasana.ai.

Scope and applicability

This policy explains how we collect, use, share, and protect information when you use our Services. It applies to information collected via the mobile app, website, in‑app web views, customer support, research opt‑ins, and integrations you choose to connect (e.g., Apple Health, Google Fit). The Services are intended primarily for a U.S. audience.

Important health disclaimer
Vasana is a wellbeing companion. It is not a medical device or platform and does not provide medical advice, diagnosis, or treatment. If you are experiencing an emergency, call your local emergency number.  If you need medical or clinical advice, contact your doctor.

Information we collect

We collect the categories below when you use our services. Some of this information may be considered health or sensitive under applicable laws.

Contact Information and Identifiers

When you use our Platform, we may ask you to provide certain contact information, including your first and last name and email address. Through your account in our Product, you may have the opportunity to provide additional information about yourself, such as your age, preferred pronouns, gender or gender identity, sex at birth, and more.

Account Information

If you decide to set up an account with us, we may ask you to provide certain additional contact information including, for example, your first and last name, e-mail address (personal and/or work), telephone number, mailing address, employer or company name, job title, student identification number, emergency contact information, as well as password and other authentication-related information. For individuals who participate in special subscriptions and features, including group plans, we may collect additional personal information, for example, home address and names and emails of household members.

Health information

We will collect the information you provide about your health and wellness as you use our Products or engage with the Services. You may provide this information through the Products, such as through survey responses about your current mental or physical health status, setting your health or wellness goals, or in other inputs that relate to your health or wellbeing. 

Check‑ins, Journals, and User Content

We will collect free-text or tagged entries you choose to provide about your mood or feelings, including associated intensity ratings, timestamps, and optional tags (such as emotion or theme).

Payment information

If you sign up for a paid product or service from us, you may be required to provide your payment card or bank account information. Please note that Vasana does not directly process payment card information, and instead relies upon third-party payment processors to do so on our behalf. Please note that third-party terms may apply to these payment services. Personal information collected for these purposes includes card number, type, expiration date, and billing address, and certain anonymized, limited and/or truncated versions of this information may be provided to Vasana.

Usage Information 

Responses and results for behavioral, mental, or physical wellbeing assessments you complete in the app. We also collect other responses like the sessions you use, videos you view, content you listen to, screens or features you access, and other similar types of usage information.

Support and Coaching Communications

When you submit a support request, engage with our support team, or interact with Huma, our AI-powered wellbeing coach, we collect the information you choose to provide as part of that interaction. This may include messages, questions, and other content entered into chat interfaces, whether before or after submission. We use this information to respond to your requests, provide coaching or support, improve our Services, and maintain safety and quality. Such information may be processed by Vasana personnel and trusted service providers acting on our behalf and subject to confidentiality and data protection obligations.

Health & Fitness Data (optional, via integrations you connect)

We only access categories you explicitly approve. You can disconnect at any time in the integration’s settings.

When you connect a health integration (such as Apple Health, Google Fit, or Health Connect), we may access the following categories of data, each only with your explicit permission:

  • Steps: daily step count, used as the primary measure of daily movement activity
  • Distance: distance traveled, used as a fallback when step data is unavailable
  • Active Calories Burned: calories from physical exertion, used to assess activity intensity
  • Total Calories Burned: combined active and resting energy expenditure, used for overall energy analysis
  • Heart Rate: used to assess physiological stress and activity response
  • Resting Heart Rate: compared against your personal baseline to detect fatigue or stress
  • Heart Rate Variability (HRV): used as a key indicator of nervous system balance and recovery
  • Sleep: including duration, awake time, and sleep stages (where available), used to assess rest quality
  • Physical Activity Recognition: movement state (e.g., walking, running, stationary), used to contextualize activity data

This data, individually and in combination, is used to calculate structured wellness scores within the app (see Product Personalization below). Health and activity data accessed via integrations may be transmitted to and stored on Vasana’s backend servers to support longitudinal tracking, trend analysis, and a consistent experience across your devices. This data is handled securely, used only for the features described in this policy, and is never sold or used for advertising.

Device, Usage & Diagnostic Data

We collect technical and usage information about your device and how you interact with the Services, including device model, operating system version, app version, IP address, timezone, locale, product interaction events (such as app launches, taps, and feature usage), crash logs, and performance metrics, to operate, secure, and improve the Services.

Cookies and Similar Technologies (website & web views)

When you access our website or in-app web views, we use strictly necessary cookies and similar technologies for authentication, security, and core functionality, and—where permitted by law—optional analytics cookies to understand usage patterns and improve the user experience.

Note: Data collected in in‑app web views is declared here unless you are navigating the open web (not the case in normal use).

Information from partners

You may follow links contained in our Platform or provided to you by other users to third-party websites or products not operated by us. This Privacy Policy does not apply to third-party websites or products. We strongly suggest you review their privacy policies to understand how your personal information is used and stored by those third parties.

If you connect third‑party services (e.g., health platforms), we receive data per your authorization. Service providers (e.g., authentication, analytics, crash reporting) may process limited data to provide their services on our behalf

How we use information

We use information for the following purposes. Where required by law (e.g., for health integrations), we rely on your consent.

App Functionality

We use information to operate and maintain the Services, including creating and authenticating accounts, syncing entries across devices, displaying assessment status and results, enabling in-app messaging and customer support, preventing fraud, maintaining security, and ensuring service reliability.

Product Personalization

We use information to personalize your experience by tailoring check-ins, prompts, insights, and practice recommendations (such as breathing, journaling, and grounding) based on your entries, assessment results, and—if you choose to connect integrations—relevant health or fitness data.

Where you connect health integrations, data such as sleep duration, heart rate, HRV, steps, and activity is used to calculate domain-specific wellness scores—including Sleep Score, Movement Score, Stress & Anxiety Score, and Energy Score—and an overall Wellness Indicator. These scores are computed using weighted models and power the personalized insights, recommendations, and progress summaries displayed in the app.

If health integration data is unavailable or you choose not to connect an integration, wellness scores are calculated instead using your responses to in-app onboarding assessments and check-ins. The same scoring domains apply, with weights adjusted to reflect the available inputs.

Analytics and Service Improvement

We use information to understand how features are used in aggregate, measure performance, stability, and quality, and to provide, maintain, and improve the Services, including debugging and identifying and repairing errors.

Notifications and Reminders

We use information to send you notifications and reminders related to check-ins, practices, assessments, and gentle insights, which you can control or disable at any time through your settings.

Aggregated and De-identified Data

We may create and use aggregated or de-identified data that can no longer reasonably be used to identify you, based on our legitimate interest in improving our Services, generating insights and reports, and enhancing and promoting our business.

Legal and Compliance

We use information to comply with applicable laws and regulations, resolve disputes, enforce our terms and policies, and protect the rights, safety, and security of Vasana, our users, and others.

AI Features

We use artificial intelligence (AI), including machine-based systems that operate with varying levels of autonomy to infer from inputs and generate outputs, to support the operation of the Services. Much of this use occurs behind the scenes, such as for security monitoring of our infrastructure, quality assurance, and content or practice recommendations. Our AI features are designed to support wellbeing and service functionality and are not intended to provide medical advice or diagnosis.

On‑device processing vs. collection

When feasible, we process data on the device. Data that never leaves your device is not “collected” for platform disclosures. When we transmit data to our servers for synchronization or processing beyond the immediate request, it is considered collected.

Sharing of information

We may disclose information about you as described below and elsewhere in this Privacy Policy, or at the time of collection. We share information only as necessary to operate, secure, and improve the Services.

Service Providers and Professional Advisors

We may share information with trusted companies and contractors that perform services on our behalf, such as:

  • Cloud hosting and infrastructure providers
  • Authentication and identity services
  • Analytics and crash-reporting providers
  • Customer support and in-app messaging tools
  • Payment processors and fraud-prevention vendors

We may also disclose information to our accountants, auditors, lawyers, and other professional advisors, subject to appropriate contractual obligations of confidentiality.

Legal, Safety, and Rights Protection

We may disclose information if we believe such disclosure is required or appropriate to:

  • Comply with applicable law, regulation, legal process, or lawful request by public authorities
  • Enforce our terms, policies, or agreements
  • Protect the rights, property, safety, and security of Vasana, our users, or others
  • Prevent, investigate, detect, or prosecute fraud, abuse, or other criminal activity
  • Establish, exercise, or defend legal claims

Business Transfers

We may disclose or transfer information in connection with, or during negotiations of, any merger, acquisition, reorganization, financing, sale of assets, or similar business transaction involving all or part of Vasana.

Affiliates

We may share information between and among Vasana and our current or future parents, affiliates, subsidiaries, and entities under common ownership or control, consistent with this Privacy Policy.

Subscriptions Provided by Others

If your Vasana access is provided by another party (such as an employer, organization, or family member), we may inform them that you have activated or are using the subscription they made available to you. We do not share your private journal entries, check-ins, or assessment content with them.

With Your Consent or Direction

We may share information when you explicitly consent or direct us to do so, such as when you connect third-party integrations or choose to share content through supported features.

Aggregated or De-identified Data

We may disclose aggregated or de-identified information that cannot reasonably be used to identify you. This information is not subject to personal data protection obligations.

Advertising and Analytics

Vasana does not sell personal information, does not engage in targeted advertising, and does not share personal data with third-party advertising networks or data brokers.

We may use first-party or service-provider analytics tools to understand how the Services are used, improve performance, and enhance reliability. These providers may collect information such as device identifiers, IP address, app usage events, and diagnostic data solely to provide services to Vasana, under contractual restrictions.

We do not permit analytics providers to use your data for their own advertising purposes.

International Data Transfers

Vasana is based in the United States and may process information in the U.S. and other countries where we or our service providers operate. These jurisdictions may not provide the same level of data protection as your home country.

Sensitive platform disclosures

Android (Google Play):

The following Health Connect and system permissions may be requested. Each is optional and user-controlled. You can revoke any permission at any time in your device settings.

  • READ_STEPS — reads daily step count to calculate Movement Score
  • READ_DISTANCE — reads distance traveled; used as a fallback for Movement Score when steps are unavailable
  • READ_ACTIVE_CALORIES_BURNED — reads calories from physical activity to assess exertion intensity
  • READ_TOTAL_CALORIES_BURNED — reads combined active and resting calorie expenditure for Energy Score
  • READ_HEART_RATE — reads heart rate measurements to assess physiological stress and activity response
  • READ_RESTING_HEART_RATE — reads resting heart rate for baseline deviation analysis in Stress & Energy scoring
  • READ_HEART_RATE_VARIABILITY — reads HRV for recovery and Stress & Anxiety Score calculation
  • READ_SLEEP — reads sleep duration, awake time, and stages (where available) for Sleep Score calculation
  • ACTIVITY_RECOGNITION — detects movement type (walking, running, stationary) to contextualize activity data

Notifications: used for reminders and insights; optional. No SMS/Call Log access. Network access: used to sync entries, assessments, and settings.

iOS (Apple HealthKit and system permissions):

HealthKit categories: accessed only with your explicit permission for the categories you select; used strictly for in-app functionality and personalization; not used for marketing/advertising; not shared with third parties except processors under contract.

Motion & Fitness activity (CMMotionActivityManager): if used on iOS, motion data is accessed to contextualize physical activity in the same way as Activity Recognition on Android. This permission is optional and can be revoked in device settings.

Retention of Data

The security of your personal information is important to us. We follow generally accepted standards, practices, and procedures to protect the personal information submitted to us, both during transmission and once it is received. We maintain appropriate technical, administrative and physical safeguards to help protect the security of your personal information against unauthorized access, destruction, loss, alteration, disclosure or misuse.

We will keep your personal information for as long as needed to perform our obligations to you, or for as long as legally permitted. The criteria used to determine our retention periods include: (i) the length of time we have an ongoing relationship with you; (ii) whether there is a legal obligation to which we are subject; and (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations). For example, we keep your account information, like your name, email address, and password, for as long as your account exists so that you may access it.

You can request deletion at any time (see Your rights & choices).

Your rights & choices

We believe that you should have control of your personal information. To that end we provide the following rights to make requests regarding your personal information. You may make these requests by contacting hello@vasana.ai or in some cases using features within the Platform:

Controls in the app

  • Update profile and preferences
  • Manage notifications
  • Export or delete your data (where available)

Requests by email
Contact hello@vasana.ai to access, correct, delete, or export your data. We may need to verify your identity. If we cannot fulfill a request, we will explain why.

Region‑specific rights

EU/UK: Access, rectification, erasure, restriction, portability, and objection (including to processing based on legitimate interests). You may lodge a complaint with your local data protection authority.

US (e.g., CA/VA/CO/CT/UT): Right to know/access, delete, correct, and opt out of sale/share/targeted advertising (we don’t sell or share). Authorized agents may submit requests; we will verify identity/authority. Appeals process available where required.

International transfers

We may process data outside your country (e.g., United States). Where applicable, we use lawful transfer mechanisms (such as Standard Contractual Clauses) and implement appropriate safeguards.

Security

We use administrative, technical, and organizational measures appropriate to the risk, including encryption in transit, access controls, least‑privilege, secure development practices, vendor due diligence, and incident response. No system is 100% secure; if a breach occurs, we will notify users and/or regulators as required by law.

Children’s privacy

The Services are intended for individuals 18 years and older and not directed to individuals under 18. We do not knowingly collect personal information from individuals under 18 years old. If you become aware that a child has provided personal information, contact us so we can take appropriate action.

Changes to this policy

We may update this policy from time to time. Material changes will be communicated in‑app or on our website with a new “Last updated” date. We encourage you to periodically check this Privacy Policy to stay informed about how we handle your personal information.

Contact us

Vasana, Inc.
Email: hello@vasana.ai

Stay in the loop.

Sign up for emails and never miss what’s new.
Loading...