Transparency Report
Last Updated: December 29, 2025
This Transparency Report outlines how we collect, use, protect, and govern data across our products and services. Our goal is to provide clear and open communication about our practices, strengthen user trust, and ensure full compliance with global privacy standards.
1. Our Data Principles
We follow five core principles:
Minimal Collection – We only collect data necessary to deliver core product functions.
Transparency – We clearly explain what data is collected and how it is used.
User Control – Users can access, export, or delete their data at any time.
Security First – Data is encrypted in transit and at rest.
No Data Sales – We never sell personal data.
2. Data We Collect
We collect data only when required to provide essential features.
2.1 Sleep-Related Data (optional; requires user consent)
Used to generate sleep insights and nightly reports.
Respiratory patterns (derived from non-contact sensors)
Micro-movement and body-motion data
Sleep and wake times
Estimated sleep stages (light, deep, REM)
Environmental conditions (noise, light, temperature, depending on product)
2.2 Device Data
Device model, serial number, and firmware version
Connectivity status (Wi-Fi strength; no password access)
Performance and error logs for diagnostics
2.3 Account Data
Email address
Encrypted password (salted & hashed)
User preferences and settings
2.4 Data We Do Not Collect
No audio recordings
No images or video (if product has no camera)
No GPS or precise location
3. How We Use Data
We use collected data only for the following purposes:
Delivering sleep analysis and personalized insights
Improving device accuracy and performance
Maintaining product stability and resolving technical issues
We do not:
Use data for targeted advertising
Sell or rent user data
Share data with insurance companies or data brokers
4. Data Storage & Retention
Data Type
Retention Period
Notes
Sleep Data
Until user deletes or closes the account
Provided directly by you or
automatically collected
Device Logs
Up to 90 days
From your transactions with us
Account Data
Until account deletion
Automatically collected
through analytics and
advertising tools
Data is stored in ISO 27001–certified data centers.
5. Security Measures
We use industry-standard security to protect your information.
5.1 Encryption
TLS 1.2/1.3 for data transmission
AES-256 for data at rest
Passwords encrypted using PBKDF2/Argon2
5.2 Access Controls
Strict role-based access
Least-privilege enforcement
Continuous logging and auditing
5.3 Security Monitoring
24/7 intrusion detection
Vulnerability scanning and patch management
Breach notification within 72 hours, compliant with GDPR
6. Third-Party Sharing
We may share limited data only in the following scenarios:
Service Providers
Infrastructure partners (cloud, analytics, and customer support tools) may process data solely to
provide essential services.
User-Authorized Integrations
If the user enables syncing with platforms such as Apple Health or Google Health Connect.
Legal Requirements
We only respond to valid and legally binding government or court requests.
We do not allow third parties to use data for independent analysis, profiling, or advertising.
7. Government Requests – Transparency Summary
For the reporting period (2024–2025):
Government requests for user data
0
Content removal requests
0
National security–related requests
0
We will continue to publicly disclose any future requests in this report.
8. AI & Algorithm Transparency
Our algorithms help deliver accurate sleep insights and environmental analysis.
We confirm that:
Models are used only for sleep detection, signal processing, and product optimization
AI does not perform medical diagnosis
AI is not used for personalized advertising
9. Your Rights
Users have full control over their data and may exercise the following rights at any time:
Access – View personal data
Correction – Update inaccurate information
Portability – Export data in standard formats
Deletion – Permanently erase all data
Withdraw Consent – Disable data collection
Appeal – Raise a concern with our support team or relevant regulators
Contact Us
Sleepal Privacy Team
www.sleepal.ai
22000 Opportunity Way, Dock 1–5
Riverside, CA 92518
United States
Monday – Friday, 9:00 AM – 6:00 PM CST
