Stillness

Privacy Policy

Last Updated: May 22, 2026

1. Introduction

In Spades Media LLC ("we," "us," or "our") operates Stillness ("the Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using Stillness, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

Account Information:

  • Email address
  • Display name (optional)
  • Profile settings

Session Data:

  • Breathing exercise selections
  • Session completion status
  • Duration of practice

2.2 Information Collected Automatically

Usage Data:

  • Pages and features accessed
  • Session frequency and patterns
  • Device type and browser information
  • IP address (anonymized)

Progress Data:

  • Session counts and streaks
  • Category preferences
  • Total practice time

2.3 Payment Information

When you subscribe to Stillness Premium, payment processing is handled by Stripe. We do not store your full credit card number or CVV.

3. How We Use Your Information

We use the information we collect to:

  • Provide the Service: Track your progress, maintain streaks, and personalize your experience
  • Process Payments: Manage subscriptions and billing
  • Improve the Service: Analyze usage patterns to enhance features and content
  • Communicate: Send important updates and respond to inquiries
  • Security: Detect and prevent fraud or unauthorized access

4. Data Minimization

We practice data minimization principles:

  • We only collect data necessary for the Service to function
  • Session content is stored locally when possible
  • Statistical data is anonymized before aggregation
  • We regularly review and delete unnecessary data

5. How We Share Your Information

We do not sell your personal information. We may share information with:

5.1 Service Providers

  • Firebase (Google): Authentication and database services
  • Stripe: Payment processing
  • Google Analytics: Usage analytics (privacy-focused configuration)
  • Vercel: Hosting infrastructure

5.2 Legal Requirements

We may disclose information if required by law, subpoena, or to comply with legal obligations, protect our rights, prevent fraud, or protect user safety.

6. Data Retention

We retain your information for as long as your account is active. You may request deletion at any time.

After account deletion, personal data is removed within 30 days and session history is permanently deleted.

7. Data Security

We implement industry-standard security measures including:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure authentication via Firebase
  • PCI-compliant payment processing via Stripe
  • Input validation and Firebase security rules

8. Your Rights and Choices

8.1 Access and Update

You can access and update your personal information through your account settings.

8.2 Delete Your Account

You may delete your account and all associated data at any time. Contact us at support@stillness.is.

8.3 California Residents (CCPA)

California residents have additional rights including:

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of sale of personal information (we do not sell data)

8.4 European Users (GDPR)

If you are in the European Economic Area, you have rights including:

  • Right to access your data
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to data portability
  • Right to object to processing

9. Children's Privacy

Stillness is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

10. Mobile Applications & Health Data

When Stillness is available on iOS and Android platforms, this Privacy Policy applies equally to those applications.

10.1 Health & Wellness Data (iOS/Apple Health)

When using Stillness on iOS, we may request access to Apple HealthKit data to enhance your experience. All health data access requires your explicit permission.

Data We May Access:

  • Heart Rate: To track physiological response during sessions
  • Resting Heart Rate: To establish baseline metrics
  • Heart Rate Variability (HRV): To assess stress levels and suggest optimal practice times
  • Blood Oxygen: To monitor breathing effectiveness (if available)
  • Respiratory Rate: To correlate with breathing exercises
  • Peripheral Perfusion Index: To measure peripheral blood flow during breathwork

Data We Create:

  • Mindful Minutes: We record completed sessions to Apple Health

Strict Limitations on Health Data:

  • No Advertising: Health data is strictly used for personal health tracking within the app and is never used for advertising, marketing, profiling, or cross-app tracking.
  • No Data Brokers: We will never sell, lease, or rent your HealthKit data to third parties, data brokers, or advertising networks.
  • Restricted Usage: Data is stored securely in your personal account and is not shared with other users.

Your Control:

  • You choose which data types to share during setup
  • You can modify or revoke access anytime in the iOS Health app
  • Disabling health access does not affect core app functionality

11. Contact Us

If you have questions about this Privacy Policy, please contact us:

In Spades Media LLC
Email: privacy@stillness.is
General Support: support@stillness.is