How Pulse Intelligence Labs handles Fit With Pulse and PulseCheck data.

This Privacy Policy applies to the websites, mobile apps, pilots, beta features, hosted workflows, integrations, and related services offered by Pulse Intelligence Labs, Inc., including Fit With Pulse, Pulse, QuickLifts, PulseCheck, Group Meet, and other products we make available from time to time.

Additional product-specific, pilot-specific, organization-sponsored, or integration-specific notices may also apply. Those supplemental notices explain details for a particular workflow and should be read together with this policy.

Depending on the Services you use, we may collect personal information in the following categories:

• Identifiers and contact data, such as name, email address, username, phone number, account IDs, and invitation or referral metadata.
• Profile and account data, such as photo, bio, preferences, plan details, role, organization or team affiliation, and login credentials or authentication tokens.
• Fitness, wellness, readiness, recovery, mental-performance, and support-related data, such as workouts, progress, achievements, check-ins, journaling, readiness signals, survey responses, training activity, session history, and support or escalation workflow events.
• Connected device and integration data, such as information you choose to authorize from Apple Health, HealthKit, Oura, Google Calendar, and other approved sources or integrations.
• User content and communications, such as videos, photos, posts, comments, messages, prompts, responses, attachments, and content you create or upload.
• Commercial and billing data, such as purchase history, subscription status, product selections, payment processor identifiers, and transaction records.
• Technical, device, and usage data, such as IP address, browser type, device identifiers, operating system, crash or diagnostic logs, approximate location inferred from network or device data, event telemetry, and interaction history.
• Organization-supplied or sponsor-linked data, such as team, school, coach, clinician, referral, roster, or program metadata when a service is offered through an organization or partner.
• Inferences and derived data, such as engagement trends, risk or support signals, readiness summaries, personalization outputs, and quality or safety review flags generated from the information above.

We collect information directly from you when you create an account, subscribe, connect a device, answer prompts, upload content, or communicate with us.

We also collect information automatically from your device and browser when you use the Services, and from third parties when you choose to connect them or when an organization, partner, payment provider, or service provider legitimately supplies information needed to operate the workflow.

• Directly from you
• From your devices, browsers, and apps
• From wearable, calendar, payment, and identity integrations you authorize
• From coaches, teams, schools, or program sponsors where the workflow is organization-sponsored
• From service providers that help us host, authenticate, secure, analyze, message, or process payments

We use personal information to operate, maintain, secure, and improve the Services, and to provide the features you request.

• Create and manage accounts, authenticate users, and personalize product experiences
• Deliver workouts, readiness flows, check-ins, scheduling, support tools, pilots, and related product features
• Process subscriptions, purchases, entitlement checks, billing, refunds, and transaction support
• Run analytics, debugging, quality assurance, product improvement, fraud detection, safety review, and operational monitoring
• Send administrative messages, service notices, invitations, reminders, support communications, and, where permitted, marketing messages
• Support organization-sponsored, coach-linked, team, school, clinician, and partner workflows when those are part of the product design and disclosures
• Generate de-identified or aggregated reporting, research, and product-improvement insights
• Comply with law, enforce our terms, protect rights and safety, and investigate incidents or abuse

We disclose personal information only as reasonably necessary to operate the Services, support the workflows you use, comply with law, and protect people and systems.

• Service providers and contractors that support hosting, cloud infrastructure, storage, authentication, communications, analytics, billing, subscriptions, and customer support, including providers such as Firebase, Mixpanel, Stripe, RevenueCat, Brevo, and similar operational vendors
• Third-party platforms or integrations you choose to connect, such as Apple Health, Oura, Google Calendar, app stores, and identity or messaging services
• Coaches, team admins, school staff, clinicians, support partners, or program sponsors when a product or pilot is designed to share information with those roles and the applicable disclosures, permissions, or role rules allow it
• Legal, regulatory, safety, audit, insurance, financing, or transaction counterparties where required or reasonably necessary
• Affiliates or successors in connection with a merger, financing, reorganization, asset sale, acquisition, or similar business transaction

Some Services involve wellness, readiness, recovery, or support-related data. If you connect a wearable or health source, we use the data you authorize for the purposes described in the relevant workflow, such as providing product features, personalization, pilot operations, and internal evaluation.

If a service is sponsored by a coach, team, school, clinic, employer, or other organization, authorized staff or partners may be able to view information consistent with that workflow’s permissions, disclosures, consents, and role boundaries.

Not all information in our consumer products is protected by HIPAA. Unless a service is offered by or on behalf of a HIPAA covered entity or business associate in a qualifying workflow, information you enter into or connect to the Services may not be subject to HIPAA protections.

• Review any pilot, school, team, or program disclosures carefully because those workflows may include different recipients, support partners, or retention expectations.
• Where health, wearable, or support data is especially sensitive, we aim to limit collection, use, and disclosure to the minimum reasonably necessary for the feature or workflow.
• If a workflow does involve a covered entity, business associate, or other regulated healthcare posture, additional notices or authorizations may apply.

Some Services use AI-assisted or automated systems to generate workouts, prompts, summaries, recommendations, scheduling suggestions, support signals, or other outputs. We may use information you provide to generate those outputs, improve quality, review failures, or monitor product performance and safety.

AI or automated outputs can be incomplete or inaccurate and should not be treated as medical, therapeutic, legal, or emergency guidance.

We and our service providers use cookies, SDKs, local storage, pixels, device identifiers, and similar technologies to keep you signed in, remember preferences, measure performance, secure the Services, understand usage, and communicate with you.

Our products may use analytics and messaging providers, including web and mobile event tools, crash or usage diagnostics, email delivery, and subscription or payment vendors.

• You can often control cookies through browser settings and device identifiers or permissions through your device settings, although disabling some tools may affect product functionality.
• You can opt out of marketing emails by using the unsubscribe link in the message or by contacting us.
• If you disconnect an integration, we will stop using it for future syncs, subject to operational records, cached data, and lawful retention obligations.

We retain personal information for as long as reasonably necessary for the purposes described in this policy, including product operation, account maintenance, security, fraud prevention, compliance, dispute resolution, and recordkeeping.

Retention periods vary by category and context. We may delete, anonymize, aggregate, or de-identify data when it is no longer reasonably needed in identifiable form.

• Account and profile data are generally retained while your account is active and for a reasonable period afterward to support deletion processing, security, fraud prevention, and legal compliance.
• Workout, wellness, pilot, check-in, communication, and content records are generally retained while needed for the product experience, the active program, operational review, or until deletion or de-identification is appropriate.
• Billing, tax, payout, payment, and subscription records may be retained longer to meet accounting, audit, tax, chargeback, platform, and legal requirements.
• Technical logs and diagnostics may be retained for shorter periods needed for debugging, security review, and abuse prevention, although certain incident or audit logs may be retained longer.
• De-identified or aggregated data may be retained longer for analytics, system improvement, research, benchmarking, and operational learning where permitted by law.

We use administrative, technical, and organizational safeguards designed to protect personal information, such as access controls, encrypted transport, protected infrastructure, monitoring, and internal access restrictions.

No method of transmission, storage, or security control is perfect, and we cannot guarantee absolute security.

If we determine that a reportable security incident or breach has occurred, we will provide notices required by applicable law. Certain health-related products or workflows may also be subject to specific breach-notification obligations under applicable law, including the FTC Health Breach Notification Rule where relevant.

Depending on where you live and the Services you use, you may have rights to request access to, correction of, deletion of, or a copy of certain personal information, and to object to or limit certain processing activities.

You may also be able to withdraw permissions for device integrations, disconnect connected accounts, update profile information, manage communications, or delete your account directly through the app or related tools.

• Account deletion: use the in-app flow where available or visit our account deletion page
• Marketing opt-out: use the unsubscribe link or contact us
• Integration permissions: disconnect the integration in the app or through the third-party provider settings where available
• Access, deletion, correction, portability, or appeal requests: contact us using the details below

Residents of California and certain other U.S. states may have additional rights, including the right to know the categories of personal information we collect, sources, purposes, categories of recipients, the right to request deletion or correction, the right to obtain a portable copy of certain information, and the right to opt out of certain types of sale, sharing, or targeted advertising where those rights apply.

We do not sell personal information for money. We disclose personal information to service providers, contractors, partners, and workflow participants as described in this policy. If we engage in an activity that triggers an additional opt-out right under applicable law, we will provide the notice and method required by that law.

To exercise rights requests, contact us using the information below. We may need to verify your identity before completing certain requests.

Our consumer Services are not directed to children under 13. If we learn that we collected personal information from a child under 13 without appropriate authorization, we will take steps to delete it as required by law.

Some organization-sponsored or school-linked workflows may involve teens or student-athletes. Those programs may require parental, guardian, school, or program authorization depending on the workflow and applicable law.

We may update this Privacy Policy from time to time. If we make material changes, we may provide notice by updating this page, through the Services, or by other reasonable means. The “effective date” above reflects the latest version.