Privacy Policy

1. Information We Collect

We collect information you provide directly to us, including account registration data (name, email address, password), profile information (age, gender, fitness goals, training history), health and biometric data you choose to sync (heart rate variability, sleep stages, activity data, body weight), and communications you send us.

We also collect data automatically when you use our services, including device information, IP address, usage analytics, and app performance data. All health data collection is subject to your explicit consent and can be deleted at any time.

2. How We Use Your Information

We use your information to provide, personalise, and improve the SOMA coaching experience. Specifically, we use your health data to generate personalised training recommendations, readiness scores, and recovery insights. We use your email address to send you coaching briefs, product updates, and service communications. We use aggregated, anonymised data to improve our AI models and research outcomes — your individual data is never sold to third parties.

3. Health Data

Health and biometric data is among the most sensitive personal information we process. We treat this data with the highest level of protection. Your health data is encrypted at rest and in transit using AES-256 and TLS 1.3 respectively. We do not sell, rent, or share your individual health data with any third party, including advertisers, insurance companies, or employers. You may request complete deletion of all health data at any time from your account settings or by contacting privacy@trainwithsoma.com.

4. Data Sharing

We do not sell your personal data. We may share your information with trusted service providers who assist us in operating our platform (such as cloud infrastructure providers), only under strict data processing agreements. We may disclose information if required by law or to protect the rights and safety of our users. In the event of a merger or acquisition, user data may be transferred as part of that transaction, and you will be notified.

5. Data Retention

We retain your account data for as long as your account is active or as needed to provide services. Health and biometric data is retained for up to 36 months to enable longitudinal trend analysis, unless you request earlier deletion. You may delete specific data sets or your entire account at any time. Upon account deletion, all personal data is permanently removed within 30 days.

6. Security

We implement industry-standard security measures including end-to-end encryption for health data, regular security audits, access controls and employee training, and incident response procedures. While we take strong precautions, no system is 100% secure. If you believe your account has been compromised, contact us immediately at security@trainwithsoma.com.

7. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or export your personal data; withdraw consent for data processing; object to or restrict processing; and lodge a complaint with a supervisory authority. To exercise these rights, visit your account settings or contact privacy@trainwithsoma.com. See our dedicated GDPR Rights page for detailed information if you are located in the European Economic Area.

8. Children's Privacy

SOMA is not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected data from a child under 16, we will delete that information promptly. If you believe a child has provided us with personal information, please contact us.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or an in-app notification at least 30 days before the changes take effect. Continued use of SOMA after the effective date constitutes acceptance of the updated policy.

10. Contact Us

For privacy-related questions, requests, or concerns, contact our Data Protection Officer at: privacy@trainwithsoma.com. SOMA Technologies, Inc., 340 Pine Street, Suite 800, San Francisco, CA 94104, USA.