Your body's data is yours.
We're just borrowing it.

1 · The short version

PostureVision analyzes live camera frames on your device to measure posture, stability, focus, and presence. We store the measurements (scores, timestamps, session summaries) — never the raw video feed, unless you explicitly opt into session-replay recording.

We do not sell your data. Ever. We do not advertise to you. We do not share personally identifiable information with third parties except where necessary to provide the service (payment processing, email delivery) or required by law.

2 · What we collect

Account information

• Email address (required)
• Name or display name (optional)
• Hashed password (never stored in plain text)
• Subscription/billing status (via Stripe — we never see your card number)

Onboarding intake (optional, user-provided)

• Age range and biological sex (for clinical norms comparison)
• Primary wellness concern
• Current pain level
• Any red-flag symptoms you flag during onboarding (so we can route you to appropriate care)

Session measurements (generated during use)

• Posture, stability, focus, presence, and composite Poise scores
• Session timestamps, duration, module used (Mirror Mode, ROM, Daily Check, etc.)
• Aggregated skeletal keypoint metrics (angles, ratios — never pixel data)
• Blink rate, fatigue score, and other derived wellness signals
• Self-Correction events (when you caught and fixed your own posture)

Technical data

• Device type, browser, operating system (for compatibility)
• IP address (for security and rate-limiting; not used for tracking)
• Crash and error reports (anonymized — see §5)

3 · About your camera feed

Your camera feed is processed live. Frames flow from your camera through our computer-vision models to extract posture measurements. The measurements are small numeric values (angles, keypoint positions, confidence scores) — not images.

By default, raw video frames are never stored or transmitted to our servers. Measurement extraction runs either in your browser or on our inference servers over an encrypted connection, and the video frames are discarded immediately after measurement.

Session replay (opt-in only): If you enable the Self-Corrections replay feature, we store a low-resolution silhouette reconstruction of your session (not your actual video). You can disable this at any time in Settings, and any stored silhouettes will be deleted within 30 days of the feature being turned off.

4 · How we use your data

• Provide the service: Generate scores, trend lines, achievements, and coaching cues tailored to you
• Improve the product: Analyze aggregated, de-identified session data to improve our models and UX
• Communicate with you: Send session summaries, reminders, and billing notifications (you can unsubscribe from non-essential emails at any time)
• Keep the service secure: Detect fraud, abuse, or security threats
• Comply with the law: Respond to lawful requests from authorities when we're legally required

We do not use your data to train external AI models, to profile you for advertising, or to sell to data brokers.

5 · Who we share with (and don't)

We share limited data with trusted service providers

• Stripe / RevenueCat: Subscription and payment processing. Stripe handles card data; we never see it.
• Email provider: Transactional emails (receipts, resets, session summaries)
• Cloud infrastructure: Session measurements are stored in encrypted databases on AWS / equivalent cloud infrastructure
• Error monitoring: Anonymized crash reports to help us fix bugs (personally identifiable information is stripped)
• Product analytics: Aggregated, de-identified usage patterns (which features are used, retention) — no individual behavior profiling

We never share

• Your raw video or any visual representation of you with third parties
• Your onboarding intake answers (medical concerns, pain level) with anyone outside PostureVision's clinical review team
• Personally identifiable data with advertisers, data brokers, or aggregators

6 · How long we keep data

• Session measurements: Retained for the duration of your active subscription plus 12 months, so you can see long-term trends. You can delete any individual session at any time.
• Session replay silhouettes: 30 days by default (can be shortened in Settings)
• Account data: Retained until you delete your account, then purged within 30 days (see §8)
• Billing records: Retained for 7 years as required by tax law
• Support / abuse logs: 2 years for security and safety purposes

7 · Your rights

Depending on where you live, you have legal rights regarding your data. PostureVision honors these rights globally, not just where required:

• Access: Get a copy of the data we hold about you
• Correction: Fix information that's wrong
• Deletion: Request that we delete your data (see §8)
• Portability: Receive your session data in a machine-readable format
• Object / restrict: Ask us to limit how we process your data
• Withdraw consent: Revoke any consent you've given (for example, to session replay recording)

To exercise any of these rights, email privacy@posture.vision. We respond within 30 days.

8 · Deleting your account

You can delete your PostureVision account at any time from Settings → Account → Delete Account.

When you delete your account:

• All session measurements, replay silhouettes, intake answers, and profile data are purged within 30 days
• Your email and authentication records are purged within 30 days
• Billing records are retained as required by law (7 years) but isolated from all personally identifiable data
• Your subscription is canceled automatically — no further charges

Deletion is permanent and cannot be undone. If you want a copy of your data before deleting, use the "Export my data" button first.

9 · Medical disclaimer

PostureVision is a wellness tool, not a medical device. We are not your doctor, chiropractor, physical therapist, or any other licensed clinician. Our scores, cues, and trend lines are designed to help you build awareness — not to diagnose, treat, or prevent any medical condition.

If you experience any of the symptoms listed as red flags during onboarding (radicular pain, numbness, loss of bladder/bowel control, progressive weakness, recent head trauma), please see a licensed medical professional before relying on wellness tools like PostureVision.

10 · HIPAA posture

PostureVision is not a HIPAA-covered entity. We do not provide healthcare services and we are not a business associate of any healthcare provider. The data we collect is wellness data, not Protected Health Information (PHI) under HIPAA.

We hold ourselves to HIPAA-informed standards anyway — encryption at rest and in transit, access auditing, principle of least privilege, and breach-response protocols — because your body's data deserves that level of care, regardless of whether the law requires it.

11 · Children

PostureVision is not intended for users under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us with data, please contact us and we will promptly delete it.

For users aged 13–17, a parent or guardian must review and accept this policy on their behalf.

12 · Changes to this policy

When we make material changes to this policy, we'll notify you by email at least 14 days before the changes take effect. Non-material changes (wording clarifications, typo fixes) will be noted in the "Last updated" date at the top of this page.

Continuing to use PostureVision after a change means you accept the revised policy. If you disagree, you can delete your account at any time.

13 · Contact us