Join the waitlist and be the first to know about barefoot updates
Last Updated: March 31, 2026 | Version 4.0
ADDITIONAL PRIVACY NOTICES: Depending on how you use the App, the following supplemental notices may also apply:
• Consumer Health Data Privacy Policy — for Washington, Connecticut, and Nevada residents: balance.ai/consumer-health-privacy
• Cookie Policy — balance.ai/cookies
• Research Participant Privacy Notice — provided at enrollment in any optional research study
BalanceAI, Inc. ("BalanceAI," "we," "us," or "our") operates the Barefoot mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information. BalanceAI is not a data broker and does not sell your personal information to third parties for payment. We do not use your data for targeted advertising.
Please read this Privacy Policy carefully. By creating an account and tapping "I Agree," you acknowledge you have read this Policy.
| Section | Summary |
|---|---|
| 1. Information We Collect | We collect information you give us, information collected automatically, and information from third-party services. Health and emotional data receives heightened protection. |
| 2. How We Use Your Information | Primarily to operate the App. We include GDPR legal bases for each processing activity. We do not use your health data for advertising or AI training without separate consent. |
| 3. How We Share Your Information | With service providers under binding DPAs, and as legally required. We do not sell your data. |
| 4. Sensitive Personal Information | Your mental health and emotional data is sensitive and receives extra protections. |
| 5. Data Processing Agreements | All processors are contractually bound. |
| 6. AI Features and Automated Decision-Making | The App uses AI for recommendations. EEA users have specific rights. |
| 7. Data Security and Breach Notification | We use encryption, access controls, and have documented breach notification timelines. |
| 8. Data Retention Schedule | Specific retention periods by data category. |
| 9. Your Rights | All users have access, deletion, correction, and portability rights. Jurisdiction-specific rights in Sections 10–12. |
| 10. California Rights (CCPA/CPRA) | Full CPRA rights including sensitive PI limitations and financial incentives. |
| 11. EEA, UK, and Switzerland (GDPR) | Complete GDPR lawful basis table, representatives, DPO, and supervisory authority information. |
| 12. Other U.S. State Rights | Rights for VA, CO, CT, TX, UT, OR, MN, RI, NV, and other states. |
| 13. Children's Privacy | 18+ requirement, COPPA, California AADC. |
| 14. Washington My Health MY Data Act | Dedicated section for WA residents. |
| 15. FTC Health Breach Notification Rule | Breach notification obligations as a PHR vendor. |
| 16. HIPAA Clarification | We are not a HIPAA covered entity. |
| 17. Research Participation Privacy | Separate informed consent governs all research. |
| 18. International Data Transfers | SCCs, EU-U.S. DPF (evaluation), EU/UK representatives. |
| 19. Other Topics | SMS, cookies, DNT, GPC, financial incentives, changes. |
| 20. Contact Us | How to reach us for any privacy matter. |
Account information: Name, email address, phone number (optional, for SMS authentication), and authentication credentials.
Therapeutic feature data: Emotional responses and self-reported emotional state data, journal entries and written reflections, session data (games played, duration, outcomes), and game interaction data. This data constitutes sensitive personal information under CPRA and special category health/mental health data under GDPR Article 9, and receives heightened protection as described throughout this Policy.
Research data (optional): If you separately consent to participate in a research study, we collect participant ID and research-related data as described in the specific research consent form. Research is governed by Section 17 and the separate consent document.
Support communications: Messages, feedback, and support request content.
Onboarding data: Preferences, notification settings, and profile information.
Device and technical data: Device type and model, operating system and version, unique device identifiers, mobile network information, IP address, app version, and crash reports.
Usage data: App features accessed, time spent in the App, interaction patterns, game completion data, and session frequency. On a mental health application, behavioral usage patterns may constitute or reveal information about your emotional or mental health status. We treat inferred health information with the same protections as directly provided health data.
Performance data: Error logs and performance metrics collected via Sentry.
Location data: General city/region-level location derived from IP address. We do not collect precise GPS location unless you separately grant permission for a specific feature.
Inferred data: We may derive insights about your emotional patterns from your use of the App's therapeutic features. This inferred data is treated as sensitive health data.
Authentication providers: AWS Cognito and Firebase (Google) share authentication status and user identifiers with us.
Analytics and monitoring: Amplitude receives usage analytics. Sentry receives error and crash data. Both process data under Data Processing Agreements (DPAs) as our processors.
AI infrastructure: Anthropic (Claude) provides the AI infrastructure powering Barefoot's conversational interface and recommendations. Session data and AI conversation content are processed by this provider under a DPA. See Section 3.1 and Anthropic's privacy policy at anthropic.com/privacy.
Cloud infrastructure: Amazon Web Services (AWS) and Google Cloud Platform (GCP) host and store App data under DPAs.
App Stores: Apple and Google independently collect device and purchase data under their own privacy policies when you download or use the App. We do not control that collection.
Health app integrations: If you choose to connect a third-party health app (such as Apple HealthKit or Google Health Connect), we may receive data from those apps with your permission.
Social sign-on: If you create or log in through a social media service, we receive information (such as name and account identifiers) in accordance with your data sharing settings on that service.
We use personal data only for the purposes described below and do not use your data for materially different purposes without providing new notice and obtaining any required consent. We do not use your health data for targeted advertising or AI model training without separate explicit consent.
| Purpose | Data Used | GDPR Legal Basis | CPRA Category |
|---|---|---|---|
| Operate and deliver the App | Account, device, usage data | Contract (Art. 6(1)(b)) | Business purpose |
| Authenticate your identity | Credentials, phone, device | Contract (Art. 6(1)(b)) | Business purpose |
| Deliver therapeutic features | Emotional/session/journal data | Explicit consent (Art. 9(2)(a)) for health data; Contract (Art. 6(1)(b)) for app delivery | Business purpose |
| Personalize experience | Usage data, emotional data | Legitimate interests (Art. 6(1)(f)); Explicit consent (Art. 9(2)(a)) where health data is used | Business purpose |
| Improve and develop the App | Aggregated/anonymized usage | Legitimate interests (Art. 6(1)(f)) | Business purpose |
| Usage analytics (Amplitude) | Device ID, feature usage | Legitimate interests (Art. 6(1)(f)) | Business purpose |
| Error monitoring (Sentry) | Crash/technical data | Legitimate interests (Art. 6(1)(f)) | Business purpose |
| Power AI Features | Session/conversation data | Explicit consent (Art. 9(2)(a)) for health data; Contract (Art. 6(1)(b)) | Business purpose |
| Account communications | Email, phone | Contract (Art. 6(1)(b)) | Business purpose |
| SMS authentication | Phone number | Contract (Art. 6(1)(b)) | Business purpose |
| Optional updates/reminders | Email, phone | Consent (Art. 6(1)(a)) — opt-in only | With consent |
| Research on emotional well-being | Emotional/session data | Explicit consent (Art. 9(2)(a)) + Research basis (Art. 9(2)(j)) | Research — disclosed in consent form |
| Legal compliance | As required | Legal obligation (Art. 6(1)(c)) | Required by law |
| Enforce Terms / protect rights | Account, usage data | Legitimate interests (Art. 6(1)(f)) | Business purpose |
| Fraud prevention and security | Account, device, technical data | Legitimate interests (Art. 6(1)(f)) | Business purpose |
Legitimate Interests Assessments (LIAs): Where we rely on legitimate interests, we have conducted LIAs confirming our interests are not overridden by your rights. Summaries are available upon request to privacy@balance.ai.
AI model training: We do not use your personal health data, journal entries, or emotional response data to train AI or machine learning models without your separate, explicit, opt-in consent.
Advertising: We do not use your personal data for targeted advertising and do not share it with advertising networks for that purpose.
BalanceAI does not sell your personal information as defined by applicable law, and does not share your personal information for cross-context behavioral advertising.
| Provider | Purpose | Data Shared | Privacy Policy |
|---|---|---|---|
| AWS Cognito | Authentication | User ID, hashed credentials | aws.amazon.com/privacy |
| Firebase (Google) | Authentication | User ID, auth status | firebase.google.com/support/privacy |
| Amazon Web Services | Hosting/storage | All App data (encrypted) | aws.amazon.com/privacy |
| Google Cloud Platform | Hosting/storage | All App data (encrypted) | cloud.google.com/terms/cloud-privacy-notice |
| Amplitude | Usage analytics | Device ID, session, feature usage | amplitude.com/privacy |
| Sentry | Error monitoring | Crash data, device info | sentry.io/privacy |
| Anthropic (Claude) | AI features | Session data, AI conversations | anthropic.com/privacy |
| Google Voice | SMS authentication | Phone number, OTP content | policies.google.com/privacy |
| Stripe | Payment processing | Payment data (tokenized) | stripe.com/privacy |
If you have separately consented to a research study, anonymized or pseudonymized data may be shared with the research partners identified in your consent form. We do not share identifiable health data with research partners without explicit consent.
We may share information with accountants, auditors, lawyers, and other professional advisors subject to confidentiality obligations.
We may disclose your information as required by law or in response to valid legal process (court orders, subpoenas, government requests). We will attempt to notify you where legally permitted, unless prohibited from doing so.
In a merger, acquisition, or asset sale, your information may transfer to the acquiring or surviving entity. We will provide at least 30 days' advance notice by email and in-App. California residents will have the opportunity to opt out as required by CPRA before any transfer.
We may share information with our current subsidiaries and affiliates for the purposes described in this Policy, subject to the same protections described herein.
We may share your information for any other purpose with your explicit prior consent.
We do not share your personal information — including phone number or email — with third parties for their independent marketing or advertising purposes.
The following data we collect constitutes sensitive personal information under CPRA and special category data under GDPR Article 9:
Additional protections: We process this data only for the limited purposes in Section 2.1. We do not use it to infer characteristics unrelated to providing the App. California residents have the right to limit our use of sensitive personal information (Section 10(e)). EEA/UK residents may withdraw consent at any time (Section 11.3). Washington residents are protected under the My Health MY Data Act (Section 14). We do not sell, share, or use sensitive personal information for advertising.
All third-party providers processing personal data on our behalf are contractually bound under DPAs that restrict processing to our documented instructions; require appropriate technical and organizational security measures; require assistance in fulfilling legal obligations; require return or deletion of data upon instruction; and prohibit unauthorized disclosure to third parties. Summaries of DPAs with primary processors are available upon request to privacy@balance.ai.
The App uses AI to generate personalized therapeutic experience recommendations, generate conversational responses, and identify usage patterns to personalize your experience. Before you use or activate any AI Feature, we will let you know you are interacting with AI and give you the choice of whether to proceed.
AI recommendations are suggestions you are free to accept or ignore. We do not use AI to make decisions about healthcare coverage, employment, credit, or other high-stakes determinations. AI-generated content may be inaccurate, incomplete, or contextually inappropriate and does not substitute for professional evaluation.
Our AI recommendation system uses behavioral pattern analysis based on your session data and interactions within the App. We do not use third-party demographic data or advertising profiles in AI recommendations.
If you are in the EEA or UK, you have the right not to be subject to decisions based solely on automated processing that produce significant legal or similarly significant effects on you. To request human review of an AI-generated output, contact privacy@balance.ai with subject line "AI Human Review Request."
No security measure is 100% effective. Contact security@balance.ai to report a security concern.
For U.S. users: Affected users will be notified without unreasonable delay and no later than 60 calendar days after discovery, as required by the FTC Health Breach Notification Rule and Cal. Civ. Code § 1798.82. The FTC will be notified within the same window. State attorneys general will be notified per applicable law.
For EEA/UK users: The applicable supervisory authority will be notified within 72 hours of becoming aware of a breach likely to risk your rights and freedoms (GDPR Article 33). Affected users will be notified without undue delay where the breach is likely to result in high risk (GDPR Article 34).
| Data Category | Standard Retention | After Account Deletion |
|---|---|---|
| Account information (name, email) | Duration of account | Deleted within 30 days of deletion request |
| Authentication credentials | Duration of account | Deleted within 5 business days |
| Phone number (SMS auth) | Duration of account | Deleted within 30 days |
| Emotional/session/game/journal data | Duration of account | Deleted within 30 days (or anonymized for research) |
| AI conversation transcripts | 90 days from session | Deleted within 30 days of account deletion |
| Device/technical data | 13 months rolling | Deleted per rolling window |
| Usage analytics (Amplitude) | 12 months rolling | Deleted per rolling window; aggregate data may be retained |
| Error/crash data (Sentry) | 90 days rolling | Purged per rolling window |
| Research data (with consent) | Per consent form (typically 5 years) | Per consent form; withdrawal rights described in consent |
| Legal hold data | Duration of obligation | Retained only as long as legally required |
| Backup copies | Up to 90 days | Purged from backups within 90 days of primary deletion |
We will email you when your primary data deletion is complete.
Email: privacy@balance.ai — subject line: "Privacy Rights Request"
Web form: balance.ai/privacy-request
Mailing address: BalanceAI, Inc., PO Box 772 Palo Alto, CA 94302, Attn: Privacy
We will acknowledge receipt within 10 business days and respond within the timeframe required by applicable law (45 days for CCPA, 1 month for GDPR). We may extend the deadline with notice.
Authorized agents: You may designate an authorized agent to submit requests on your behalf. Submit a signed authorization letter or power of attorney to privacy@balance.ai.
Appeals: If we deny your request, you may appeal by emailing privacy@balance.ai with subject line "Privacy Rights Appeal." We will respond within 60 days.
| Category | Collected | Sold/Shared for Targeted Advertising |
|---|---|---|
| Identifiers (name, email, IP address, device IDs) | Yes | No |
| Account credentials | Yes | No |
| Commercial/transaction information | Yes (if subscription) | No |
| Internet/network activity (usage patterns, features accessed) | Yes | No |
| Geolocation (city/region from IP) | Yes | No |
| Inferences drawn from usage | Yes | No |
| Sensitive PI: emotional/mental health data, journal entries, session data | Yes | No |
| Biometric data | No | N/A |
| Audio/visual data | No | N/A |
(a) Right to Know. Request the categories and specific pieces of personal information we have collected about you, the sources, our purposes, and the categories of third parties with whom we share it. We respond within 45 days (extendable by 45 days with notice).
(b) Right to Delete. Request deletion of personal information we have collected, subject to legal exceptions under Cal. Civ. Code § 1798.105. We will inform you of any exception we apply.
(c) Right to Correct. Request correction of inaccurate personal information.
(d) Right to Opt Out of Sale/Sharing. We do not sell or share personal information for targeted advertising. If this ever changes, we will provide a "Do Not Sell or Share My Personal Information" link before implementing any such practice.
(e) Right to Limit Sensitive Personal Information. You may direct us to limit our use of your sensitive personal information to what is necessary to provide the services you requested. Exercise this right in the App under Settings → Privacy → Limit Sensitive Data Use, or email privacy@balance.ai with subject line "Limit Sensitive Data Use."
(f) Right to Non-Discrimination. We will not deny goods or services, charge different prices, or provide a different quality of service because you exercised a privacy right.
(g) California Shine the Light. We do not disclose personal information to third parties for their direct marketing purposes.
(h) Notice of Financial Incentives. If we offer any financial incentives, we will provide separate terms for each incentive at the time of the offer.
(i) Authorized Agents. See Section 9.2.
(j) Two Submission Methods. California residents may submit privacy requests by email to privacy@balance.ai or via the web form at balance.ai/privacy-request.
BalanceAI, Inc. is the data controller for personal data processed under this Privacy Policy.
See the full purpose-by-purpose legal basis table in Section 2.1. In summary: Contract performance for account provision, feature delivery, and authentication. Explicit consent for processing health/mental health data and optional communications. Legitimate interests for analytics, security, fraud prevention, and App improvement (with LIAs conducted). Legal obligation for compliance and legal process.
(a) Right of Access (Article 15). Obtain confirmation that we process your personal data and a copy of that data together with information about how it is processed.
(b) Right to Rectification (Article 16). Request correction of inaccurate or incomplete personal data.
(c) Right to Erasure (Article 17). Request deletion of your personal data in circumstances where it is no longer necessary, you withdraw consent, or you object and we have no overriding grounds.
(d) Right to Restrict Processing (Article 18). Request limitation on how we process your data while a dispute is resolved.
(e) Right to Data Portability (Article 20). Receive your personal data in a structured, machine-readable format.
(f) Right to Object (Article 21). Object to processing based on legitimate interests, including profiling. We will stop processing unless we demonstrate compelling legitimate grounds.
(g) Right to Withdraw Consent (Article 7(3)). Withdraw consent at any time for consent-based processing, including health data processing. Email privacy@balance.ai with subject line "Withdraw Health Data Consent."
(h) Right Not to Be Subject to Automated Decisions (Article 22). See Section 6.4.
(i) Response Timelines. We respond within 1 month, extendable by up to 2 months for complex requests with notice.
EEA: edpb.europa.eu | UK: ico.org.uk | Switzerland: edoeb.admin.ch
We ask that you contact us first at privacy@balance.ai to allow us to attempt resolution.
EEA Representative: [EU REPRESENTATIVE NAME AND ORGANIZATION] [ADDRESS] [EMAIL]
UK Representative: [UK REPRESENTATIVE NAME AND ORGANIZATION] [ADDRESS] [EMAIL]
BalanceAI has assessed its GDPR Article 37 obligations and has designated a Privacy Lead responsible for data protection compliance, reachable at privacy@balance.ai. We will reassess this determination as our processing scale changes.
If you are a resident of Virginia, Colorado, Connecticut, Texas, Oregon, Minnesota, Montana, Delaware, Rhode Island, New Hampshire, New Jersey, Nebraska, Indiana, Iowa, Tennessee, Utah, Nevada, Maryland, Kentucky, or another state with a comprehensive privacy law, you have rights substantially similar to those in Section 9.1, including rights to access, correct, delete, and receive a portable copy of your personal data.
State-specific notes:
To exercise any state right: Email privacy@balance.ai with subject line "Privacy Rights Request — [Your State]."
Barefoot is intended for users 18 years of age and older. We do not intentionally collect personal information from users under 18. Age confirmation is required at account creation.
If we discover a user is under 18, we will promptly deactivate the account and delete their data. If you are a parent or guardian and believe your child under 18 has created an account, contact privacy@balance.ai immediately.
We do not knowingly collect personal information from children under 13. If we discover we have done so without parental consent, we will take immediate corrective action.
BalanceAI conducts a Data Protection Impact Assessment (DPIA) prior to making the App available in California, and updates it biannually or upon introduction of new features. We apply default high-privacy settings and restrict use of any minor user data for targeted advertising.
If you are a Washington State resident, the Washington My Health MY Data Act (RCW Chapter 70.372, effective March 31, 2024) provides rights over your consumer health data — defined to include mental health data, emotional health information, health-related behavioral data, and location data that could reveal visits to health facilities.
For comprehensive information, review our Consumer Health Data Privacy Policy at balance.ai/consumer-health-privacy.
Summary of your rights:
How to exercise: Email privacy@balance.ai with subject line "Washington Health Data Request."
As a vendor of personal health records (PHRs), BalanceAI is subject to the FTC Health Breach Notification Rule (16 CFR Part 318).
In the event of a qualifying breach:
Barefoot is a direct-to-consumer wellness application. BalanceAI is not a HIPAA-covered entity and is not a Business Associate of any covered entity as of this Policy's effective date. Your data in Barefoot is not protected by HIPAA's Privacy Rule or Security Rule. Your data is protected by the laws described throughout this Policy (CCPA/CPRA, GDPR, Washington My Health MY Data Act, California CMIA, FTC Act, and FTC Health Breach Notification Rule).
If you separately enroll in a research study:
BalanceAI is based in the United States. For transfers of personal data from the EEA, UK, or Switzerland to the United States, we rely on:
Copies of our SCCs are available upon request to privacy@balance.ai.
See Section 11.5 for EU and UK representative contact information.
Your phone number is used only for SMS authentication and essential account security notifications, unless you separately opt in to additional message types. We do not share your phone number with third parties for marketing. See Terms & Conditions Section 9 for full SMS terms and TCPA consent language.
We use cookies and similar technologies to maintain your session, remember preferences, analyze performance, and personalize experiences. For more information, see our Cookie Policy at balance.ai/cookies.
Disable personalized analytics tracking in the App under Settings → Privacy → Analytics. When you disable analytics, we will stop sending your data to Amplitude for analytics purposes.
We honor the Global Privacy Control (GPC) signal as an opt-out from the sale or sharing of personal information to the extent required by applicable law.
We will notify you of material changes at least 30 days before they take effect, by posting a notice in the App, sending an email to your registered address, and displaying a prominent in-App notice. Prior versions of this Policy are archived and available upon request.
BalanceAI, Inc.
PO Box 772 Palo Alto, CA 94302
| Purpose | Contact | Notes |
|---|---|---|
| General privacy questions | privacy@balance.ai | — |
| Rights requests (all jurisdictions) | privacy@balance.ai | Subject: "Privacy Rights Request" |
| Sensitive data / limit use | privacy@balance.ai | Subject: "Limit Sensitive Data Use" |
| Security / breach reports | security@balance.ai | — |
| Research | research@balance.ai | — |
| CCPA web form | balance.ai/privacy-request | — |
| EU Representative | [EU REP EMAIL] | GDPR inquiries from EEA residents |
| UK Representative | [UK REP EMAIL] | UK GDPR inquiries |
| DPO / Privacy Lead | privacy@balance.ai | Data protection compliance |
This Privacy Policy was last updated on March 31, 2026 (Version 4.0). The prior version (3.0, March 31, 2026) is archived and available upon request.
