Join the waitlist and be the first to know about barefoot updates
ADDITIONAL PRIVACY NOTICES: Depending on how you use the App, the following supplemental notices may also apply:
• Consumer Health Data Privacy Policy — for Washington, Connecticut, and Nevada residents: pub.gobarefoot.app/consumer-health-privacy
• Cookie Policy — pub.gobarefoot.app/cookies
• Research Participant Privacy Notice — provided at enrollment in any optional research study
BalanceAI, Inc. ("BalanceAI," "we," "us," or "our") operates the Barefoot mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information. BalanceAI is not a data broker and does not sell your personal information to third parties for payment. We do not use your data for targeted advertising.
Please read this Privacy Policy carefully. By creating an account and tapping "I Agree," you acknowledge you have read this Policy.
| Section | Summary |
|---|---|
| 1. Information We Collect | We collect information you give us, information collected automatically, and information from third-party services. Health, emotional, and voice biometric data receives heightened protection. |
| 2. How We Use Your Information | Primarily to operate the App. We include GDPR legal bases for each processing activity. We do not use your health data for advertising or AI training without separate consent. |
| 3. How We Share Your Information | With service providers under binding DPAs, and as legally required. We do not sell your data. |
| 4. Sensitive Personal Information | Your mental health, emotional, and voice biometric data is sensitive and receives extra protections. |
| 5. Data Processing Agreements | All processors are contractually bound. |
| 6. AI Features and Automated Decision-Making | The App uses AI for recommendations. EEA users have specific rights. |
| 7. Data Security and Breach Notification | We use encryption, access controls, and have documented breach notification timelines. |
| 8. Data Retention Schedule | Specific retention periods by data category. |
| 9. Your Rights | All users have access, deletion, correction, and portability rights. Jurisdiction-specific rights in Sections 10–12. |
| 10. California Rights (CCPA/CPRA) | Full CPRA rights including sensitive PI limitations and financial incentives. |
| 11. EEA, UK, and Switzerland (GDPR) | Complete GDPR lawful basis table, representatives, DPO, and supervisory authority information. |
| 12. Other U.S. State Rights | Rights for VA, CO, CT, TX, UT, OR, MN, RI, NV, and other states. |
| 13. Children's Privacy | 18+ requirement, COPPA, California AADC. |
| 14. Washington My Health MY Data Act | Dedicated section for WA residents. |
| 15. FTC Health Breach Notification Rule | Breach notification obligations as a PHR vendor. |
| 16. HIPAA Clarification | We are not a HIPAA covered entity. |
| 17. Research Participation Privacy | Separate informed consent governs all research. |
| 18. International Data Transfers | SCCs, EU-U.S. DPF (evaluation), EU/UK representatives. |
| 19. Other Topics | SMS, cookies, DNT, GPC, financial incentives, changes. |
| 20. Contact Us | How to reach us for any privacy matter. |
Account information: Name, email address, phone number (optional, for SMS authentication), and authentication credentials.
Therapeutic feature data: Emotional responses and self-reported emotional state data, journal entries and written reflections, session data (games played, duration, outcomes), and game interaction data (choices, patterns, and responses within therapeutic games). This data constitutes sensitive personal information under the California Privacy Rights Act (CPRA) and special category health/mental health data under GDPR Article 9, and receives heightened protection as described throughout this Policy.
Voice recordings and voice biometric data: If you use the Path feature or voice-based modules within the App, you will be asked to record a voice sample (20–60 seconds). Your voice recording is used to generate a stress analysis ("peace score"). Voice recordings and the biometric data derived from them are regulated under the Illinois Biometric Information Privacy Act (BIPA, 740 ILCS 14) and similar state biometric privacy laws, and constitute sensitive personal information under CPRA and special category data under GDPR Article 9. We will obtain your separate, explicit consent before activating any voice biometric feature. Your voice recording is transmitted directly from your device to Canary Speech, Inc. (our voice biometric processor) via a secure, encrypted connection. See Sections 1.3 and 3.1.
Research data (optional): If you separately consent to participate in a research study, we collect participant ID and research-related data as described in the specific research consent form. Research is governed by Section 17 and the separate consent document.
Support communications: Messages, feedback, and support request content.
Onboarding data: Preferences, notification settings, and profile information.
Device and technical data: Device type and model, operating system and version, unique device identifiers, mobile network information, IP address, app version, and crash reports.
Usage data: App features accessed, time spent in the App, interaction patterns, game completion data, and session frequency. On a mental health application, behavioral usage patterns may constitute or reveal information about your emotional or mental health status. We treat inferred health information with the same protections as directly provided health data.
Performance data: Error logs and performance metrics collected via Sentry.
Location data: General city/region-level location derived from IP address. We do not collect precise GPS location unless you separately grant permission for a specific feature. Location data that could indicate visits to health-related facilities is treated as consumer health data under applicable state law.
Inferred data: We may derive insights about your emotional patterns and stress levels from your use of the App's therapeutic features, including voice analysis. This inferred data is treated as sensitive health data. We do not make health-related inferences from incidental feedback or general communications not intended for that purpose.
Authentication providers: AWS Cognito shares authentication status and user identifiers with us.
Analytics and monitoring: Amplitude receives usage analytics. Sentry receives error and crash data. Both process data under Data Processing Agreements (DPAs) as our processors.
AI infrastructure: Amazon Web Services (AWS) provides the AI infrastructure powering Barefoot's conversational interface and recommendations. Session data and AI conversation content are processed by this provider under a DPA. See Section 3.1 and AWS's privacy policy at https://aws.amazon.com/privacy/.
Voice biometric analysis: Canary Speech, Inc. ("Canary Speech") processes voice recordings to generate stress analysis scores on our behalf. When you use the Path feature or voice-based modules, your voice recording is uploaded directly from your device to Canary Speech's servers via a pre-signed secure URL. Canary Speech receives: your voice recording (WAV audio, 20–60 seconds), an anonymous assessment identifier, and metadata about the recording (duration, file size). Canary Speech assigns you a persistent subject identifier that we store in our systems. Voice files are de-identified and destroyed by Canary Speech immediately after analysis. The processor relationship is covered under our MSA with Canary Speech (§7). See Section 3.1.
Cloud infrastructure: Amazon Web Services (AWS) hosts and stores App data under a DPA.
App Stores: Apple and Google independently collect device and purchase data under their own privacy policies when you download or use the App. We do not control that collection.
Health app integrations: If you choose to connect a third-party health app (such as Apple HealthKit or Google Health Connect), we may receive data from those apps with your permission. That third party's privacy policy and terms also apply. We do not infer health-related characteristics from this data beyond the purpose for which it was originally provided.
Social sign-on: If you create or log in through a social media service, we receive information (such as name and account identifiers) in accordance with your data sharing settings on that service.
We use personal data only for the purposes described below and do not use your data for materially different purposes without providing new notice and obtaining any required consent. We do not use your health data for targeted advertising or AI model training without separate explicit consent.
| Purpose | Data Used | GDPR Legal Basis | CPRA Category |
|---|---|---|---|
| Operate and deliver the App | Account, device, usage data | Contract (Art. 6(1)(b)) | Business purpose |
| Authenticate your identity | Credentials, phone, device | Contract (Art. 6(1)(b)) | Business purpose |
| Deliver therapeutic features | Emotional/session/journal data | Explicit consent (Art. 9(2)(a)) for health data; Contract (Art. 6(1)(b)) for app delivery | Business purpose |
| Voice biometric analysis (Path / WavRecorder) | Voice recordings, biometric assessment data | Explicit consent (Art. 9(2)(a)) for biometric/health data | Business purpose — sensitive PI |
| Personalize experience | Usage data, emotional data | Legitimate interests (Art. 6(1)(f)) for usage/behavioral; Explicit consent (Art. 9(2)(a)) where health data is used | Business purpose |
| Improve and develop the App | Aggregated/anonymized usage | Legitimate interests (Art. 6(1)(f)) | Business purpose |
| Usage analytics (Amplitude) | Device ID, feature usage | Legitimate interests (Art. 6(1)(f)) | Business purpose |
| Error monitoring (Sentry) | Crash/technical data | Legitimate interests (Art. 6(1)(f)) | Business purpose |
| Power AI Features | Session/conversation data | Explicit consent (Art. 9(2)(a)) for health data; Contract (Art. 6(1)(b)) | Business purpose |
| Account communications | Email, phone | Contract (Art. 6(1)(b)) | Business purpose |
| SMS authentication | Phone number | Contract (Art. 6(1)(b)) | Business purpose |
| Optional updates/reminders | Email, phone | Consent (Art. 6(1)(a)) — opt-in only | With consent |
| Research on emotional well-being | Emotional/session data | Explicit consent (Art. 9(2)(a)) + Research basis (Art. 9(2)(j)) with safeguards | Research — disclosed in consent form |
| Legal compliance | As required | Legal obligation (Art. 6(1)(c)) | Required by law |
| Enforce Terms / protect rights | Account, usage data | Legitimate interests (Art. 6(1)(f)) | Business purpose |
| Fraud prevention and security | Account, device, technical data | Legitimate interests (Art. 6(1)(f)) | Business purpose |
Legitimate Interests Assessments (LIAs): Where we rely on legitimate interests, we have conducted LIAs confirming our interests are not overridden by your rights. Summaries are available upon request to privacy@balance.ai.
AI model training: We do not use your personal health data, journal entries, voice recordings, or emotional response data to train AI or machine learning models without your separate, explicit, opt-in consent.
Advertising: We do not use your personal data for targeted advertising and do not share it with advertising networks for that purpose.
BalanceAI does not sell your personal information as defined by applicable law, and does not share your personal information for cross-context behavioral advertising.
We share data with the following service providers under DPAs that require them to protect your data and use it only for specified purposes:
| Provider | Purpose | Data Shared | Privacy Policy |
|---|---|---|---|
| AWS Cognito | Authentication | User ID, hashed credentials | aws.amazon.com/privacy |
| Amazon Web Services | Hosting/storage | All App data (encrypted) | aws.amazon.com/privacy |
| Amplitude | Usage analytics | Device ID, session, feature usage | amplitude.com/privacy |
| Sentry | Error monitoring | Crash data, device info | sentry.io/privacy |
| Amazon Web Services (Bedrock) | AI features | Session data, AI conversations | aws.amazon.com/privacy |
| Canary Speech, Inc. | Voice biometric analysis / stress score generation | Voice recordings (WAV audio, 20–60 sec), assessment metadata, anonymous subject ID | canaryspeech.com/legal |
| AWS Cognito (Amazon SNS) | SMS authentication (OTPs) | Phone number, OTP content | aws.amazon.com/privacy |
| Stripe | Payment processing | Payment data (tokenized) | stripe.com/privacy |
Note on Canary Speech data flow: Your voice recording is transmitted directly from your device to Canary Speech's storage infrastructure via a pre-signed, encrypted URL obtained through our backend. The voice audio does not pass through BalanceAI's servers. BalanceAI's backend coordinates the assessment (begin/end) and retrieves the resulting scores; the voice audio itself goes directly to Canary Speech. Voice files are de-identified and destroyed by Canary Speech immediately after analysis.
If you have separately consented to a research study, anonymized or pseudonymized data may be shared with the research partners identified in your consent form. We do not share identifiable health data with research partners without explicit consent. All sharing complies with research ethics requirements and, where applicable, IRB protocols.
We may share information with accountants, auditors, lawyers, and other professional advisors subject to confidentiality obligations.
We may disclose your information as required by law or in response to valid legal process (court orders, subpoenas, government requests). We will attempt to notify you where legally permitted, unless prohibited from doing so.
In a merger, acquisition, or asset sale, your information may transfer to the acquiring or surviving entity. We will provide at least 30 days' advance notice by email and in-App. California residents will have the opportunity to opt out as required by CPRA before any transfer. If a transfer results in a material change to how your data is used, you will have the opportunity to delete your data before the change takes effect.
We may share information with our current subsidiaries and affiliates for the purposes described in this Policy, subject to the same protections described herein. Any affiliate that receives your personal information is required to treat it in a manner consistent with this Policy.
We may share your information for any other purpose with your explicit prior consent.
We do not share your personal information — including phone number or email — with third parties for their independent marketing or advertising purposes.
The following data we collect constitutes sensitive personal information under CPRA and special category data under GDPR Article 9:
Additional protections for this data:
All third-party providers processing personal data on our behalf are contractually bound under DPAs that: restrict processing to our documented instructions; require appropriate technical and organizational security measures; require assistance in fulfilling legal obligations under GDPR, CCPA/CPRA, and applicable law; require return or deletion of data upon instruction; and prohibit unauthorized disclosure to third parties. Summaries of DPAs with primary processors are available upon request to privacy@balance.ai.
All processors, including Canary Speech, are bound under data processing terms requiring them to process data only for specified purposes and to implement appropriate security safeguards.
The App uses AI to generate personalized therapeutic experience recommendations, generate conversational responses, and identify usage patterns to personalize your experience. Voice-based features additionally use Canary Speech's voice biometric analysis to generate a stress (peace) score based on acoustic properties of your voice. Before you use or activate any AI Feature or voice biometric feature, we will let you know you are interacting with AI and/or biometric analysis and give you the choice of whether to proceed.
AI recommendations and voice-based scores are suggestions and indicators you are free to accept or ignore. We do not use AI or voice biometric scores to make decisions about healthcare coverage, employment, credit, or other high-stakes determinations. AI-generated content may be inaccurate, incomplete, or contextually inappropriate and does not substitute for professional evaluation.
Our AI recommendation system uses behavioral pattern analysis based on your session data and interactions within the App. Our voice-based stress analysis uses acoustic features of your voice recording processed by Canary Speech. We do not use third-party demographic data or advertising profiles in AI recommendations. Personalized recommendations are generated by processing your in-App activity; they are not derived from comparison with other users' identifiable data.
If you are in the EEA or UK, you have the right not to be subject to decisions based solely on automated processing that produce significant legal or similarly significant effects on you. To request human review of an AI-generated output, contact privacy@balance.ai with subject line "AI Human Review Request." You may also object to profiling under GDPR Article 21; see Section 11.3(f).
The AI Chat feature in Barefoot is powered by Claude, an AI model developed by Anthropic, PBC, accessed and hosted internally via Amazon Web Services (AWS Bedrock).
What data is sent to AWS: When you use the AI Chat feature, your chat messages and limited wellness session context (such as the current activity you are engaged in) are transmitted to AWS for the purpose of generating responses. Your name, email address, voice recordings, and health scores are never sent to AWS.
How AWS uses your data: AWS processes your messages solely to generate responses within the app. AWS does not use your conversation data to train its AI models. BalanceAI has a Data Processing Agreement (DPA) with AWS that restricts data use to service delivery only.
Your permission: The AI Chat feature requires your explicit in-app consent before first use. You may withdraw consent and disable AI Chat at any time in Settings → Privacy → AI Features.
Equal protection: AWS maintains privacy and security standards equivalent to or exceeding those described in this policy. AWS's privacy policy is available at aws.amazon.com/privacy.
No security measure is 100% effective. Contact security@balance.ai to report a security concern.
For U.S. users:
For EEA/UK users:
We retain personal data only as long as necessary for the stated purpose plus any legally required retention period.
| Data Category | Standard Retention | After Account Deletion |
|---|---|---|
| Account information (name, email) | Duration of account | Deleted within 30 days of deletion request |
| Authentication credentials | Duration of account | Deleted within 5 business days |
| Phone number (SMS auth) | Duration of account | Deleted within 30 days |
| Emotional/session/game/journal data | Duration of account | Deleted within 30 days (or anonymized for research — see note) |
| AI conversation transcripts | 90 days from session | Deleted within 30 days of account deletion |
| Voice recordings (Path / WavRecorder) | De-identified and destroyed by Canary Speech immediately after analysis; not retained | BalanceAI-stored assessment scores and Canary subject ID deleted within 30 days of account deletion |
| Voice biometric assessment scores | Duration of account (stored in BalanceAI systems) | Deleted within 30 days of account deletion |
| Device/technical data | 13 months rolling | Deleted per rolling window |
| Usage analytics (Amplitude) | 12 months rolling | Deleted per rolling window; aggregate/anonymized data may be retained |
| Error/crash data (Sentry) | 90 days rolling | Purged per rolling window |
| Research data (with consent) | Per consent form (typically 5 years) | Per consent form; withdrawal rights described in consent |
| Legal hold data | Duration of obligation | Retained only as long as legally required |
| Backup copies | Up to 90 days | Purged from backups within 90 days of primary deletion |
Anonymized data: We may retain truly anonymized data (which cannot reasonably be re-linked to you) after account deletion for aggregate research and analytics. This is not personal data.
AI provider retention: The retention schedule above covers data held in BalanceAI-controlled systems. AI conversation data transmitted to Anthropic is also subject to Anthropic's own data retention and usage policies, available at https://www.anthropic.com/privacy. We contractually limit Anthropic's use of this data under our DPA, but Anthropic's independent retention periods apply to their copy of transmitted data.
Research data: If you enrolled in a research study, data collected under that separate consent may be retained per the study protocol as disclosed in your consent form. You may withdraw from research at any time.
Deletion confirmation: We will email you when your primary data deletion is complete.
Regardless of your location, subject to applicable law:
Email: privacy@balance.ai — subject line: "Privacy Rights Request"
Web form: https://pub.gobarefoot.app/privacy-request
Mailing address: BalanceAI, Inc., PO Box 772 Palo Alto, CA 94302, Attn: Privacy
We will acknowledge receipt within 10 business days and respond within the timeframe required by applicable law (45 days for CCPA, 1 month for GDPR — see Sections 10 and 11). We may extend the deadline with notice.
We will verify your identity before processing sensitive requests. We will not deny your request solely because we cannot verify through standard methods; we will contact you to discuss alternatives.
Authorized agents: You may designate an authorized agent to submit requests on your behalf. Submit a signed authorization letter or power of attorney to privacy@balance.ai. We may verify the agent's authority and your identity directly.
Appeals: If we deny your request, you may appeal by emailing privacy@balance.ai with subject line "Privacy Rights Appeal." We will respond within 60 days. You may also contact your applicable state attorney general.
This section supplements the rest of the Policy for California residents.
| Category | Collected | Sold/Shared for Targeted Advertising |
|---|---|---|
| Identifiers (name, email, IP address, device IDs) | Yes | No |
| Account credentials | Yes | No |
| Commercial/transaction information | Yes (if subscription) | No |
| Internet/network activity (usage patterns, features accessed) | Yes | No |
| Geolocation (city/region from IP) | Yes | No |
| Inferences drawn from usage | Yes | No |
| Sensitive PI: emotional/mental health data, journal entries, session data | Yes | No |
| Biometric data (voice recordings and voice biometric data via Path / WavRecorder features) | Yes — collected only with separate, explicit consent | No |
| Audio/visual data (voice recordings) | Yes — collected only with separate, explicit consent | No |
BalanceAI does not sell personal information for payment and does not share personal information for cross-context behavioral advertising.
(a) Right to Know. Request the categories and specific pieces of personal information we have collected about you, the sources, our purposes, and the categories of third parties with whom we share it. We respond within 45 days (extendable by 45 days with notice).
(b) Right to Delete. Request deletion of personal information we have collected, subject to legal exceptions under Cal. Civ. Code § 1798.105. We will inform you of any exception we apply. For biometric data held by Canary Speech, we will direct deletion to Canary Speech on your behalf.
(c) Right to Correct. Request correction of inaccurate personal information.
(d) Right to Opt Out of Sale/Sharing. We do not sell or share personal information for targeted advertising. If this ever changes, we will provide a "Do Not Sell or Share My Personal Information" link before implementing any such practice.
(e) Right to Limit Sensitive Personal Information. You may direct us to limit our use of your sensitive personal information (emotional, mental health, voice biometric, and health-related data) to what is necessary to provide the services you requested. Exercise this right in the App under Settings → Privacy → Limit Sensitive Data Use, or email privacy@balance.ai with subject line "Limit Sensitive Data Use." Limiting voice biometric data use will disable the Path stress score feature.
(f) Right to Non-Discrimination. We will not deny goods or services, charge different prices, or provide a different quality of service because you exercised a privacy right.
(g) California Shine the Light (Cal. Civ. Code § 1798.83). We do not disclose personal information to third parties for their direct marketing purposes. To confirm this, email privacy@balance.ai with subject line "Shine the Light Request."
(h) Notice of Financial Incentives. If we offer any financial incentives (for example, for participation in surveys or research), we will provide separate terms for each incentive at the time of the offer, describing the terms, value of the personal information involved, and how to opt in and out. Participation in financial incentives is always voluntary.
(i) Authorized Agents. See Section 9.2.
(j) Two Submission Methods. California residents may submit privacy requests by email to privacy@balance.ai or via the web form at https://pub.gobarefoot.app/privacy-request.
BalanceAI, Inc. is the data controller for personal data processed under this Privacy Policy.
See the full purpose-by-purpose legal basis table in Section 2.1. In summary: Contract performance for account provision, feature delivery, and authentication. Explicit consent for processing health/mental health data, voice biometric data, and optional communications. Legitimate interests for analytics, security, fraud prevention, and App improvement (with LIAs conducted). Legal obligation for compliance and legal process.
(a) Right of Access (Article 15). Obtain confirmation that we process your personal data and a copy of that data together with information about how it is processed.
(b) Right to Rectification (Article 16). Request correction of inaccurate or incomplete personal data.
(c) Right to Erasure (Article 17). Request deletion of your personal data in circumstances where it is no longer necessary, you withdraw consent, or you object and we have no overriding grounds. For voice biometric data, erasure requests will be directed to Canary Speech.
(d) Right to Restrict Processing (Article 18). Request limitation on how we process your data while a dispute is resolved.
(e) Right to Data Portability (Article 20). Receive your personal data in a structured, machine-readable format.
(f) Right to Object (Article 21). Object to processing based on legitimate interests, including profiling. We will stop processing unless we demonstrate compelling legitimate grounds.
(g) Right to Withdraw Consent (Article 7(3)). Withdraw consent at any time for consent-based processing, including health data and voice biometric data processing. Withdrawal does not affect lawfulness of prior processing. Email privacy@balance.ai with subject line "Withdraw Health Data Consent" or "Withdraw Voice Biometric Consent."
(h) Right Not to Be Subject to Automated Decisions (Article 22). See Section 6.4.
(i) Response Timelines. We respond within 1 month, extendable by up to 2 months for complex requests with notice.
(EEA) You have the right to lodge a complaint with the supervisory authority in your member state: https://edpb.europa.eu/about-edpb/board/members_en
(UK) Information Commissioner's Office (ICO): https://ico.org.uk/global/contact-us/
(Switzerland) Federal Data Protection and Information Commissioner (FDPIC): https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html
We ask that you contact us first at privacy@balance.ai to allow us to attempt resolution.
EEA Representative: [EU REPRESENTATIVE NAME AND ORGANIZATION] [ADDRESS] [EMAIL]
UK Representative: [UK REPRESENTATIVE NAME AND ORGANIZATION] [ADDRESS] [EMAIL]
EEA and UK data subjects may contact these representatives to exercise GDPR rights or raise concerns.
[Option A: BalanceAI has appointed a Data Protection Officer: [DPO NAME], reachable at privacy@balance.ai. | Option B: BalanceAI has assessed its GDPR Article 37 obligations and determined that a formal DPO appointment is not currently mandatory at our processing scale. We have designated a Privacy Lead responsible for data protection compliance, reachable at privacy@balance.ai. We will reassess this determination as our processing scale changes.]
If you are a resident of Virginia, Colorado, Connecticut, Texas, Oregon, Minnesota, Montana, Delaware, Rhode Island, New Hampshire, New Jersey, Nebraska, Indiana, Iowa, Tennessee, Utah, Nevada, Maryland, Kentucky, or another state with a comprehensive privacy law, you have rights substantially similar to those in Section 9.1, including rights to access, correct, delete, and receive a portable copy of your personal data.
Opt out of targeted advertising, sales, and profiling: We do not conduct targeted advertising or sell personal information, so these opt-out rights are not triggered by our current practices. If this changes, we will provide opt-out mechanisms before any such practice begins.
State-specific notes:
To exercise any state right: Email privacy@balance.ai with subject line "Privacy Rights Request — [Your State]." To appeal a denied request, email with subject line "Privacy Rights Appeal." If unsatisfied, you may contact your state attorney general.
Barefoot is intended for users 18 years of age and older. We do not intentionally collect personal information from users under 18. Age confirmation is required at account creation.
If we discover a user is under 18, we will promptly deactivate the account and delete their data. If you are a parent or guardian and believe your child under 18 has created an account, contact privacy@balance.ai immediately.
We do not knowingly collect personal information from children under 13. If we discover we have done so without parental consent, we will take immediate corrective action.
BalanceAI conducts a Data Protection Impact Assessment (DPIA) prior to making the App available in California, and updates it biannually or upon introduction of new features, as required by AB 2273. We apply default high-privacy settings, restrict use of any minor user data for targeted advertising, and apply additional protections for users identified or reasonably believed to be under 18.
If you are a Washington State resident, the Washington My Health MY Data Act (RCW Chapter 70.372, effective March 31, 2024) provides rights over your consumer health data — defined to include mental health data, emotional health information, health-related behavioral data, voice biometric data used to infer health or wellness status, and location data that could reveal visits to health facilities.
For comprehensive information about your rights and our practices under this law, please review our Consumer Health Data Privacy Policy at https://pub.gobarefoot.app/consumer-health-privacy.
(a) Right to access. Request a list of all consumer health data collected about you and the names of all third parties with whom it has been shared.
(b) Right to delete. Request deletion of all consumer health data we hold about you, including directing our processors (including Canary Speech) to delete it.
(c) Right to withdraw consent. Withdraw consent to collection and/or sharing of your consumer health data. We will cease collection within 30 days.
(d) No sale without authorization. We do not sell consumer health data. We will not do so without your prior, separate written authorization.
(e) No geofencing. We do not use geofencing technology to collect health data from individuals near health facilities.
How to exercise: Email privacy@balance.ai with subject line "Washington Health Data Request." You may also contact the Washington State Attorney General at www.atg.wa.gov.
As a vendor of personal health records (PHRs), BalanceAI is subject to the FTC Health Breach Notification Rule (16 CFR Part 318). A breach of security means unauthorized acquisition of personally identifiable health information maintained in or accessed through the App.
In the event of a qualifying breach:
Notification will be by email where available; substitute notice per the Rule's requirements where email is unavailable.
Barefoot is a direct-to-consumer wellness application. BalanceAI is not a HIPAA-covered entity (not a health plan, healthcare clearinghouse, or healthcare provider transmitting data in HIPAA-covered transactions). BalanceAI is not a Business Associate of any covered entity as of this Policy's effective date. Your data in Barefoot is not protected by HIPAA's Privacy Rule or Security Rule.
Your data is protected by the laws described throughout this Policy (CCPA/CPRA, GDPR, Washington My Health MY Data Act, California CMIA, FTC Act, FTC Health Breach Notification Rule, and BIPA for voice biometric data), which collectively provide strong protections appropriate for a consumer wellness application. Under the California Confidentiality of Medical Information Act (Cal. Civ. Code § 56 et seq.), BalanceAI does not share your medical or mental health information with third parties for marketing purposes without your express written authorization.
If BalanceAI's business evolves to trigger HIPAA coverage (e.g., through integration with a covered health plan or provider), we will notify users, update this Policy, and implement HIPAA-compliant safeguards.
If you separately enroll in a research study:
BalanceAI is based in the United States. For transfers of personal data from the EEA, UK, or Switzerland to the United States, we rely on:
Note on Canary Speech international transfers: Canary Speech's API endpoint is located in the EEA (rest.eus.canaryspeech.com — EU South region). Voice data uploaded by EEA users goes to this endpoint. Voice data uploaded by U.S. users may also be routed to this endpoint. We are establishing SCCs with Canary Speech as part of the DPA process for any transfers between the EEA and U.S. that Canary Speech's architecture may involve.
We do not rely on user consent as the standalone legal mechanism for routine international data transfers. We maintain SCCs with all processors receiving EEA personal data. Copies of our SCCs are available upon request to privacy@balance.ai.
See Section 11.5 for EU and UK representative contact information.
Your phone number is used only for SMS authentication and essential account security notifications, unless you separately opt in to additional message types. We do not share your phone number with third parties for marketing. See Terms & Conditions Section 9 for full SMS terms and TCPA consent language.
We use cookies and similar technologies to maintain your session, remember preferences, analyze performance, and personalize experiences.
If you access any web-based portions of our services, non-essential cookies will not be placed until you have provided consent through a cookie consent tool. For more information, see our Cookie Policy at https://pub.gobarefoot.app/cookies.
Disable personalized analytics tracking in the App under Settings → Privacy → Analytics. When you disable analytics, we will stop sending your data to Amplitude for analytics purposes. Minimal technical data (crash reports via Sentry) necessary for App security may continue to be collected.
We honor the Global Privacy Control (GPC) signal as an opt-out from the sale or sharing of personal information to the extent required by applicable law. The App does not currently respond to browser "Do Not Track" signals, as no consistent industry standard exists. We honor opt-out requests submitted directly through our privacy request process (Section 9.2).
We will notify you of material changes at least 30 days before they take effect, by: posting a notice in the App; sending an email to your registered address; and displaying a prominent in-App notice. For material changes that expand how we use sensitive personal data, we will seek re-consent. Prior versions of this Policy are archived and available upon request.
BalanceAI, Inc.
PO Box 772 Palo Alto, CA 94302
| Purpose | Contact | Notes |
|---|---|---|
| General privacy questions | privacy@balance.ai | — |
| Rights requests (all jurisdictions) | privacy@balance.ai | Subject: "Privacy Rights Request" |
| Sensitive data / limit use | privacy@balance.ai | Subject: "Limit Sensitive Data Use" |
| Voice biometric / BIPA requests | privacy@balance.ai | Subject: "Voice Biometric Request" |
| Security / breach reports | security@balance.ai | — |
| Research | research@balance.ai | — |
| CCPA web form | pub.gobarefoot.app/privacy-request | — |
| EU Representative | [EU REP EMAIL] | GDPR inquiries from EEA residents |
| UK Representative | [UK REP EMAIL] | UK GDPR inquiries |
| DPO / Privacy Lead | privacy@balance.ai | Data protection compliance |
Supervisory authorities for complaints:
This Privacy Policy was last updated on April 21, 2026 (Version 4.3). The prior version (4.2, April 14, 2026) is archived and available upon request.
