Privacy Policy

Overview

Haiven is a behavioral intelligence platform that helps you understand patterns across your biological, psychological, and behavioral data. To do that well, we handle some of your most personal information — your health data, your journal entries, your daily check-ins.

This policy explains exactly what we collect, why we collect it, how we protect it, and what control you have over it. We've written it to be read, not filed away.

Who We Are

Haiven is operated by Haiven Labs LLC, a company registered in the state of Utah, United States.

For any privacy-related questions or requests, contact us at: hello@haiven.co

What We Collect

Account Information

• Name and email address when you create an account
• Authentication credentials (managed securely via Supabase Auth)
• Notification preferences and reminder time settings

Daily Check-In Data

• Your responses to daily domain rating sliders (Biological, Psychological, Behavioral scores on a 1–10 scale)
• Free-text journal entries you choose to write
• Protocol completion records (Morning Anchor, Midday Reset, Evening Wind-Down)
• Timestamps of when check-ins were completed

Wearable & Health Data

• Oura Ring: HRV, sleep, resting heart rate, readiness via Oura API OAuth
• Apple HealthKit: HRV, sleep analysis, resting heart rate, active energy, steps — accessed only with your explicit permission on iOS
• Garmin: Daily health summary data via Garmin Connect API (when connected)

Wearable connections are optional. You can disconnect any wearable at any time from your Profile settings.

Usage Data

• App usage patterns (which features you use, when)
• Error logs and crash reports via Sentry (no personal data included)
• Push notification delivery confirmations

How We Use Your Data

Everything we collect is used for one purpose: making Haiven work better for you personally.

• Computing your daily Signal Score across Biological, Psychological, and Behavioral domains
• Generating daily insights and domain labels specific to your recent history
• Producing your Deep Dive Analysis — a cross-source pattern synthesis using AI
• Displaying your Signal History and Day Detail views
• Sending you push notification reminders at times you configure
• Generating practitioner reports when you choose to share them

AI Processing

Haiven uses AI models (Anthropic Claude) to generate personalized insights and pattern analysis from your data. Your data is sent to Anthropic's API for this purpose and is subject to Anthropic's data processing terms. We do not permit your data to be used to train AI models.

Apple HealthKit

Haiven uses Apple HealthKit to read health and fitness data from your iPhone or Apple Watch when you grant permission. We are required by Apple to state the following explicitly:

You can revoke Haiven's access to HealthKit at any time via iOS Settings → Privacy & Security → Health → Haiven.

Data Storage & Security

Your data is stored in a secure PostgreSQL database hosted on Supabase with row-level security enabled. All data is encrypted in transit (TLS) and at rest. Access to production data is limited to authorized personnel only.

We implement appropriate physical, technical, and organizational safeguards to protect your data against unauthorized access, loss, or alteration. No system is perfectly secure — in the event of a data breach affecting your personal data, we will notify you promptly and take immediate steps to mitigate the impact.

Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.

Your Rights & Controls

You have the following rights regarding your personal data:

• Access: Request a copy of all data we hold about you
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your account and all associated data
• Portability: Request your data in a machine-readable format
• Wearable disconnect: Remove any wearable connection at any time via Profile settings
• Notification opt-out: Disable push notifications at any time via Profile settings or iOS Settings

To exercise any of these rights, email us at hello@haiven.co. We will respond within 30 days.

Third-Party Services

Haiven integrates with the following third-party services. Each has its own privacy policy governing how it handles data on its end:

• Supabase — database and authentication hosting
• Anthropic — AI model API for insight and pattern generation
• Oura — wearable health data (when connected)
• Apple HealthKit — iOS health data (when permission granted)
• Garmin Connect — wearable health data (when connected)
• Render — backend hosting and infrastructure
• Vercel — frontend hosting
• Sentry — error monitoring (no personal data)

We do not sell your data to any third party. We do not use advertising networks or data brokers.

Children's Privacy

Haiven is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe we have inadvertently collected data from a child under 13, contact us immediately at hello@haiven.co and we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page and notify active users via email or in-app notification for material changes. Continued use of Haiven after changes constitutes acceptance of the updated policy.

Contact Us

For any privacy questions, data requests, or concerns: