Privacy Policy

Effective: May 31, 2026

Table of Contents

1. Introduction

2. Collection of Information

3. Use of Information

4. Data Storage, Security, and Retention

5. Disclosure of Information

6. Your Privacy Rights

7. Information for California Residents

8. Children's Privacy

9. Advertising

10. Cookies

11. Changes to This Policy

12. Data Transfers

13. Contact Information

14. Supplemental Notices

1. Introduction

MeditateBreathe ("Company," "we," "us," or "our") provides a guided meditation and breathing exercise mobile application (the "App"). This Privacy Policy explains how we may collect, use, disclose, and otherwise process your information when you use the App and related services (the "Services").

By downloading, installing, or using the Services, you agree to the collection and use of your information as described in this Privacy Policy. If you do not agree, please do not use the Services. We cannot guarantee the security of any information you transmit to us.

MeditateBreathe is a general wellness app, not a healthcare provider. We are not a "covered entity" or "business associate" under HIPAA. We do not provide medical services, diagnoses, or treatment.

2. Collection of Information

Information You Provide. We may collect information you provide directly, such as account details (email, display name), session information (meditation duration, exercise type, timestamps), preferences (language, voice selection, theme), and communications you send us.

Information Collected Automatically. We may collect certain information automatically when you use the Services, including device information (model, OS version, app version), usage data (features used, engagement), IP address, and authentication data.

Information from Other Sources. We may receive information from third parties we work with, such as authentication providers, payment processors, and service providers who help us operate the Services.

Optional Integrations. If you connect with Apple HealthKit or Google Health Connect, we may receive data you authorize. We are not responsible for data stored by those services.

Health-Related Data. Your meditation session data may be considered health-related under certain laws. We process this with your consent. You may withdraw consent at any time. We do not collect medical diagnoses, biometric data, or genetic data.

3. Use of Information

We may use the information we collect to provide, maintain, and improve the Services; process transactions; communicate with you; help maintain the security and integrity of the Services; comply with legal obligations; and as otherwise described at the time of collection.

Artificial Intelligence. We may use machine learning and artificial intelligence to personalize content recommendations, improve the Services, and develop new features. This processing is based on your use of the Services and preferences you provide. We do not currently use your personal information to train AI models that generate outputs visible to other users. If this changes, we will notify you and obtain consent where required by applicable law. You may opt out of AI-powered personalization at any time through your account settings.

4. Data Storage, Security, and Retention

We maintain administrative, technical, and physical safeguards designed to help protect your information, including encryption in transit and at rest. However, no method of electronic storage or transmission is completely secure, and we cannot guarantee absolute security. Your data may be stored on servers operated by third-party service providers.

We retain your information for as long as necessary to fulfill the purposes described in this policy. Criteria used to determine retention periods include: the length of our ongoing relationship with you; whether a legal obligation requires longer retention; and whether retention is advisable in light of our legal position. If you delete your account, we will take steps to delete or anonymize your information within a commercially reasonable period, subject to technical limitations and legal retention obligations. Residual copies may be retained in backups for a limited period.

Aggregated and De-Identified Data. We may create or collect aggregated, anonymous, or de-identified data that can no longer reasonably identify you. We will maintain such data in de-identified form and will not attempt to reidentify it, except to test our de-identification practices. De-identified data is not personal information and is not subject to this Privacy Policy.

5. Disclosure of Information

We do not sell your personal information for monetary consideration. We do not knowingly share personal information of users under 16. We may share information with service providers who perform services on our behalf, when required by law, in connection with a business transfer, or with your consent. We may also share aggregated or de-identified data that can no longer reasonably identify you.

6. Your Privacy Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or port your information; restrict or object to certain processing; opt out of targeted advertising; and withdraw consent. Subject to applicable law, we will not discriminate against you for exercising any of these rights. You may exercise these rights by emailing support@meditatebreathe.com or privacy@meditatebreathe.com or through in-app settings. We will respond as required by applicable law. If we deny your request, you may appeal by emailing support@meditatebreathe.com.

If you are in the EEA or UK and have concerns about our response, you may lodge a complaint with your local data protection authority.

7. Information for California Residents

This section applies to residents of California under the California Consumer Privacy Act, as amended (CCPA).

Categories of Personal Information Collected. In the last 12 months, we may have collected the following categories of personal information: identifiers (name, email, IP address, account name); commercial information (subscription records); internet or electronic network activity (usage data, browsing behavior); geolocation data (approximate location); inferences drawn from the above; and other personal information you provide (preferences, goals, session data).

Sources. We collect this information from you directly, automatically through your use of the Services, and from service providers.

Business Purposes. We may use this information to provide and maintain the Services; improve and develop new services; process transactions; communicate with you; ensure security; comply with legal obligations; and personalize your experience.

Disclosures. We may disclose these categories to service providers for business purposes. We do not "sell" personal information as traditionally defined, and we do not have actual knowledge that we sell or share personal information of consumers under 16.

Your CCPA Rights. You have the right to know what personal information we collect about you; request deletion; correct inaccurate information; opt out of the "sale" or "sharing" of your personal information (we do not engage in such activities); and not receive discriminatory treatment for exercising these rights. To exercise your rights, email privacy@meditatebreathe.com. You may designate an authorized agent to make a request on your behalf.

8. Children's Privacy

The Services are not directed at children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect information from children. If you believe a child has provided us with information, contact us.

9. Advertising

The Services may display advertisements. We use third-party advertising partners to serve ads. These partners may use cookies, device identifiers, and similar technologies to collect information about your activity on the Services and other apps or websites to provide you with relevant advertising. You may opt out of interest-based advertising through your device settings or by visiting the Digital Advertising Alliance opt-out page.

Under California Civil Code Section 1789.3, you may also contact the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs at 1625 N. Market Blvd., Suite N 112, Sacramento, California 95834, or by telephone at (800) 952-5210.

10. Cookies

When you use our Services, we and our third-party partners may use cookies, web beacons, SDKs, and similar tracking technologies to collect information about your activity, browsing behavior, and device.

What Are Cookies. Cookies are small text files stored on your device by your web browser. Mobile apps use similar technologies, including SDKs and device identifiers, to perform comparable functions.

Types of Cookies We Use.

Your Choices. You can control cookies through your browser settings or device preferences. Most browsers allow you to block or delete cookies. Mobile devices allow you to limit ad tracking in your privacy settings. If you disable certain cookies, some features of the Services may not function properly. You may also use an opt-out preference signal, such as the Global Privacy Control (GPC), to opt out of the sale or sharing of your personal information for targeted advertising.

For more detailed information, please see our separate Cookie Policy.

11. Changes to This Policy

We may update this policy from time to time. Material changes will be notified through the Services or by other means as required by law.

12. Data Transfers

MeditateBreathe is based in the United States. Your personal information may be transferred to, stored, and processed in the United States and other countries where we or our service providers operate. These countries may not have equivalent data protection laws to those in your jurisdiction.

When we transfer personal information from the European Economic Area (EEA), the United Kingdom, or Switzerland to the United States, we rely on appropriate safeguards, including Standard Contractual Clauses approved by the European Commission or the UK government, or other lawful transfer mechanisms. We may also rely on the EU-U.S. Data Privacy Framework (DPF), the UK Extension to the DPF, or the Swiss-U.S. DPF where we have self-certified compliance.

You may request a copy of the applicable transfer safeguards by contacting us at privacy@meditatebreathe.com.

13. Contact Information

General Inquiries & Support: support@meditatebreathe.com

Privacy Rights: privacy@meditatebreathe.com

DMCA / Copyright Agent: dmca@meditatebreathe.com

Data Protection Officer (DPO): dpo@meditatebreathe.com

EU Representative (Art. 27 GDPR): eu-representative@meditatebreathe.com

UK Representative: uk-representative@meditatebreathe.com

Legal Notices: MeditateBreathe LLC, 30 N Gould St Ste R, Sheridan, WY 82801

Supplemental Notices

Information for EEA and UK Users

Controller. MeditateBreathe LLC, 30 N Gould St Ste R, Sheridan, WY 82801, USA, is the data controller for your personal information under applicable data protection law.

Legal Bases. We process your personal information based on the following legal bases: (i) your consent, which you may withdraw at any time; (ii) performance of our agreement with you; (iii) our legitimate interests, including operating and improving the Services, communicating with you, and protecting our legal rights; and (iv) compliance with legal obligations.

Data Transfers. We transfer your personal information to the United States. Where required, we rely on Standard Contractual Clauses or other appropriate safeguards. You may request a copy by contacting us at privacy@meditatebreathe.com.

Your Rights. Subject to applicable law, you have the right to access, correct, delete, port, and object to processing of your personal information, and to lodge a complaint with your local data protection authority.

Representatives. You may contact our representatives according to Article 27 GDPR:

EU: eu-representative@meditatebreathe.com

UK: uk-representative@meditatebreathe.com

DPO. Our Data Protection Officer can be reached at dpo@meditatebreathe.com.