Privacy Policy

Effective date: 21 March 2026 · Last updated: 18 April 2026 · Version 2.1

Short version: Your personal sleep data stays encrypted on your device. We cannot read it, sell it, or lose it in a breach — because personal sleep logs are not readable by us. The only data on our servers is the minimum needed to run your account.

1. Introduction

Snoozekin is a sleep tracking app designed for seniors and adults aged 55 and over. We take privacy particularly seriously for our audience, recognising that older Australians may be more vulnerable to privacy harms. Our architecture is built to ensure we hold as little personal data as possible.

This Privacy Policy explains what data is collected, where it lives, and your rights under Australian law. Snoozekin is a brand of Sleep Portfolio, Queensland, Australia.

2. Zero-Knowledge Architecture

Your personal sleep data stays encrypted on your device.

All your personal data lives on your device only. Sleep entries, bedtimes, wake times, sleep scores, and notes are stored in an encrypted database on your device — we never hold the key.
Our servers are stateless AI endpoints. When you use the AI Sleep Coach, your device sends only anonymous context. No user ID, no name, no sleep history travels to our server. The server processes the request and returns a response. It stores nothing.
We cannot read your data. Even if a court ordered us, we hold no sleep data.
Sync is encrypted end-to-end. If you enable optional backup via iCloud or Google Drive, your data is encrypted on your device before it leaves. We hold no encryption keys.

3. Data We Collect and Store

3.1 On-Device Data (Never Transmitted to Our Servers)

Sleep entries: bedtime, wake time, duration, sleep score, notes
Streak counts and historical sleep statistics
Notification preferences and scheduled reminders
App settings and personalisation choices
Wearable-synced sleep data (if you connect a compatible device)
Any health data imported from Apple Health or Google Health Connect

This data is never transmitted to Snoozekin servers. We have no access to it.

3.2 Data Transmitted to Our Servers

Data	When	Why	Stored?
Anonymous AI Coach request (no PII — e.g. "senior adult, Day 5 streak")	When you use AI Coach	To generate a response	No — discarded after response
Anonymous analytics event (e.g. "sleep_logged")	During app use	To understand feature usage	Yes — no PII attached
Push notification device token	When you enable push notifications	To send reminders	Yes — token only
Account email address	At account creation (optional)	For account recovery	Yes — encrypted at rest
Website waitlist: email, first name, last name, country, and city or region	When you submit the join-waitlist form on snoozekin.com	To send launch and beta updates and for light-touch regional planning	Yes — in our secure database (encrypted at rest). Not used for AI Coach prompts and not sold to third parties
Subscription status	Via RevenueCat/Apple/Google	To unlock premium features	No — RevenueCat is source of truth

3.3 Analytics

Analytics events contain: a random session identifier, event type, timestamp, device type and app version. They do not contain your name, email, sleep data, health data, or any personally identifiable information.

4. On-Device Storage and Encryption

Your data is stored in an encrypted SQLite database using AES-256 encryption. The key is held in your device's secure enclave (iOS) or Android Keystore (Android) and is never transmitted anywhere. Deleting the app permanently deletes all on-device data. We hold no copy.

5. Optional Encrypted Backup

Backup is opt-in only — disabled by default
Your data is encrypted on your device before upload
We do not hold, access, or manage the encryption keys
Your backup is in your cloud account — Apple/Google privacy policies govern that storage
You can disable backup and delete your cloud backup at any time

6. AI Sleep Coach

The AI Sleep Coach is powered by the Anthropic API (Claude). When you interact with the Coach:

Your device sends only anonymous context: a general role type, a phase indicator, and your anonymised question
No personal identifiers are included: no name, email, user ID, sleep history, or health data
Snoozekin does not store the content of your conversations
Snoozekin stores only a SHA-256 hash of each message for abuse detection — this cannot be reversed

Anthropic's privacy policy: anthropic.com/privacy

7. Push Notifications

If you enable push notifications, we store your device push token to send reminders. Push tokens are not linked to your personal identity. You can disable them at any time — disabling notifications triggers deletion of your push token from our servers.

8. Payments

Consumer subscriptions are processed entirely through Apple App Store or Google Play, managed by RevenueCat. Snoozekin never sees or stores your payment card details.

Apple Privacy Policy: apple.com/legal/privacy
Google Privacy Policy: policies.google.com/privacy
RevenueCat Privacy Policy: revenuecat.com/privacy

9. Third-Party Services

Service	Purpose	Data Shared
Anthropic (Claude API)	AI Coach responses	Anonymised, non-identifying request text
Apple APNs	Push notifications (iOS)	Device push token
Google FCM	Push notifications (Android)	Device push token
RevenueCat	Subscription management	Anonymous user ID, subscription events
Apple App Store / Google Play	In-app purchases	Governed by Apple/Google policies
Resend	Transactional email (e.g. waitlist confirmation)	Your email address; standard template content only
Sentry	Error reporting	Anonymous error logs, no PII

10. Your Rights

Because your personal sleep data is stored exclusively on your device, you already have complete control. You can view, export, and delete all data directly within the app.

Australian Privacy Act 2024

Access: Request a copy of personal information we hold
Correction: Request correction of inaccurate personal information
Deletion: Request deletion of your account and server-side data
Complaint: Lodge a complaint with the OAIC at oaic.gov.au

Snoozekin acknowledges the Privacy Act 2024 statutory tort for serious invasions of privacy and is committed to compliance with the Australian Privacy Principles (APPs).

GDPR (EU and UK users)

You have rights under GDPR/UK GDPR including access, rectification, erasure, data portability, restriction, and objection. Contact sleepportfolio@gmail.com — we respond within 30 days.

11. Right to Erasure — Account Deletion

To request deletion of your account and all server-side data:

Use the Delete Account option within the app (Settings → Account → Delete Account), or
Email sleepportfolio@gmail.com with the subject line "Deletion Request"
For website waitlist data only, email sleepportfolio@gmail.com from the address you used on the form and ask to be removed from the waitlist.
You may also call us during business hours and we will assist you by phone

We will process deletion requests within 30 days.

12. Data Retention

Data Type	Retention Period
On-device sleep data	Indefinite — you control this; deleted when you delete the app
Account email	Until account deletion request
Website waitlist (email, name, country, city)	Until you request removal or unsubscribe from waitlist email; contact sleepportfolio@gmail.com
Push notification token	Until you disable notifications or delete your account
Anonymous analytics events	24 months (rolling), then automatically deleted
AI Coach message hashes	12 months, then automatically deleted

13. Accessible Privacy Support

We understand that our audience may prefer to exercise privacy rights by phone or post rather than email. We are happy to assist you by any of these means. If you need help navigating privacy settings or understanding this policy, please contact us at sleepportfolio@gmail.com and we will assist you in whatever format is most accessible to you.

14. Security

On-device: AES-256 encrypted SQLite; device secure enclave / Android Keystore
In transit: TLS 1.3 for all server communications
Server-side: Minimal data holdings; Row Level Security on all database tables
Annual third-party security review
Breach notification: Within 72 hours under the Privacy Act 2024 notifiable data breach scheme

15. Changes to This Policy

We will notify you of material changes via in-app notification at least 30 days before the change takes effect.

16. Contact

Privacy enquiries and rights requests:
sleepportfolio@gmail.com

Postal address:
Snoozekin Privacy Officer (Sleep Portfolio)
Queensland, Australia

OAIC: oaic.gov.au · 1300 363 992