Privacy Policy

NEUROVUS PRIVACY POLICY

Effective Date: 01/01/2025
Last Updated: 04/21/2025
Company: Neurovus, Inc.
Contact: garyroberts@neurovus.com

Your privacy is very important to Neurovus, Inc. (“Neurovus,” “we,” “our,” “us”).  We are committed to protecting your privacy consistent with the highest standards and best practices of organizations doing business on the internet.  We also maintain transparency about how we use and safeguard your information. This Privacy Policy explains:

  • What information we collect
  • How we use it
  • How long we retain it
  • How we protect it
  • Your rights and choices
  • Important limitations of our system

By using the any one of the following: Neurovus mobile application, the website www.neurovus.com (“site”), AI assistant (“NAVI”), and related services (“Services”) (collectively, the “Neurovus Platform”), you agree to this Privacy Policy.

1. WHAT NEUROVUS DOES (AND DOES NOT) DO

The Neurovus Platform is a general wellness platform designed to help users build awareness of short-term

Neurovus:

  • does not detect or evaluate emotional states
  • does not assess mental-health risk or severity
  • does not provide therapeutic or clinical guidance
  • does not monitor for crises or emergencies
  • does not offer mental-health diagnosis or treatment

All conversational interactions, biometric insights, and wellness nudges within Neurovus are educational in nature and intended solely for general self-awareness and wellness exploration.

2. INFORMATION WE COLLECT

We collect only the information required to provide personalized wellness interactions and maintain app functionality.

A. Personal Account Information

  • Name
  • Email address
  • Password or authentication credentials
  • Optional demographic information provided by the user

B. Biometric Pattern Data

(Collected through connected wearables such as Apple Health, Oura, WHOOP, Garmin, etc.)

We collect:

  • heart rate variability (HRV)
  • sleep patterns
  • recovery patterns
  • daily strain/load
  • activity/movement data
  • other non-clinical wellness metrics

Important:
Neurovus analyzes patterns only.
We do not interpret these metrics as emotional states, stress levels, or clinical indicators.

C. Behavioral Interaction Data

We may collect:

  • journaling frequency
  • interaction timing
  • app usage frequency
  • response patterns
  • engagement trends

We do NOT collect:

  • the content of journals
  • private user reflections
  • mental-health details
  • emotional disclosures

Only patterns, not contents.

D. Conversational Pattern Data

For NAVI’s adaptive timing (not emotional inference), we analyze:

  • length of messages
  • timing/cadence
  • interaction style
  • linguistic structure

We do not analyze:

  • sentiment
  • emotion
  • tone classification
  • psychological meaning

Neurovus does not perform sentiment analysis or emotional interpretation.

E. Device Data

  • device type
  • OS version
  • app version
  • IP address
  • crash logs
  • usage analytics

Used strictly for app performance and security.

3. HOW WE USE YOUR INFORMATION

Neurovus uses your information solely to:

A. Provide general wellness insights

  • short-term biometric pattern comparison
  • pattern-change notifications (non-clinical)
  • journaling/reflection prompts

B. Operate the NAVI wellness assistant

NAVI provides:

  • general education
  • reflection prompts
  • self-awareness check-ins
  • optional information on finding wellness professionals

NAVI does not interpret emotions, mental state, distress, diagnosable conditions, or crisis risk.

C. Personalize timing of wellness nudges

Nudges may be based on:

  • biometric pattern variation
  • behavioral engagement
  • conversational pattern characteristics

NAVI never uses emotional interpretation in its personalization model.

D. Improve the platform

Aggregated, anonymized data may be used to:

  • enhance general wellness algorithms
  • evaluate app performance
  • understand broad user engagement trends

We do not sell or share with third parties personally identifiable data for advertising or marketing unless you have authorized us to do so.

4. DATA RETENTION (ROLLING-WINDOW MODEL)

To protect privacy and minimize long-term risk, Neurovus uses short rolling retention windows:

A. Biometric Pattern Data — retained up to 120 days

Used for general pattern comparison only.

B. Behavioral Interaction Data — retained up to 90 days

Supports adaptive timing and lag-time analysis.

C. Conversational Pattern Data — retained 60–90 days

Patterns only, not message content.

Automatic Deletion

When each window closes:

  • older data is permanently deleted
  • only the rolling slice is kept
  • no long-term behavioral or emotional profile is created

Neurovus does not maintain multi-year behavioral, emotional, or biometric archives.

5. NO DATA EXPORT / NO PORTABILITY

To protect user privacy and prevent re-identification or misuse of sensitive pattern data:

  • Neurovus does not provide data export or download features
  • Neurovus does not transmit behavioral or biometric data to users or third parties upon request

Users retain the right to request full data deletion at any time.

This model protects user privacy and ensures wellness data is not misinterpreted outside the platform.

6. HOW WE PROTECT YOUR DATA

We use industry-standard safeguards including:

  • encryption in transit and at rest
  • access controls
  • anonymization for research use
  • routine security testing
  • least-privilege access architecture

Despite these measures, no system is 100% secure. Users assume responsibility for securing their own devices and login information.

Conversation Data Encryption

Neurovus applies a two-layer encryption model to all user conversations with NAVI. User prompts and their associated AI-generated responses are encrypted at the application layer before being written to our database, and again at the storage layer. This means that access to the database alone is insufficient to read conversation content. A secondary encryption key—maintained separately from the primary data store—is required to decrypt individual conversations. This architectural decision ensures that even in the event of unauthorized database access, conversation content remains protected. We treat user conversation data as among the most sensitive information we hold, and this dual-encryption approach reflects that standard.

Despite these measures, no system is 100% secure. Users assume responsibility for securing their own devices and login information.

7. COOKIES

We may place a “cookie” on your personal computer. A cookie is a small computer file that our computer sends to your computer and that your computer sends back to us each time you make a request from our site. Cookies help us recognize you when you visit our site again. We use cookies on our site to collect session data for several purposes to personalize and improve your individual viewing experiences on our site. Most Internet browsers automatically accept cookies. However, you can instruct your browser, by editing its options, to stop accepting cookies or prompt you before accepting a cookie from the sites you visit. If you decide not to accept our cookies, you will still be able to access those parts of our site that are available to the general public, but you will not be able to view some information on our site, use some features designed to enhance your experience at our site or access many of the services offered at our site.

8. YOUR RIGHTS AND CHOICES

Regardless of jurisdiction, Neurovus provides the following rights:

A. Right to Delete

Users may request immediate deletion of all stored data.

B. Right to Restrict

Users may disable:

  • adaptive nudges
  • biometric connections
  • activity data sharing

C. Right to Access (High-Level Summary Only)

We may provide a high-level overview of:

  • what categories of data are stored
  • retention periods
  • deletion status

We do not provide detailed logs, message histories, or raw biometric/behavioral patterns.

D. Right to Withdraw Consent

Users can revoke wearable permissions or data sharing at any time.

9. CHILDREN’S PRIVACY

Neurovus is not intended for individuals under 18.
We do not knowingly collect or store information about minors.

10. NO MEDICAL, MENTAL-HEALTH, OR EMERGENCY SERVICES

Neurovus is not a clinical or diagnostic system.
It does not:

  • monitor for crises
  • detect emotional states
  • assess mental health
  • provide urgent intervention
  • replace professional care

If you are experiencing an emergency, call your local emergency services.

11. THIRD-PARTY LINKS AND INTEGRATIONS

Wearable integrations (such as Apple Health or WHOOP) are optional and governed by their own privacy policies.
Neurovus does not control third-party data practices.

12. CHANGES TO THIS POLICY

We may update this Privacy Policy periodically.
When we do, we will notify users and update the “Effective Date” above.

13. CONTACT US

For privacy inquiries, data deletion requests, or questions:

Email: garyroberts@neurovus.com