← Back to home

Privacy Policy

Last updated: March 21, 2026

Overview

Sinus Shield is built by EasyMuse. We take your privacy seriously. This policy explains what data we collect, why, and how we protect it.

The short version: We collect only what's needed to run the service. We don't sell your data. We don't track you across the web. You can delete everything at any time.

What We Collect

Account Data

  • Email address — for authentication (magic link login) and sending notifications
  • Timezone — auto-detected from your browser to schedule notifications at your local time

Location Data

  • Latitude and longitude — the coordinates you enter (or detect via browser geolocation)
  • Coordinates are rounded to ~10km for API caching. We don't need or store your exact address.
  • Used solely to fetch pollen, weather, and air quality data for your area

Health-Related Data

  • Medication protocol — the instructions you enter for each tier (stored as text, not interpreted)
  • Daily symptom feedback — your self-reported feeling (great/ok/bad) and the date
  • Sensitivity multipliers — learned values that adjust how aggressively the system responds to pollen
  • Tier history — daily log of your assigned tier and the environmental conditions that day

We do not collect your actual health conditions, diagnoses, medication names (unless you type them into your protocol), or any data from health apps or devices.

What We Don't Collect

  • No tracking cookies or analytics
  • No advertising identifiers
  • No browsing history
  • No data shared with third parties for marketing

How We Use Your Data

  • To fetch environmental data for your location from Google and OpenWeatherMap APIs
  • To calculate your daily medication tier
  • To send you morning and evening notification emails (if enabled)
  • To learn your sensitivity patterns over time (adaptive algorithm)

Your location is sent to Google Pollen API, Google Air Quality API, and OpenWeatherMap to fetch environmental data. These services have their own privacy policies. We send only the rounded coordinates, not your email or identity.

Where Your Data Lives

  • Database — Supabase (hosted in EU, West Europe/Ireland region)
  • Application — Vercel (edge network, data processed in nearest region)
  • Email — Resend (for sending notifications)

Data Retention

Your data is retained as long as your account exists. Daily logs are kept indefinitely to support long-term sensitivity learning and history viewing.

When you delete your account, all your data is permanently deleted including your profile, protocols, daily logs, sensitivity history, and threshold adjustments. This happens immediately and cannot be undone.

Your Rights (GDPR)

If you are in the EU/EEA, you have the right to:

  • Access your data — visible in the dashboard and settings
  • Rectify your data — editable in settings at any time
  • Delete your data — via the "Delete Account" button in settings
  • Export your data — contact us and we'll provide an export
  • Withdraw consent — disable emails in settings, or delete your account

Security

  • Passwordless authentication (magic links) — no passwords to leak
  • Row-level security on all database tables — users can only access their own data
  • Email feedback links use signed tokens that expire after 24 hours
  • API keys and secrets stored as environment variables, never in code

Children

Sinus Shield is not intended for children under 16. We do not knowingly collect data from children.

Changes to This Policy

We may update this policy from time to time. The "last updated" date at the top reflects the most recent revision.

Contact

For privacy questions or data requests, contact us at team@easymuse.app.