Privacy Policy
1. Introduction
HeadsUp ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, how we store it, and your rights regarding that data.
By using the HeadsUp service ("Service"), you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
2.1 Account Information
When you register, we collect:
- Email address
- Password (hashed — never stored in plain text)
- Household name
- Timezone preference
2.2 Family Member Information
To set up the Service for your household, you provide:
- Names of family members
- Telegram user IDs and chat IDs for each member
2.3 Calendar Data
When you connect Google Calendar, we access and store:
- Google Calendar IDs you configure
- Calendar event data: titles, dates/times, locations, descriptions, all-day flags
- The name of the calendar owner (family member)
Calendar events are polled approximately every 5 minutes. Snapshots of upcoming events are stored temporarily and automatically purged after 2 days. A longer-term archive of past events is retained for reference.
2.4 Integration Credentials & Settings
To connect third-party services, you provide:
- Google OAuth refresh token — allows us to read your Google Calendars without repeated logins
- Telegram bot token and chat ID — used to deliver briefings to your family group
- Oura Ring personal access token (optional) — used to retrieve sleep and readiness data
- Weather location (city name or coordinates, optional) — used to fetch daily weather forecasts
These credentials are stored encrypted in our database and are used solely to operate the Service on your behalf.
2.5 Briefing Preferences
We store your configuration for daily, weekend, and week-ahead briefings; scheduled delivery times; event prep reminder settings; and which family members have briefings enabled.
2.6 Conversation History
When you or your family members interact with the HeadsUp Telegram bot, those messages and the bot's responses are stored to provide context for future interactions.
2.7 Health Data (Optional)
If you connect Oura Ring, we collect and store daily sleep and readiness metrics retrieved from Oura's API. This data is included in morning briefings.
2.8 Billing Information
We collect and store your Stripe customer ID, subscription ID, billing status, and period dates. We do not store credit card numbers or raw payment details — all payment data is handled by Stripe.
2.9 Usage and System Data
We store a log of notifications and alerts sent to your household, conflict alerts detected between family members' calendars, and event prep alerts sent.
3. How We Use Your Information
We use your data exclusively to operate and improve the Service. We do not use your data for advertising, profiling, or sale to third parties.
| Data | How It Is Used |
|---|---|
| Account info | Authentication, account management, billing |
| Family member info | Personalization of briefings and routing of alerts |
| Calendar events | Conflict detection, briefing generation, event prep reminders |
| Google OAuth token | Polling your authorized calendars |
| Telegram credentials | Delivering briefings and alerts to your group |
| Oura data | Including health context in morning briefings |
| Weather location | Fetching daily forecasts for briefings |
| Conversation history | Providing context for bot responses |
| Billing data | Subscription management, payment processing |
4. AI Processing
Briefings are generated by the Anthropic Claude API. To produce a briefing, we send Anthropic a structured summary containing upcoming calendar events, weather forecast data, health metrics (if Oura is connected), and household member names. This data is transmitted over HTTPS and is subject to Anthropic's Privacy Policy.
We do not send account credentials, OAuth tokens, or payment data to Anthropic.
5. Data Sharing and Disclosure
We do not sell your personal data. We share data only with service providers necessary to operate the Service, and when legally required.
| Provider | Data Shared | Purpose |
|---|---|---|
| Supabase | All user and household data | Database hosting and authentication |
| Anthropic | Calendar events, weather, health metrics, family names | AI briefing generation |
| OAuth tokens | Calendar access | |
| Telegram | Briefing content, family names | Message delivery |
| Oura | Personal access token | Health data retrieval |
| Stripe | Email, billing metadata | Payment processing |
| WeatherAPI | Location (city or coordinates) | Weather forecast data |
We may also disclose information if required by law or court order. If we are acquired or merged, your data may be transferred — we will notify you before such a transfer occurs.
6. Data Storage and Security
6.1 Storage Location
All data is stored in a Supabase PostgreSQL database hosted on AWS (us-west-2 region). Data is encrypted at rest and in transit.
6.2 Row-Level Security
Our database enforces row-level security (RLS) so that each household can only access its own data. Cross-household data access is not possible through the application layer.
6.3 Credential Encryption
Sensitive credentials (OAuth tokens, API tokens) are stored encrypted and are only decrypted in-memory when needed to perform API calls.
6.4 Automatic Data Expiry
- Event snapshots are automatically deleted after 2 days
- Pending AI intents (parsed user commands) expire after 15 minutes
6.5 Security Practices
We use HTTPS/TLS for all data in transit, hashed passwords, and JWT-based session tokens with rotation. No system is perfectly secure — in the event of a data breach, we will notify affected users as required by applicable law.
7. Data Retention
| Data Type | Retention Period |
|---|---|
| Account and settings data | Until account deletion |
| Calendar event snapshots | 2 days (auto-purged) |
| Archived past events | Duration of account |
| Conversation history | Duration of account |
| Oura health metrics | Duration of account |
| Notification logs | Duration of account |
| Billing records | As required by law (typically 7 years) |
Upon account deletion, personal data is removed within 30 days, except where retention is required by law.
8. Your Rights and Choices
Depending on your jurisdiction, you may have the right to access, correct, delete, or port your personal data; restrict or object to certain processing; and withdraw consent for third-party integrations.
To exercise these rights, contact us at privacy@headsup.app. We will respond within 30 days.
Disconnecting Integrations
- Google Calendar: Revoke access in your Google Account settings and remove calendar connections in HeadsUp.
- Oura: Remove your personal access token from your HeadsUp settings.
- Telegram: Remove the bot from your group; no further messages will be sent.
9. Children's Privacy
The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us personal data, contact us immediately and we will delete it.
Family members whose calendars are connected may include minors. As the household admin, you are responsible for ensuring you have appropriate authority to connect their calendars.
10. Cookies and Client-Side Storage
The Service uses session cookies to maintain your login state (Supabase JWT tokens). These cookies are essential for the Service to function. We do not use tracking cookies or third-party advertising cookies.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notice at least 14 days before they take effect. The "Last Updated" date at the top reflects the most recent revision.
12. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy, contact us at: privacy@headsup.app