Privacy policy.

Account information

Name, email address, country, phone (optional, only used for shipping updates), and any password you set. If you join a Family Circle, the inviter's email and your relationship label.

Reservation and order information

Model selected, who the watch is for, shipping address (collected at fulfillment), and the last four digits of any payment method we charge — we never store full card numbers on our servers. Card details are tokenized by our payment processor.

Health and vitals data

Blood-pressure readings (systolic, diastolic, pulse), heart rate, blood oxygen (SpO2), sleep stages and duration, steps, calories, and the timestamps and device identifiers attached to each reading. If you enter notes, medications, or symptoms in the app, we store those too.

Device and technical data

Watch serial number and firmware version, phone model and OS version (to debug pairing issues), app version, crash logs, IP address, approximate location derived from IP (city-level, for analytics only), and cookies for session and CSRF protection. We do not use advertising cookies on our properties.

Communications

Messages you send us through the contact form, email, or in-app feedback, and our replies.

• To run the service — pair your watch, store readings, draw trends, generate Doctor-Ready PDFs, send Family Circle notifications, and process orders and refunds.
• To keep the service safe and working — debug crashes, prevent fraud, enforce our Terms, and protect users from abuse.
• To talk to you — send order confirmations, ship dates, account notices, the email drip you signed up for, and replies to your messages. You can unsubscribe from marketing email at any time; service emails (e.g., your order receipt) we send regardless.
• To improve the product — measure which features people use, in aggregate. We do not look at the readings of individuals to train models.
• To comply with the law — respond to lawful requests, file regulatory paperwork, and honor your rights requests.

The Leiko app uses AI to write your daily pulse summary, weekly recap, and the doctor-ready report. Before any reading or note leaves our servers for the AI provider, we strip your name, email, address, phone, account ID, and watch serial. The provider sees only de-identified vitals and the question we are asking. We do not allow the provider to train its models on your data. The contractual terms with our AI providers prohibit this and require deletion of inputs within 30 days.

We do not sell your data. We do not rent it. We do not share it with advertisers. We share specific data with specific parties for specific reasons:

• Family Circle members you authorize. If you invite a family member or caregiver, they see the readings and trends you grant them. You can revoke access in the app at any time and they immediately lose access.
• Service providers acting on our instructions. Hosting and database (Supabase), transactional email (Resend), payment processing (Lemon Squeezy), shipping carriers (DHL, FedEx, USPS), CDN and edge runtime (Cloudflare), AI providers (Anthropic, OpenAI), and advertising attribution (Meta, Google, PostHog). Each is bound by a written data-processing agreement that limits them to providing the service we contract for. The full, current list with what each one does and the data they receive is at leiko.health/subprocessors.
• Law enforcement when we receive a valid legal request and have no narrower basis to refuse. We will, where lawful, notify you first.
• In a corporate transaction. If Leiko is acquired or merges, your information may transfer to the successor entity, subject to the protections in this policy. We will notify you before any change in controller.

Leiko is operated from the United States. Our primary database is hosted in the US. If you use the service from the European Economic Area or the United Kingdom, your data is transferred to the US under the EU Standard Contractual Clauses (and, where applicable, the UK International Data Transfer Addendum). You can request a copy of those clauses by writing to law@leiko.app.

• Vitals (BP, HR, SpO2, sleep, activity): for the life of your account. We keep them indefinitely so your long-range trends remain accurate, unless you delete them.
• Account and order records: 7 years after the account closes, to meet tax, warranty, and product-safety obligations.
• Crash logs and analytics: 90 days.
• Marketing email logs: until you unsubscribe, then 12 months for suppression.

You can delete any individual reading from the app immediately, or delete your entire account from Settings → Privacy → Delete account. Deletion is irreversible and propagates to backups within 30 days. Step-by-step instructions, including how to request deletion by email if you no longer have the app installed, are on the Delete your account page.

• All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
• Each family's data is isolated by Postgres row-level security — your readings can only be queried by an authenticated session that owns them or that you have explicitly granted access to.
• Production secrets are stored in Cloudflare's secret store; engineers receive no standing access to production data, and any read access is logged.
• We run an annual security review and respond to vulnerability reports at security@leiko.app.
• If we ever experience a breach affecting your personal data, we will notify you and the relevant regulators within the timeframes the law requires.

You can:

• See the data we hold about you (a copy export is available in-app under Settings → Privacy → Export).
• Correct any information that is wrong.
• Delete your account and the data we hold for it.
• Object to or restrict certain processing, including marketing email.
• Withdraw consent we asked for (e.g., AI features).
• Lodge a complaint with your local data protection authority. In the UK, that is the ICO (ico.org.uk). In the EU, your national DPA. In California, the California Privacy Protection Agency.

To exercise any of these, write to law@leiko.app. We verify the identity of every requestor before acting on a request. We will not charge you for these requests and will not retaliate for making them.

Questions, rights requests, or to reach our Data Protection contact:

Leiko, Inc.
30 N Gould St Ste N
Sheridan, WY 82801, United States
law@leiko.app