Privacy Policy

Last Updated: January 26, 2026

Introduction

At Clair Health Inc. ("Clair," "we," "our," or "us"), privacy is not just a policy; it is the foundation of our architecture. We have built Clair from the ground up to ensure your most sensitive health data stays under your control. This Privacy Policy explains our privacy-first approach and how we handle your information when you use our wearable device, mobile application, and website (collectively, the "Services").

Our Privacy-First Promise

Clair is built differently from other health apps. Here is what makes us unique:

  • Your health data stays on your device. Your biometric readings, cycle information, and symptom logs are stored locally on your phone in an encrypted database. They are not automatically uploaded to our servers.
  • Our AI runs entirely on your phone. Our hormone prediction models run locally on your device, meaning your personal health information never leaves your phone for processing.
  • Cloud backup is optional and encrypted with keys only you control. If you choose to enable backup, your data is encrypted on your device before transmission. We store only encrypted data that we cannot decrypt.
  • Research participation is your choice. By default, none of your data is shared for research. If you choose to participate, you control exactly what level of contribution you make.
  • We do not sell your data. Ever. To anyone. Our business model is based on subscriptions, not selling your information.

How Your Data Stays on Your Device

Local-First Architecture

When you use Clair, your health data is stored in an encrypted database directly on your phone. This includes:

  • Biomarker readings from your Clair wearable
  • Hormone pattern indicators and predictions
  • Heart rate and cardiovascular patterns
  • Body temperature variations
  • Sleep quality and duration
  • Menstrual cycle information and symptoms you log
  • All AI predictions and personalized insights

This data is encrypted using industry-standard AES-256 encryption. Even if someone gained physical access to your phone, they could not read your health data without your app credentials.

Edge AI Processing

Our proprietary hormone prediction model runs entirely on your phone. When you ask Clair a question or receive a prediction, the processing happens locally. Your health data is never sent to cloud servers for AI analysis. This means:

  • Faster responses since there is no round-trip to a server
  • Works offline once your data is synced from your wearable
  • Your intimate health questions stay completely private

Optional Cloud Backup (Zero-Knowledge Encryption)

Cloud backup is completely optional. If you choose to enable it:

  • You create a passphrase that only you know. This passphrase is used to generate encryption keys on your device.
  • Data is encrypted before it leaves your phone. Your health information is encrypted locally before being transmitted to our servers.
  • We cannot decrypt your backup. Clair's servers store only encrypted data. We do not have your passphrase and cannot access your health information.
  • If you forget your passphrase, we cannot recover your data. This is an intentional privacy protection. We recommend storing your passphrase in a secure password manager.

This "zero-knowledge" architecture means that even if our servers were compromised, your health data would remain protected because only you hold the decryption keys.

Information We Do Collect

Account Information

To provide our Services, we collect basic account information:

  • Email address (for account access and important notifications)
  • Name (optional, for personalization)
  • Age range (to ensure appropriate service delivery)
  • Payment information (processed securely by Stripe; we do not store card numbers)

Device and Usage Analytics

We collect minimal, anonymized analytics to improve our app:

  • App crash reports (to fix bugs)
  • Feature usage statistics (aggregated, not individual)
  • Device type and OS version (to ensure compatibility)

These analytics do not include your health data, predictions, or any information that could identify you personally.

Research Participation (Optional)

Advancing women's health research is important to us, but it must never come at the cost of your privacy. Research participation is entirely optional and operates on a three-tier consent system:

Tier 0: No Participation (Default)

By default, none of your data is shared for research purposes. Your health information stays entirely on your device.

Tier 1: Anonymous Statistics Only

If you opt in, you can contribute anonymous, aggregated statistics (like average cycle length across all users). We use differential privacy techniques that add mathematical noise to ensure your individual data cannot be identified.

Tier 2: Federated Learning

Help improve our AI without sharing your raw data. With federated learning, our model learns from your data on your device, and only model improvements (not your data) are shared. Your actual health information never leaves your phone.

Tier 3: Research Studies

Participate in specific IRB-approved research studies. This requires separate explicit consent for each study, and data is de-identified before sharing. You can withdraw from any study at any time.

You can change your participation level or withdraw entirely at any time through the app settings.

Data Security

We implement comprehensive security measures:

  • Encryption at rest: Your local database uses AES-256 encryption
  • Encryption in transit: All communications use TLS 1.3
  • Biometric protection: App access can be secured with Face ID or fingerprint
  • Secure wearable connection: Bluetooth communication is encrypted
  • Regular security audits: We conduct third-party penetration testing annually
  • HIPAA-aligned practices: While wellness devices are generally HIPAA-exempt, we implement HIPAA-level security safeguards

What We Do NOT Do

  • We do NOT sell your personal health data to third parties
  • We do NOT share your data with advertisers
  • We do NOT use your data for targeted advertising
  • We do NOT share your individual data with insurance companies or employers
  • We do NOT have access to your encrypted backup data

Your Rights and Controls

You have complete control over your data:

  • Access: View all your data directly in the app (it is on your device!)
  • Export: Download your data in standard formats (JSON, CSV, or HealthKit-compatible)
  • Delete: One-tap deletion removes all local data and cloud backups permanently
  • Portability: Share your data with healthcare providers in FHIR format
  • Research withdrawal: Opt out of research participation at any time

For California residents: Under the CCPA, you have additional rights including the right to know what data we collect, the right to delete, and the right to opt out of data sales (note: we do not sell data).

For EU residents: Under GDPR, you have rights including access, rectification, erasure, and data portability. Our local-first architecture inherently supports these rights.

Data Retention

Your health data remains on your device as long as you want it. You control retention through the app settings:

  • Keep everything: Store your full history locally
  • Standard: Automatic aging reduces older data resolution
  • Minimal: Keep only recent data at full fidelity

When you delete your account, all local data is wiped and any encrypted cloud backups are permanently deleted within 30 days.

Third-Party Services

We use limited third-party services:

  • Stripe: Payment processing (they do not have access to your health data)
  • Firebase: Account authentication and app infrastructure (no health data stored)
  • Apple HealthKit / Google Health Connect: Optional integration to import/export data (with your explicit permission)

None of these services have access to your health data, which remains encrypted on your device.

Children's Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

Changes to This Policy

We will notify you at least 30 days before any material changes to this Privacy Policy. Notifications will be sent via email and in-app notification. Your continued use of our Services after such modifications constitutes your acknowledgment of the modified policy.

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: privacy@wearclair.com