Sarenica logo
Sarenica
Hydrogen workspace
Legal

Privacy Policy

Last updated: May 27, 2026

1. Introduction

This Privacy Policy explains how Sarenica ("Sarenica", "we", "us", "our") collects, uses, stores, shares, and protects information when you use our website, the Sarenica desktop application, the Hydrogen AI agent, and related services (collectively, the "Service"). Sarenica is a personal self-tracking tool designed for individual users. It is not employer surveillance software, not remote-control software, and not a hidden monitoring tool.

Your use of the Service is also governed by our Terms of Service.

2. Our Privacy Model

Privacy is a core product requirement, not a secondary feature.

  • Local-first by default: raw sensor and activity data is intended to stay on your device. Only aggregated signals (minute- or hour-level features) are sent to the cloud when you have an active account.
  • Consent-based collection: camera, microphone, wearable, and similar sensitive features are controlled through user-facing settings and explicit consent flows.
  • No keystroke or screen content: we use keyboard and mouse activity for cadence, speed, and rhythm metrics — not to read what you type or capture what is on your screen.
  • Private context switching: when enabled, Sarenica may count active-window changes to estimate attention stability. We do not store app names, window titles, browser URLs, process names, screenshots, or typed content for this signal.
  • User control: you can disable features, disconnect integrations, and request deletion of your account data.

3. Information We Collect

Account and billing information

Name, email address, account preferences, subscription and entitlement status, support messages, and billing-related identifiers. Payment card details are handled directly by our payment processor (Paddle) and are not stored on our servers.

Desktop activity and wellness signals

If you enable desktop tracking, the app processes signals such as focus and fatigue scores, blink and eye-state events, posture indicators, typing-cadence estimates, keyboard and mouse activity patterns, active and idle time, session duration, private active-window change counts, attention-context stability estimates, and derived metrics. Raw frames, raw keystroke content, app names, window titles, browser URLs, and process names are not transmitted to the cloud.

Camera-based signals

If you enable camera-based fatigue features, the app processes camera input locally on the device to estimate signals such as blink events, eye closure duration, face availability, and related fatigue indicators. Camera frames are not stored or transmitted.

Wearable and integration data

If you connect a wearable or other approved integration, we access the data you authorize through that integration (for example, Fitbit sleep, heart rate, and activity summaries) to provide unified analysis.

Hydrogen conversation content

Questions you ask Hydrogen and the corresponding responses are processed by our AI provider to generate replies and may be retained in your account history so you can review prior conversations. Anonymous queries from the public Hydrogen demo on our marketing site are processed without an account; we keep a short-lived counter (per-browser) to enforce the daily limit.

Cross-session memory: Hydrogen also stores a short daily summary of your chats (topic labels and open questions, not verbatim text) so it can recognize recurring themes the next time you ask. These summaries are written to your account, expire automatically after 30 days, and can be cleared at any time from Settings → Conversation memory. The summaries do not contain literal quotes of your messages.

Technical and diagnostic information

Crash logs, app version and OS information, installation diagnostics, entitlement and subscription status, connectivity diagnostics, and abuse-prevention signals needed to operate, secure, and support the Service.

Cookies and similar technologies

The website uses strictly necessary first-party cookies for authentication, session management, and rate-limiting. We do not use third-party advertising cookies, cross-site tracking pixels, or behavioral-advertising technologies.

  • sarenica_anon_session — set the first time you interact with the public Hydrogen demo on our marketing site. Contains a random opaque identifier and is used solely to enforce the 5-message-per-24-hour limit. No personal information is stored in the cookie. Expires after 7 days; the corresponding server-side counter is automatically deleted via Firestore TTL. Strictly necessary; required for the demo to function.
  • Authentication cookies — set when you sign in to your account so we can keep you signed in across pages. Strictly necessary.

Because these cookies are strictly necessary to deliver features you have explicitly requested, no separate consent banner is shown — consistent with the "strictly necessary" exemption under the EU ePrivacy Directive and UK PECR. If we ever introduce analytics, advertising, or other non-essential cookies, we will add a consent flow at that time.

4. How We Use Information

  • Provide the Service: compute metrics, generate insights, deliver reports, and maintain your dashboard and conversation history.
  • Operate the AI agent: send your prompts and a derived snapshot of your tracked signals to our AI provider so Hydrogen can respond. We may apply prompt-engineering, retrieval, and safety filters.
  • Run local helpers: certain desktop features rely on local helper processes that analyze signals on-device.
  • Sync data when enabled: transfer, store, and restore your authorized data across devices.
  • Billing and entitlement: verify subscription status, process purchases through our payment provider, and prevent fraud or abuse of quotas.
  • Support and security: troubleshoot issues, investigate abuse, and improve reliability.
  • Improve the product: we may use de-identified or aggregated information to improve features, evaluate models, and benchmark accuracy. Aggregated insights cannot reasonably be used to re-identify any individual user.
  • Legal compliance: meet legal obligations, respond to lawful requests, and enforce our Terms.

5. Legal Bases for Processing (EU/UK)

If you are in the EU, UK, or EEA, we process personal data under one or more of the following legal bases:

  • Contract: to provide the Service you have signed up for.
  • Consent: for sensitive features such as camera-based detectors and wearable integrations.
  • Legitimate interests: to secure the Service, prevent abuse, and improve product quality, where these interests are not overridden by your rights.
  • Legal obligation: to comply with applicable law.

6. Service Providers and Subprocessors

We work with a small set of vetted third parties to operate the Service. We do not sell your personal data. Our current key processors include:

  • Google Cloud Platform & Firebase — hosting, authentication, Firestore database, Cloud Functions, Cloud Run, and supporting infrastructure.
  • AI model providers — large-language-model providers (currently Google Gemini) process Hydrogen prompts and your derived signal context to generate responses. We may change providers; this section will be updated when we do.
  • Paddle — payments, billing, subscription management, tax handling, and invoicing.
  • Wearable platforms — Fitbit and similar services you choose to connect.
  • Microsoft Store — desktop distribution and update channel.
  • Operational tooling — logging, error monitoring, and analytics tools used to keep the Service reliable.

Subprocessors are bound by contractual data-protection obligations. We may also disclose information to comply with law, enforce our Terms, protect rights, safety, or security, or in connection with a merger, acquisition, financing, or asset transfer, subject to applicable legal protections.

7. International Data Transfers

Sarenica is operated from India. Our infrastructure and subprocessors may store and process data in countries other than your own, including the United States, India, and the European Union. Where applicable, we rely on appropriate safeguards such as standard contractual clauses, adequacy decisions, or your explicit consent.

8. Retention and Security

  • Security measures: reasonable technical and organizational safeguards, including encryption in transit, access controls, and segregation of secrets.
  • Local storage: some information is stored on your device in local databases, caches, and settings files needed for desktop operation.
  • Retention: we retain account data for as long as your account is active and for a reasonable period afterwards to meet legal obligations, resolve disputes, and enforce agreements. After account deletion, server-side data is removed within 30 days, subject to backup and legal-hold exceptions.
  • No method is 100% secure. We cannot guarantee absolute security; please use a strong password and protect your account.

9. Your Rights and Choices

Depending on where you live, you may have some or all of the following rights:

  • access the personal data we hold about you;
  • request correction of inaccurate or incomplete data;
  • request deletion of your data (the "right to be forgotten");
  • request portability of certain data in a machine-readable format;
  • object to or restrict certain processing, and withdraw consent at any time;
  • lodge a complaint with your local data-protection authority (e.g. your EU/UK supervisory authority, or the Data Protection Board of India under the DPDP Act).

To exercise these rights, email support@sarenica.com. We may need to verify your identity before responding. You can also disable specific detectors, disconnect integrations, and delete your account from within the app at any time.

10. Notice for California Residents (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the "CCPA"), provides you with additional rights regarding personal information we collect about you.

Categories of personal information we collect

In the past 12 months, we may have collected the following categories of personal information described in the CCPA:

  • Identifiers: name, email address, account ID, IP address.
  • Commercial information: subscription and purchase history, entitlement status.
  • Internet or other electronic network activity: app interactions, diagnostics, prompts you send to the Hydrogen agent.
  • Sensor and inference data: wellness signals derived from your activity, with your consent — for example, fatigue, focus, posture, blink rate, and wearable summaries.
  • Private context-switch data: aggregate active-window change counts and attention-context stability estimates. We do not collect app names, window titles, browser URLs, process names, screenshots, or typed content for this signal.
  • Customer support information: messages you send to support.

Purposes of collection

We collect this information for the purposes described in Section 4 of this Policy: providing the Service, operating the Hydrogen agent, billing, support, security, legal compliance, and product improvement.

Sources

Directly from you (account creation, support requests), from your device (activity and wellness signals), from integrations you connect (e.g. Fitbit), and from service providers that help us operate the Service.

Sale or sharing of personal information

We do not sell personal information, and we do not share personal information for cross-context behavioral advertising as those terms are defined in the CCPA.

Your CCPA rights

You have the right to:

  • know what personal information we collect, use, disclose, and (if applicable) sell or share;
  • request deletion of your personal information, subject to legal exceptions;
  • request correction of inaccurate personal information;
  • opt out of any sale or sharing of personal information (not applicable to us — we do neither);
  • limit the use of sensitive personal information to permitted purposes;
  • be free from retaliation or discrimination for exercising your rights.

To exercise these rights, email support@sarenica.com from the address associated with your account. We may need to verify your identity before responding. You may also designate an authorized agent to act on your behalf.

11. Children

The Service is not directed to children. We do not knowingly collect personal data from anyone under 13 years old (or under 16 in the EU/UK). If you believe a child has provided us with personal data, contact us and we will delete it.

12. Microsoft Store and Desktop Permissions

The desktop app may request capabilities that are necessary for a packaged desktop application, including full-trust execution and device access needed for the features you enable.

  • Camera: used for camera-based fatigue and attention features only when enabled. Frames are processed on-device.
  • Keyboard, mouse, and private context activity: used to compute activity, cadence, idle metrics, and attention-context stability. Context activity stores only aggregate active-window change counts and does not store app names, window titles, URLs, process names, screenshots, or message/document content.
  • Full-trust desktop runtime: packaged desktop builds may launch local helper processes required to perform on-device analysis and local service communication.
  • User visibility and control: these capabilities are part of the app's disclosed functionality and are not intended to run covertly.

13. Important Disclosures

  • Not medical advice: Sarenica provides informational metrics and wellness insights. It is not a medical device and does not provide diagnosis or treatment.
  • Individual use: Sarenica is designed for personal self-observation. You are responsible for complying with workplace, school, or local legal rules that apply to your use of the Service.
  • AI outputs: outputs from the Hydrogen agent are probabilistic and may be inaccurate or incomplete. Do not rely on them for medical, legal, financial, or safety-critical decisions.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date and, for material changes, provide reasonable additional notice (such as in-product notice or email). Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

15. Contact

If you have questions about this Privacy Policy, data handling, or Microsoft Store review-related disclosures, please use our Support Center or contact us at support@sarenica.com. You can also review our Terms of Service.