HeadRest
Privacy Policy
Last Updated: January 24, 2026
Introduction
HeadRest ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our meditation mobile application ("App").
Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy.
Information We Collect
Information You Provide
- Account Information
- Email address (used for authentication via one-time password)
- No password is stored - we use passwordless authentication
- Meditation Context
- The text you enter describing your emotional situation
- This is used solely to generate personalized meditations
- Your mechanism selections (the option you choose when asked a follow-up question)
- Usage Data
- Duration preferences (5 or 15 minutes)
- Meditation history (which meditations you've generated)
Information Collected Automatically
- Device Information
- Device type and operating system version
- App version
- Usage Analytics
- Number of meditations generated
- General usage patterns (no personal content is tracked)
How We Use Your Information
We use your information to:
- Provide the Service
- Authenticate your account
- Generate personalized meditation scripts based on your context
- Store and retrieve your meditation library
- Improve the Service
- Analyze aggregate usage patterns
- Fix bugs and improve performance
- Develop new features
- Safety & Compliance
- Detect and prevent misuse
- Comply with legal obligations
Third-Party Services
We use the following third-party services to provide our App:
| Service | Purpose | Data Shared |
|---|---|---|
| Supabase | Authentication & Database | Email, user ID, meditation metadata |
| Anthropic (Claude) | AI-powered story selection and script generation | Your context text (anonymized, not linked to your identity) |
| ElevenLabs | Text-to-speech audio generation | Meditation script text (anonymized) |
| Cloudflare R2 | Audio file storage | Meditation audio files |
| Sentry | Error tracking | Crash reports, error logs (no personal content) |
Important: When your context text is sent to AI services (Anthropic) for meditation generation, it is:
- Not linked to your email or identity
- Not stored permanently by the AI service
- Used only to generate your meditation in that session
Data Retention
| Data Type | Retention Period |
|---|---|
| Account information | Until you delete your account |
| Meditation audio files | Until you delete your account |
| Context text | Processed and discarded after meditation generation |
| Error logs | 30 days |
Your Rights
You have the right to:
- Access - Request a copy of your personal data
- Correction - Request correction of inaccurate data
- Deletion - Request deletion of your account and all associated data
- Portability - Request your data in a machine-readable format
To exercise these rights, contact us at: support@tryheadrest.com
Data Deletion
To delete your account and all associated data:
- Open the App
- Go to Settings
- Tap "Delete Account"
- Confirm deletion
Alternatively, email us at support@tryheadrest.com with your account email.
Upon deletion:
- Your account will be immediately deactivated
- Your meditation audio files will be permanently deleted within 30 days
- Anonymized aggregate data may be retained for analytics
Security
We implement appropriate security measures including:
- Encryption in transit (HTTPS/TLS)
- Encryption at rest for sensitive data
- Secure authentication via one-time passwords
- Regular security audits
However, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.
Children's Privacy
HeadRest is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.
Crisis Content
HeadRest includes automatic detection of crisis-related content. If you express thoughts of self-harm or suicide:
- The App will not generate a meditation
- You will be shown crisis support resources including hotline numbers
- No meditation or audio is created for this content
We do not store or report crisis content. This detection is solely to provide you with appropriate resources.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Updating the "Last Updated" date
- Displaying a notice in the App
Your continued use of the App after changes constitutes acceptance of the updated policy.
Contact Us
If you have questions about this Privacy Policy, contact us at:
Email: support@tryheadrest.com
California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to Know - What personal information we collect and how it's used
- Right to Delete - Request deletion of your personal information
- Right to Non-Discrimination - We will not discriminate against you for exercising your rights
To exercise these rights, email us at support@tryheadrest.com.
European Privacy Rights (GDPR)
If you are in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):
- Legal Basis: We process your data based on your consent (when you use the App) and our legitimate interests (to provide and improve the service)
- Data Protection Officer: Contact support@tryheadrest.com
- Supervisory Authority: You have the right to lodge a complaint with your local data protection authority