Kensora
Get early access
Legal

Consumer Health Data Privacy Policy

How Kensora collects, uses, shares, and protects your consumer health data, separate from, and read alongside, our Privacy Policy.

Effective date: June 8, 2026 · Last updated: 2026-06-23

This policy describes how Kensora LLC ("Kensora") collects, uses, shares, and protects consumer health data, as required by Washington's My Health My Data Act and similar state laws, including Nevada's SB 370 and Connecticut's Data Privacy Act. It is separate from our general Privacy Policy and applies specifically to consumer health data. Contact: privacy@kensora.io.

1. Categories of consumer health data we collect

Kensora may collect or derive the following categories of consumer health data:

  • Sleep data (duration, timing, quality), from Apple Health or a connected device you authorize.
  • Physical activity and heart-rate data, from Apple Health or a connected device you authorize.
  • Mood, stress, and mental-state information that you enter or that the app derives from your check-ins and journal entries.
  • Self-reported wellbeing information you choose to record (e.g., journaling, medication or symptom notes you enter).
  • Inferences and patterns Kensora derives on your device from the above, for example a sense of how your mood or sleep is shifting from your own baseline. These stay on your device and are not a diagnosis.
  • Location is not used as a health signal. Any map of places you have visited is built and stored only on your device and is never used to infer health conditions or health-service visits.
  • The fact that you use Kensora, but only if you choose to be findable through optional contact discovery. Because Kensora is a mental-health-adjacent app, letting someone discover that you are here is health-adjacent information. It is off by default, controlled by a double opt-in (only people who turn on "make me findable" can be found, and only by someone who already has their email), and is stored as a one-way hash you can delete at any time. See Section 5.

2. How the data is collected (sources)

Consumer health data comes from: (a) information you enter directly into the app; and (b) Apple Health and devices you explicitly connect (e.g., Apple Watch). Kensora does not buy consumer health data from data brokers and does not collect it from third-party advertising sources.

3. Why we collect it (purposes)

We collect consumer health data solely to provide the features you request: to show you your own patterns, generate relevant daily guidance, and power the optional reflection chat. We do not use consumer health data for advertising, and we do not sell it.

4. How it is processed and stored

Consumer health data is processed and stored on your device by default. It leaves your device only when you take a specific action that requires it (for example, turning on the optional cloud chat and sending a message that includes a brief health detail). We do not maintain a central database of your consumer health data.

5. Categories of data we share, and with whom

We do not sell consumer health data and do not share it for advertising. We share it only as needed to provide a feature you have turned on, and only with service providers bound by contract to use it solely for that purpose:

  • Anthropic: if you enable the cloud chat, a message may include a brief health signal you chose to discuss. Under Anthropic's commercial API terms this is not used to train their models and is automatically deleted within 30 days; where Anthropic offers Zero Data Retention and Kensora qualifies, we will enable it so it is deleted sooner.
  • Netlify: operates the secure proxy that carries your cloud-chat message in transit to Anthropic. The proxy passes the message through and keeps only a usage count for billing limits; it does not store your message contents.
  • Brave Search, only if you turn on web search for the on-device model: a search query you prompt may reflect a health topic you asked about. That query is sent through Kensora (which does not store it) to Brave to return results. We send only the query, never your health readings, history, or identity, and Brave's handling is governed by Brave's own privacy policy.
  • Apple: for the private, encrypted sync of your own data across your devices.
  • Neon, Resend, and Twilio, only if you turn on optional contact discovery: Neon is a managed database that holds the small directory of one-way hashed emails and phone numbers that lets people who opted in find each other (no contents, no health readings); Resend sends the one-time code that confirms you own an email you want to be found by; Twilio sends and checks the one-time code that confirms you own a phone number you want to be found by (it receives only your phone number). None of them receives your health data, journal, or messages, and a match is returned only under a double opt-in.

We do not share consumer health data with any other third parties, affiliates, or data brokers.

6. We do not sell your consumer health data

Kensora does not sell consumer health data, and we do not exchange it for money or other valuable consideration. We will never ask you to sign an authorization to sell your consumer health data, because we do not sell it.

7. Consent

We collect consumer health data only with your consent or as necessary to provide a product or service you have requested. Consent to share consumer health data (for example, by enabling the cloud chat) is requested separately from consent to collect it. You may withdraw consent at any time in Settings; withdrawal stops future collection or sharing of that category.

8. Your rights

You have the right to:

  • Access / confirm the consumer health data we have about you;
  • Withdraw consent to its collection or sharing;
  • Delete your consumer health data.

You can exercise the first rights directly in the app: export your data, disconnect a source, turn off the cloud chat, turn off contact discovery and remove your findable email, or delete your data or account. Deleting your account also removes your contact-discovery directory entry (the one-way hashed email that made you findable) and any pending verification, and we instruct our processors to delete the data they hold for you. Withdrawing consent in Settings takes effect immediately; we stop the corresponding collection or sharing right away. To make a formal written request, email privacy@kensora.io. We will confirm your request, may take reasonable steps to verify your identity, and will respond within 45 days of receipt (extendable once by 45 days, with notice, where the law allows). We will not discriminate against you for exercising these rights, and you may appeal a denied request by replying to our response; if an appeal is denied, we will tell you how to contact the Washington Attorney General.

9. Security

We maintain administrative, technical, and physical safeguards to protect the confidentiality, integrity, and accessibility of consumer health data, including the on-device-by-default architecture that keeps this data off our servers.

If we ever discover a breach affecting your identifiable health data, we will notify you, and any regulators as required (including the Federal Trade Commission under the Health Breach Notification Rule), without unreasonable delay and within the timeframes the law requires.

10. Geofencing

Kensora does not use a geofence around any health-care, mental-health, or reproductive-health facility to identify or track consumers, to collect consumer health data, or to send notifications, messages, or advertising based on a consumer's proximity to such a facility.

11. Changes

If we make material changes to this policy, we will update this page and the "last updated" date.

12. Contact

To ask about or exercise your consumer health data rights: privacy@kensora.io.

You can also reach us by mail at: Kensora LLC, 701 South St., Ste 100, Mountain Home, AR 72653.

Read the Privacy Policy → Terms of Use →