1. Who we are and scope
1.1. This Privacy Policy explains how personal data is handled when you use DuoHuman LifeCopilot (the "Application"), the website https://trylifecopilot.app, and related services.
1.2. The data controller is DuoHuman LLC, registered address to be provided before public launch, jurisdiction to be provided before public launch. Privacy requests should be sent to privacy@duohuman.ai.
1.3. LifeCopilot is intended only for users aged 18 or older. If we learn that a person under 18 has used the Services, we will block the account and delete associated data where legally required.
Local-first by design
Raw GPS coordinates, raw audio, installed-app lists, advertising identifiers, direct device identifiers, physical addresses and names are not sent to our servers. Server-side processing is limited to the signals you permit.
2. Data we process
LifeCopilot works with the following categories of data, depending on features you enable and permissions you grant.
| Category | Examples | Default location | Server processing |
|---|---|---|---|
| Account and identifiers | Email hash, device hash, account status, consent records | Device and DuoHuman servers | Email is used for authentication when needed; release telemetry uses hashes rather than raw identifiers |
| Health and activity aggregates | Daily steps, sleep summaries, average heart rate, HRV, energy and stress ratings | Device | Only aggregated metrics are sent if you enable sync or AI features |
| Location context | Named places such as home, work or gym, dwell time and transitions | Device | No precise GPS coordinates are sent; only named-place aggregates may be synced with consent |
| App-usage context | Aggregated time by app category | Device | Raw installed-app lists and raw app names are not sent |
| Tasks, goals and notes | Plans, habits, goals, check-ins and text notes | Device | PII is scrubbed before upload where server processing is enabled |
| AI-chat history | Messages you send to the AI coach and generated summaries | Device and DuoHuman servers if enabled | Processed with server-side PII scrubbing for memory and personalized insights |
| Technical logs | API request metadata, crash reports, diagnostic events | DuoHuman servers and processors | Used for security, debugging and reliability |
3. Data that is not sent to DuoHuman servers
- Precise GPS coordinates (latitude and longitude)
- Raw voice recordings or audio files
- Raw installed-app lists
- Advertising identifiers such as IDFA or GAID
- Direct device identifiers; only hashes are used
- Names, surnames and physical addresses before de-identification or removal
- Data for sale, advertising targeting or marketing transfer
No sale and no advertising use
We do not sell personal data, do not share it for cross-context behavioral advertising, and do not use it for advertising profiles.
4. Permissions and prominent disclosures
4.1. LifeCopilot asks for sensitive permissions only after explaining what will be collected, why it is needed, and how to turn it off.
- Background location: used to infer named places and daily context; precise coordinates remain local.
- Usage stats: used to calculate time by app category; installed-app lists are not sent to the server.
- Health Connect / Apple Health / wearables: used for energy, recovery and activity insights; only aggregates may be synced.
- Microphone: used for voice notes; raw audio is processed on device and is not uploaded.
- Calendar: used for planning context; event contents are de-identified before any permitted server processing.
5. Legal bases for processing
Where GDPR, UK GDPR or similar laws apply, we rely on the following legal bases:
- Consent (Art. 6(1)(a)) for optional signals, sync, cookies beyond strictly necessary categories and AI features you enable.
- Explicit consent (Art. 9(2)(a)) for health-related and other special-category data.
- Performance of a contract (Art. 6(1)(b)) to provide the Application, account access, subscriptions and support.
- Legitimate interests (Art. 6(1)(f)) to secure the Services, prevent abuse, debug errors and improve reliability.
- Legal obligation (Art. 6(1)(c)) for accounting, tax and compliance records.
6. Purposes of processing
- Calculate your Energy Score and explain the signals behind it
- Build realistic day plans, reminders and recovery suggestions
- Provide optional AI-coach chat, long-term memory and personalized insights
- Sync permitted data across your devices through an end-to-end encrypted channel
- Maintain consent records, account security, export and deletion workflows
- Debug crashes, protect against abuse and meet legal obligations
Not medical advice
LifeCopilot is not a medical device and does not provide diagnosis, treatment or medical advice. Insights are informational and should not replace professional advice.
8. Data retention
| Data category | Retention period |
|---|---|
| Raw events, mood, activity and planning history | While your account is active, because long-term history improves personal insights; you can delete it at any time |
| AI insights, summaries and long-term memory | While your account is active, until you delete the memory or account |
| Email hash and device hash | For the lifetime of the account |
| Technical API logs and crash diagnostics | Up to 90 days unless needed for security investigation |
| AI call logs | Up to 365 days for debugging, abuse prevention and cost control |
| Magic-link tokens | Expired or used tokens are deleted within 7 days |
| Billing and accounting records | Up to 7 years where required by tax and accounting law |
| After account deletion | Cascade deletion is initiated through /api/v1/gdpr/delete; backups and logs are purged within the applicable technical window |
9. Your privacy rights
Depending on your location, you may have the right to access, correct, delete, export, restrict or object to processing of your data, withdraw consent, and lodge a complaint with a supervisory authority.
You can manage many rights directly in the Application through consent controls, export and delete-account features. You may also contact privacy@duohuman.ai. We aim to respond within 30 days unless a shorter or longer period is required by law.
10. California privacy rights (CCPA / CPRA)
California residents may request to know, access, delete, correct and receive personal information, and may opt out of sale or sharing.
Do Not Sell or Share
DuoHuman does not sell personal information and does not share it for cross-context behavioral advertising. We will not discriminate against you for exercising privacy rights.
11. Children and age limit
LifeCopilot is for adults aged 18 and older. The Services are not directed to children, and we do not knowingly process children's data. If you believe a minor has used the Services, contact privacy@duohuman.ai.
13. Changes to this policy
Material changes will be published at https://trylifecopilot.app/en/privacy-policy with an updated effective date. Where required, we will request renewed consent before processing data under materially changed terms.
14. Controller details and representatives
- Data controller: DuoHuman LLC
- Registered address: registered address to be provided before public launch
- Privacy contact: privacy@duohuman.ai
- Support contact: support@duohuman.ai
- Data Protection Officer: to be appointed before EU launch
- EU representative: to be appointed before EU launch
- UK representative: to be appointed before UK launch
- RU representative / localization decision: representation and localization decision to be completed before RU launch