Privacy PolicyEffective date: 2025-01-01
Company: TSM-AI sp. z o.o. (“3Sense”)
Email: privacy@3sense.ai
Address:
Your privacy is important to us. This Privacy Policy explains how we collect, use and protect your personal data when you use the 3Sense application, website and related services (“Services”).
1. Data Controller
The Data Controller is:
TSM-AI sp. z o.o. - Holder of a brand 3Sense
Email: privacy@3sense.ai
2. Types of Data We Collect
3Sense collects data necessary to deliver personalised health insights. Depending on your usage, this may include:
2.1. Account Data
- Name
- Email address
- Password (hashed and salted)
- Country / language preferences
2.2. Health & Lifestyle Data(collected only with your explicit consent)
- Wearable data (HR, HRV, sleep, steps, SpO₂, activity metrics)
- Lab results (blood tests, biomarkers, diagnostics)
- Self-reported data (symptoms, mood, habits, goals)
- Nutrition, sleep and training logs
- Environmental data (air quality, temperature, location-based averages)*
* Location data is anonymized and never stored as precise coordinates.
2.3. Device & Technical Data
- Device type, operating system, app version
- IP address (anonymized)
- Log files for crash reports
- Cookies and analytics data
2.4. Payment Data
- For paid plans, payments are processed by certified third parties (Stripe, Paddle, etc.).
- 3Sense does not store credit card numbers.
3. How We Use Your Data
Your data is processed in order to deliver and improve the Service. This includes:
3.1. To Provide the Core Service
- Syncing data from wearables, labs and connected apps
- Generating personalised insights, scores and recommendations
-Displaying trends, correlations and health analytics
3.2. To Improve the Product
- Training statistical and machine-learning models
- Quality assurance and service optimisation
- Debugging and prevention of technical issues
- Data used for this purpose is aggregated or pseudonymized.
3.3. CommunicationAccount notifications
- Feature updates
-Support messages
3.4. Legal ComplianceGDPR compliance
- Security obligations
- Fraud prevention
4. Legal Basis for Processing (GDPR)
We process your data based on:
- Art. 6(1)(b) – providing the service to you
- Art. 6(1)(c) – compliance with legal obligations
- Art. 6(1)(f) – legitimate interest (security, analytics)
- Art. 9(2)(a) – your explicit consent for processing health data
You may withdraw consent anytime via app settings or by contacting us.
5. Data Sharing & Third Parties
We only share data when necessary to provide the Service:
5.1. Service Providers (Processors)
- Cloud hosting providers (e.g., Google Cloud)
-Analytics tools
-Email delivery systems
-Payment processors
All providers comply with GDPR and have data-processing agreements (DPA) in place.
5.2. Third-Party Integrations (Optional)
- If you link your account to:Apple Health, Google Fit
- Garmin, Fitbit, Oura
-Lab providers
-Nutrition or sleep apps
You authorize us to import data solely to improve analytics within 3Sense.
We never sell personal or health data.
6. Data Retention
Account data is stored as long as your account remains active
Health data is stored until you remove it or delete your account
Backups may remain for up to 30–90 days
Aggregated, anonymized data may be retained for product development
You can request full data deletion at any time.
7. Your Rights Under GDPR
You have the right to:
- Access your data
- Correct inaccurate data
- Delete your data (“right to be forgotten”)
- Restrict processing
- Object to processing
- Withdraw consent
-Export your data (data portability)
To exercise these rights, contact: privacy@3sense.ai
8. Data Security
3Sense uses industry-standard safeguards:
- Encryption in transit (TLS 1.2+)
- Encryption at rest (AES-256)
- Zero-trust access controls
-Regular pen tests and audits
-Pseudonymization where possible
Despite safeguards, no system is 100% secure. Users share data at their discretion.
9. Children’s Privacy
3Sense is not intended for children under 18.
We do not knowingly collect personal data from minors.
10. International Data Transfers
If data is transferred outside the EEA, it is protected using:Standard Contractual Clauses (SCC)
GDPR-compliant DPAs
Additional security measures
11. Cookies & Analytics
We use cookies for:Authentication
Traffic analytics
User experience optimization
You may disable cookies, but some features may stop working.
12. Changes to the Policy
We may update this Privacy Policy from time to time.
Changes take effect when posted on this page.
We will notify users of significant updates.
13. Contact
If you have questions about this Privacy Policy or your data:
Email: privacy@3sense.ai
Company: TSM-AI sp. z o.o.
Brand: 3Sense
