← Back to home

Privacy Policy

Effective: September 26, 2025

Quick summary

  • We collect your account info (email, password hash) and, only with your permission, your Oura data (e.g., daily sleep, readiness, activity).
  • We use it to show you your data and generate insights. We don’t sell your data.
  • You can disconnect Oura at any time and request deletion of your account & data.
  • We use trusted processors (e.g., hosting and OpenAI for AI text generation).

What we collect

Account data: email, password hash, signup/login timestamps.

Oura data (only after you connect): daily summaries (e.g., sleep, activity, readiness), and any other categories you authorize. We store OAuth tokens to sync your data.

Technical data: basic logs like IP address, user-agent, and error logs for security and debugging.

How we use your data

  • Provide and maintain the service (authentication, dashboards, syncing your Oura data).
  • Generate summaries and suggestions (AI-assisted text based on your recent data).
  • Security, debugging, and to prevent abuse.
  • Communicate with you about important updates or support.

Not medical advice: Any insights are informational only and not a substitute for professional medical advice.

Sharing & processors

We don’t sell your personal information. We share data with service providers who help us run dotal.fit:

  • Hosting & database (to operate the app and store your data).
  • OpenAI (to turn your recent metrics into text insights). We aim to send only the minimum necessary context (e.g., 7-day summaries), not raw second-by-second data.

We may disclose information if required by law or to protect rights, safety, and security.

Your choices & rights

  • Disconnect Oura: You can revoke access in your Oura account’s connected apps, or by contacting us. Once disconnected, we can’t fetch new data.
  • Delete your data: Email support@dotal.fit with the subject “Delete my account” from your account email. We’ll delete account data and Oura data we’ve stored.
  • Export: Email us to request a machine-readable export (CSV/JSON) of your stored data.
  • Access/Correct: Contact us to access or update your information.

If you’re in a region with specific privacy laws (e.g., EU/EEA, UK, CA), you may have additional rights. We honor valid requests consistent with applicable law.

Data retention

We keep your data while your account is active. If you request deletion or your account remains inactive for an extended period, we delete or anonymize data within a reasonable time, subject to legal requirements. Server logs are typically kept for up to 30–90 days.

Security

We use reasonable technical and organizational measures (HTTPS, hashed passwords, least-privilege database access). No method is 100% secure; please use a strong, unique password.

International transfers

We are US-based. Your data may be processed in the United States and other countries where our service providers operate.

Children

dotal.fit is not intended for children under 16. If you believe a child provided us data, contact us and we’ll delete it.

Changes to this policy

We may update this policy from time to time. We’ll post the new date at the top and, if changes are material, we’ll provide additional notice.

Contact

Email: support@dotal.fit

Oura is a trademark of Oura Health Oy. dotal.fit is independent and not affiliated with Oura.