Privacy Policy

1) Who We Are & Scope

1440 provides an AI-powered coaching experience that syncs with your calendar and (optionally) other tools you connect to help design routines that align with your energy patterns and goals. This Policy covers personal information processed when you use the Services, visit our websites, or contact us.

This Policy does not cover:

• Third-party websites, apps, or services that are not under our control.
• Content or services provided by third parties you may access through links or integrations (e.g., Google). Their privacy policies govern those services.

2) Information We Collect

We only collect the information necessary to provide and improve the Services. We do not collect Apple Health data and we do not send personally identifiable information to AI providers.

A. Information You Provide

• Account & Profile: Name, email address, password (hashed), and any profile preferences you choose to set.
• Onboarding Responses: Your goals, habits, and preferences shared during the onboarding conversation with the AI Coach.
• Calendar Data (Optional): If you connect your Google Calendar, we access event metadata (e.g., event title, time, duration, busy status, calendar source) to help analyze your day and propose routines. You can disconnect at any time in your settings.
• Chat Interactions with AI Coach: Messages and inputs you provide in the in-app chat; we store these so the Coach can maintain context and personalize guidance.
• Support & Feedback: Information you include in support requests, feedback forms, or surveys.

B. Information Collected Automatically

• Device & App Info: Device model, OS version, app version, language, time zone.
• Usage & Diagnostics: Feature usage, session length, taps/clicks, crash logs, performance data.
• Website Analytics (if you visit our site): IP address (short-lived), browser type, pages visited, and cookies or similar technologies to run the site and measure performance.

C. Information from Integrations (Optional)

If you choose to connect third-party accounts (e.g., Google Calendar), we receive information necessary to provide the integration. We do not ingest Apple Health data. If you connect any wearable or wellness data source in the future, we'll present clear permissions and only use what's required to deliver features you enable.

Important: Integrations are optional. If you disconnect, new data will stop flowing from that integration. Previously synced data remains subject to your deletion choices (see Section 10: Data Retention & Deletion).

3) How We Use Information (Purposes)

We use information to:

• Provide and operate the Services (core functionality, account management, syncing calendar data, generating suggestions).
• Personalize your experience (tailored routines, reminders, and insights).
• Maintain continuity in the AI Coach chat so you don't have to repeat yourself.
• Improve the Services (debugging, research, analytics, product development).
• Communicate with you (service announcements, security alerts, support responses).
• Comply with legal obligations and enforce our terms, and protect the safety and integrity of the Services.

We do not use your information for advertising, and we do not sell your data.

4) AI & Automated Processing

1440 uses AI models to help interpret your inputs and generate coaching suggestions.

• No PI to AI Providers: We do not send personally identifiable information to AI providers. Inputs are pre-processed to remove or obfuscate direct identifiers to the extent technically feasible.
• Purpose: AI is used to generate suggestions and insights, not to make legally or similarly significant decisions about you.
• Human-in-the-loop (Design): While responses are automated, our product and engineering teams review aggregated/anonymized usage patterns to improve quality over time.
• Your Controls: You may delete your chat history by deleting your account (see Section 10).

5) Legal Bases (EEA/UK Only)

Where the GDPR/UK GDPR applies, we process your personal data under these legal bases:

• Contract: To provide the Services you request (e.g., syncing your calendar).
• Legitimate Interests: To secure and improve the Services, prevent fraud, and understand usage.
• Consent: For optional integrations or features where consent is required by law.
• Legal Obligation: To comply with applicable laws, regulations, and valid legal requests.

6) Cookies & Similar Technologies (Website)

We may use strictly necessary cookies (to operate the site), functional cookies (to remember preferences), and performance cookies (to measure site usage). You can adjust cookie settings in your browser. We do not use cookies for advertising.

7) How We Share Information

We share information only as needed to provide and operate the Services:

• Service Providers (Processors): Cloud hosting, database, analytics, logging/monitoring, error tracking, and (where applicable) anonymized AI processing. These providers are contractually bound to handle data only on our instructions and to apply appropriate security measures.
• Legal & Safety: We may disclose information if required by law, subpoena, or to protect rights, safety, or the integrity of the Services.
• Business Transfers: If we are involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction, subject to this Policy or a successor policy with equal or stronger protections.

We do not share data with advertisers and do not sell personal information.

8) International Data Transfers

We may store and process data in countries other than yours. Where required, we use appropriate safeguards for cross-border transfers, such as Standard Contractual Clauses (SCCs) for EEA/UK users. We take steps to ensure your information receives the same level of protection regardless of location.

9) Security

We use administrative, technical, and physical safeguards to protect your information, including:

• Encryption in transit (TLS) and at rest (where applicable).
• Access controls, role-based permissions, and audit logging for staff.
• Secure development practices and vulnerability management.
• Vendor security review and data processing agreements for service providers.

No method of transmission or storage is 100% secure. If we learn of a security incident that affects your information, we will notify you and regulators as required by law.

10) Data Retention & Deletion

We retain personal information only as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements.

• Delete on Account Deletion: When you delete your account, we will delete or anonymize your personal data from active systems.
• If you disconnect an integration (e.g., Google Calendar), new data stops syncing immediately. Existing synced data is removed upon account deletion.

11) Your Rights & Choices

Your rights vary by region. Subject to local law, you may:

• Access the personal information we hold about you.
• Correct inaccurate or incomplete information.
• Delete your personal information (e.g., by deleting your account).
• Portability: Request a copy of your data in a portable format.
• Restrict or Object to certain processing (where applicable).
• Withdraw Consent where processing is based on consent.

To exercise these rights, contact support@1440.ai. We may need to verify your identity before fulfilling your request. We will not discriminate against you for exercising your rights.

Do Not Track: Our websites do not currently respond to "Do Not Track" signals.

12) Children's Privacy

The Services are not intended for children under 13 (or the age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact support@1440.ai and we will take appropriate steps to delete it.

13) Google OAuth & Connected Accounts (Important)

If you connect Google Calendar, we request only the scopes necessary to read event metadata and show insights in the app. We do not modify or delete your calendar entries. You can revoke access at any time via:

• App settings (disconnect integration), and/or
• Your Google Account's security/permissions page.

We use the calendar data only to provide the features you enabled (e.g., energy-aligned scheduling suggestions).

14) Third-Party Content & Advertising

• No Third-Party Content Feeds: We do not embed or display third-party content feeds inside the app.
• No Ads / No Sale: We do not serve ads in the app. We do not sell or share your personal information for cross-context behavioral advertising.

15) Region-Specific Disclosures

A. European Economic Area (EEA), UK, and Switzerland

• Controller: 1440
• Legal Bases: See Section 5.
• Your Rights: Access, rectify, erase, restrict, object, and data portability. You may lodge a complaint with your local supervisory authority.

B. California (CCPA/CPRA)

We provide the following disclosures for California residents:

Categories of Personal Information Collected (in the last 12 months):

• Identifiers: name, email address, account ID.
• Internet/Usage Data: device info, app usage, diagnostics.
• Inferences: basic inferences we draw to personalize coaching (e.g., preferred times for tasks).
• Protected/sensitive categories: Not collected (we do not collect Apple Health data; we do not intentionally collect precise geolocation or sensitive identifiers).
• Commercial information: Not applicable (no ads; not paid).
• Audio/visual: Not applicable (unless you voluntarily send media to support, which we discourage).

• Sources: You, your devices, optional integrations you connect.
• Business Purposes: Provide and improve Services, security, debugging, internal research.
• Disclosure for Business Purposes: Service providers (hosting, analytics, error logging, anonymized AI processing).
• Sale/Share: We do not sell personal information and do not share it for cross-context behavioral advertising.
• Retention: See Section 10.
• Rights: Access/know, delete, correct, portability, opt-out of sale/share (not applicable here), and non-discrimination. Contact support@1440.ai to exercise rights. If you use an authorized agent, we may require proof of authorization and identity verification.

C. Virginia / Colorado / Connecticut / Utah and Similar US Laws

We do not sell personal data. We do not process personal data for targeted advertising. We honor applicable rights to access, correct, delete, and obtain a copy of your data. Contact support@1440.ai to exercise rights.

16) Data Minimization & Privacy by Design

We design systems to collect the least amount of personal data necessary for each feature. Optional integrations are opt-in, and you can disconnect them at any time. We regularly review our data flows and access controls.

17) Changes to This Policy

We may update this Policy from time to time. If changes are material, we will notify you via the app, email, or by posting an update on our website with a new "Last Updated" date. Your continued use of the Services after an update means you accept the revised Policy.

18) Contact Us

If you have questions, requests, or concerns about this Policy or your data, please contact:

1440
Email: support@1440.ai