Circadify

What We Collect

A complete inventory of data Circadify processes, stores, and discards.

Transparency is core to our approach. This page is the complete inventory of every category of data Circadify processes — including which categories we don't retain.

Per-Scan Data

CategoryWhere it goes
Raw camera video / framesStay on the user's device. Never uploaded.
Measurement payloadUploaded securely for processing and discarded after processing.
Vital sign resultsReturned in the API response. Not stored on our side.
Usage recordOne scan credit decremented from the developer's monthly quota. This is the only artifact retained from a scan.

The usage record is a counter (e.g. "this developer used 1 scan at this timestamp"). It contains no health data, no session payload, and no identifiable user data — only the developer/key reference and a timestamp for billing and quota.

Note

Vital sign results are returned to your application and never stored on Circadify's side. If you need to retain a user's results, persist them in your own application database.

Vital Sign Result Schema (returned to your app)

The result returned in the API response is computed by Circadify and handed back to your application. It is not stored on our side.

  • Heart rate — Beats per minute (BPM)
  • Respiratory rate — Breaths per minute
  • Heart rate variability (HRV) — Milliseconds (ms)
  • SpO2 — Blood oxygen output (%) when enabled
  • Blood pressure — Systolic and diastolic trend output (mmHg) when enabled
  • Confidence score — 0–1 reliability indicator
  • Session ID — UUID identifying that scan request

Developer Account Data

What we do persist for accounts:

  • Email, name, company — Provided during developer signup
  • API key hashes — Keys are stored as one-way hashes; the full key is shown once at creation
  • Usage counters — Aggregate scan counts per key for billing and quota enforcement
  • Audit log entries — Account-administration events (key creation, login, etc.). No health data.

Technical Telemetry

For debugging and compatibility:

  • SDK version — For compatibility tracking
  • Browser/device class — Hardware capability tier (used for processing optimization)

No persistent device identifiers, fingerprints, or precise location data are collected.

What We Don't Collect

Circadify does not collect, transmit, or store: raw camera frames, raw video, vital sign results after returning them to you, measurement payloads after processing, biometric templates, persistent device identifiers, precise geolocation, or data from non-camera sensors.

See Data Minimization for more detail.

Next Steps

  • Retention — How long data is kept (spoiler: health data isn't)
  • Deletion — How deletion works given nothing health-related is stored
  • Data Minimization — Our minimization approach