Skip to content
Circadify Circadify Circadify

What We Collect

Transparency is core to our approach. This page is the complete inventory of every category of data Circadify processes — including which categories we don’t retain.

Per-Scan Data

Section titled “Per-Scan Data”
CategoryWhere it goes
Raw camera video / framesStay on the user’s device. Never uploaded.
Preprocessed RGB tensorUploaded to our inference engine over TLS. Processed and discarded after inference.
Vital sign resultsReturned in the API response. Not stored on our side.
Usage recordOne scan credit decremented from the developer’s monthly quota. This is the only artifact retained from a scan.

The usage record is a counter (e.g. “this developer used 1 scan at this timestamp”). It contains no health data, no session payload, and no identifiable user data — only the developer/key reference and a timestamp for billing and quota.

Vital Sign Result Schema (returned to your app)

Section titled “Vital Sign Result Schema (returned to your app)”

The result returned in the API response — these values are computed by our inference engine and handed back to your application. They are not stored on our side.

  • Heart rate — Beats per minute (BPM)
  • Respiratory rate — Breaths per minute
  • Heart rate variability (HRV) — Milliseconds (ms)
  • SpO2 — Blood oxygen saturation (%)
  • Blood pressure — Systolic and diastolic (mmHg)
  • Confidence score — 0–1 reliability indicator
  • Session ID — UUID identifying that scan request

Developer Account Data

Section titled “Developer Account Data”

What we do persist for accounts:

  • Email, name, company — Provided during developer signup
  • API key hashes — Keys are stored as one-way hashes; the full key is shown once at creation
  • Usage counters — Aggregate scan counts per key for billing and quota enforcement
  • Audit log entries — Account-administration events (key creation, login, etc.). No health data.

Technical Telemetry

Section titled “Technical Telemetry”

For debugging and compatibility:

  • SDK version — For compatibility tracking
  • Browser/device class — Hardware capability tier (used for processing optimization)

No persistent device identifiers, fingerprints, or precise location data are collected.

Custom Metadata

Section titled “Custom Metadata”

You can attach custom metadata to a scan request. This metadata is echoed back in the API response and is not retained server-side.

const result = await sdk.measureVitals({
  videoElement: myVideoEl,
  metadata: { userId: 'user_123', flowId: 'onboarding' },
});

Custom metadata is not indexed or used by Circadify for any purpose other than returning it in your API response.

What We Don’t Collect

Section titled “What We Don’t Collect”

Circadify does not collect, transmit, or store: raw camera frames, raw video, vital sign results (after returning them to you), the uploaded RGB tensor (after processing), biometric templates, persistent device identifiers, precise geolocation, or data from non-camera sensors.

See Data Minimization for more detail.

Next Steps

Section titled “Next Steps”
  • Retention — How long data is kept (spoiler: health data isn’t)
  • Deletion — How deletion works given nothing health-related is stored
  • Data Minimization — Our minimization approach