Effective Date: March 25, 2026
Melde Inc. ("Melde," "we," "our," or "us"), an Ontario corporation (OCN: 1001514033), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal and health information when you use the Melde mobile application ("the App").
Key Points: We collect health data only with your explicit consent. Your data is encrypted in transit and at rest. We never sell your personal or health data. AI processing uses zero data retention — your prompts and responses are not stored by our AI provider. You can delete your account and all data at any time from Settings.
Account Information: When you create an account, we collect your name, email address, and password (stored as a secure hash).
Profile Information: During onboarding, you may provide your age, gender, fitness level, workout frequency preferences, and fitness goals. Optional metrics include VO2 max, FTP (Functional Threshold Power), maximum heart rate, and weight.
Health & Fitness Data: With your explicit consent, we collect data from connected wearable devices and fitness platforms. The specific data categories collected from each source are:
| Source | Data Collected |
|---|---|
| Garmin | Heart rate, HRV, sleep stages, workout GPS/HR/cadence, resting heart rate, stress level, Body Battery |
| Oura | HRV, sleep stages & duration, resting heart rate, readiness score, temperature deviation |
| Peloton | Workout type, duration, heart rate, power output, cadence, class metadata |
| Apple Health | Heart rate, HRV, sleep stages, workout data, resting heart rate (via on-device HealthKit integration) |
OAuth-as-Consent: When you connect a wearable device or fitness platform through OAuth authorization, this constitutes your informed consent for us to collect the data categories listed above from that source. You may revoke this consent at any time by disconnecting the device in Settings. Disconnecting a device stops future data collection from that source but does not delete previously collected data. To delete all data associated with a provider, use Settings → Manage Data Sources → Delete Provider Data. To delete all account data, use Settings → Delete Account & Data.
Device Connections: We use Terra to securely connect to your fitness devices and platforms (such as Garmin, Oura, and Peloton). Apple Health data is collected directly via the iOS HealthKit integration on your device. We access only the data categories listed above — we do not access location data, contacts, photos, or other unrelated device data. Additional wearable integrations (such as Strava and WHOOP) may be added in future updates; this policy will be updated accordingly.
Usage Data: We collect anonymized usage analytics such as feature usage frequency and error logs to improve app stability and performance. We do not track your location.
We use your health and profile data to:
Derived Data: We compute additional metrics from your raw data, including training impulse (TRIMP) scores, heart rate zone distributions, coaching signals (GREEN/YELLOW/RED recovery status), and trend analyses. These derived metrics are used solely for coaching purposes and are deleted when you delete your account.
Emergency & Safety Monitoring: The App includes a safety keyword detection system that identifies messages related to self-harm, eating disorders, or medical emergencies within the AI chat. When triggered, the App provides appropriate crisis resources and helpline information. Trigger events are logged server-side (category and timestamp only — no message content is stored) for safety monitoring purposes. If three or more safety events are detected within a 24-hour period, an internal safety alert is generated for review. No message content is shared with third parties as a result of safety keyword detection.
Melde uses artificial intelligence (Anthropic's Claude) to analyze your health data and generate personalized coaching advice. By using the App's AI coaching features, you explicitly consent to your health data being processed by Anthropic's Claude AI models for the purpose of generating personalized coaching recommendations. You may withdraw this consent at any time by disconnecting all devices and deleting your account from Settings. Consent withdrawal is processed immediately; previously processed data is not retroactively affected.
How AI Processing Works: Your health data (wellness metrics, workout history, and profile information) is sent to Anthropic's API in real-time when you request coaching guidance or interact with the AI coach. The AI analyzes this data in context with your training plan and returns personalized recommendations. Coaching recommendations are also informed by a curated library of peer-reviewed sports science research. Your profile information (sport preferences, goals, and demographics) is used to select relevant research context via OpenAI's embedding service; this query contains no raw health data, only profile category information.
Zero Data Retention (ZDR): All API requests to Anthropic include the anthropic-no-store header, which instructs Anthropic not to retain your prompts or AI responses for any purpose, including model training. Your data exists in Anthropic's systems only for the duration of the API call.
AI Limitations: AI-generated coaching may contain errors, may not account for all individual health factors, and should not replace professional medical advice. Specific limitations include: recommendations may not reflect very recent data if syncs are delayed; AI models may occasionally produce inconsistent advice across sessions; and the system relies on the accuracy of your connected device data. The App applies deterministic safety guardrails (heart rate limits, recovery checks, zone label verification) to all AI output, but these are not infallible.
AI-Generated Content: Coaching recommendations, training plans, and insights generated by AI are provided for your personal use. These outputs may not be unique and we do not guarantee copyright protection for AI-generated content.
AI-generated coaching advice is for informational purposes only and does not constitute medical advice. Always consult a healthcare professional before making significant changes to your exercise or health routine.
Storage: Your data is stored on Supabase (hosted on AWS) with servers located in the United States. All data is encrypted at rest using AES-256 encryption.
Transit: All data transmitted between your device and our servers uses TLS 1.2+ encryption.
On-Device: Authentication tokens are stored using your device's native secure storage (iOS Keychain via Capacitor Preferences). The most recent AI coaching guidance is cached locally on your device (via localStorage) to enable instant display on app launch; this cache is overwritten on each refresh and cleared on logout. No raw health data is stored locally on your device.
Access Control: Row-Level Security (RLS) policies ensure that you can only access your own data. Our backend services use isolated service credentials that are never exposed to client applications.
Breach Notification: In the event of a data breach affecting your personal information, we will notify affected users within 72 hours of becoming aware of the breach, as required by applicable law. Notification will be provided via email and in-app notification, and will include the nature of the breach, the data affected, and steps we are taking to address it.
We do not sell, rent, or trade your personal or health data to any third party.
We share data only with the following service providers, strictly for the purpose of operating the App:
Each provider is bound by their respective terms of service and data processing agreements. Your use of connected wearable platforms (Garmin, Oura, Peloton) is also subject to those platforms' own terms of service and privacy policies, which may be updated independently. We do not share your data with advertisers, data brokers, or any other third parties.
You have the following rights regarding your data:
We retain your data for as long as your account is active. If you delete your account, all personal and health data is permanently removed from our servers within 24 hours.
Inactive Accounts: If your account has been inactive (no login or data sync) for 24 consecutive months, we will send you an email notification at the address on file. If no action is taken within 30 days of notification, your account and all associated data will be permanently deleted.
Raw Event Data: Raw webhook payloads from wearable providers are stripped to metadata-only stubs after 48 hours. Event audit trails (type, provider, timestamps) are retained for 30 days, then permanently deleted.
AI Usage Logs: Records of AI coaching requests (timestamps, function type, and token usage — no message content) are retained for 90 days for cost monitoring and service quality purposes, then permanently deleted. Science knowledge retrieval analytics (which documents were matched to your profile) are retained for 30 days.
Coaching State: A multi-day coaching narrative state (recent coaching signal history and coaching arc context) is maintained to ensure coaching continuity across sessions. This state is associated with your account and deleted when you delete your account.
Anonymized, aggregated analytics data (which cannot be linked back to you) may be retained for service improvement.
Melde is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from minors. If we discover that anyone under 18 has provided us with personal information, we will delete it immediately. The App enforces an age gate during account creation.
You may report AI-generated content that you believe is inaccurate, harmful, inappropriate, or otherwise objectionable using the Report button available on any AI coaching message. Reports are categorized (inaccurate, harmful, inappropriate, other) and reviewed to improve coaching quality and safety. Report data is associated with your account for follow-up purposes.
If you are a California resident, you have the right to know what personal information we collect, request deletion of your data, and opt out of any data sales (we do not sell data). We do not use or share personal information for cross-context behavioral advertising. To exercise these rights, use the account deletion and data export features in Settings or contact us at the email below.
If you are in the European Economic Area, our legal basis for processing your data is your explicit consent (which you grant during onboarding when connecting devices and when using AI coaching features). You may withdraw consent at any time by disconnecting devices, disabling AI coaching in Settings, or deleting your account. Data transfers to the United States are covered by Standard Contractual Clauses through our service providers.
Melde Inc. is incorporated in Ontario, Canada and is subject to the Personal Information Protection and Electronic Documents Act (PIPEDA). If you are a Canadian resident:
Your data is stored on servers located in the United States. While PIPEDA does not require data to be stored in Canada, we ensure that all cross-border transfers are protected by contractual safeguards with our service providers that maintain a level of protection comparable to Canadian privacy law.
If you connect Apple HealthKit, we access heart rate, HRV, sleep, and workout data with your permission through the iOS HealthKit permission dialog. We do not use HealthKit data for advertising or share it with third parties beyond the service providers listed in Section 5. HealthKit data is not stored in iCloud. Apple Health data is processed on-device via our iOS HealthKit integration and synced directly to our servers — it does not pass through Terra or any other intermediary.
This Privacy Policy is governed by the laws of the Province of Ontario and the federal laws of Canada applicable therein.
We may update this Privacy Policy from time to time. We will notify you of material changes via in-app notification or email at least 14 days before changes take effect. The "Effective Date" at the top indicates the most recent revision.
If you have questions about this Privacy Policy or your data, contact us at:
Melde Inc.
Email: privacy@melde.ai