Download OXIA
Privacy Policy

Privacy Policy

Effective date: February 19, 2026

This Privacy Policy explains how OXIA (“we”, “us”, “our”) collects, uses, stores, and protects your personal information when you use the OXIA breathing app (the “App”). By using the App, you agree to the practices described below.

1. Who We Are

OXIA is a breathing and wellness application developed by Epner Solutions OÜ (“Data Controller”). Our website is oxiabreathe.eu. For privacy inquiries: info@oxiabreathe.eu.

2. What Data We Collect

We collect only the data necessary to provide and improve the App’s features:

  • Account Information
    Your email address, collected when you create an account. Used for authentication, account recovery, and essential communication.
  • Breathing Session Data
    Exercise type, duration, breath count, repetitions, hold duration, and date/time of each session. Used to display your history and progress.
  • Mood & Emotion Data
    Optional pre- and post-session emotional check-ins (valence, arousal scores, and optional notes). Stored securely and used only inside the App for your tracking features.
  • Achievements & Streaks
    Streaks, earned badges, and daily activity records. Used to power consistency and progress features.
  • Notification Preferences
    Your chosen notification schedule (days and times). Stored to send breathing reminders you have configured.
  • App Preferences
    Certain preferences (e.g., audio settings) stored locally on your device and not uploaded unless a feature explicitly requires syncing.
  • Analytics & Diagnostics
    We use Firebase Analytics to understand app usage and improve stability. We do not send your name or email to Firebase. Firebase may collect device/app identifiers and technical data (e.g., device model, OS version, app events, crash logs) to provide these services.

3. How We Use Your Data

  • To create and manage your account and authenticate access
  • To display your session history, progress charts, and wellness insights
  • To calculate and display streaks, achievements, and consistency metrics
  • To send reminders at times you have chosen
  • To generate personalised PDF reports from your session data
  • To improve App performance and fix bugs using analytics/diagnostics
  • To respond to your support requests and feedback

We do not sell your data. We do not use your health or mood data for advertising.

4. How We Store & Protect Your Data

All personal and session data is stored on Supabase, a secure cloud database hosted in the European Union. We apply:

  • Row Level Security (RLS): Every table enforces strict rules — you can only access your own data.
  • Encrypted connections: All data uses HTTPS/TLS encryption in transit.
  • Secure Edge Functions: Sensitive operations (like account deletion) run server-side with authenticated tokens.
  • Field protection: Controls to prevent client-side tampering of sensitive fields.
  • No sensitive logging: We do not log your email, user ID, or health data to any analytics service.

5. Third-Party Services

We use the following trusted third-party services (“processors”):

  • Supabase
    Database, authentication, and Edge Functions provider. Data stored in EU-based data centres. Privacy Policy →
  • Firebase (Google)
    Anonymous or pseudonymous analytics (Firebase Analytics). We do not send your email or profile data to Firebase. Privacy Policy →

Some providers may process data outside the EEA. Where applicable, we rely on appropriate safeguards (such as Standard Contractual Clauses) to protect personal data.

6. Your Rights

You have the following rights regarding your personal data:

  • Access: View all your session history and data within the App.
  • Correction: Update your display name and profile information in the Profile page.
  • Deletion: Permanently delete your account and all data via Profile → Delete Account.
  • Reset: Reset your stats while keeping your account via Profile → Reset Stats.
  • Portability: Export your session history as a PDF via the Progress page.
  • Withdraw consent: Disable emotion tracking at any time in your profile settings.

For any other request, email: info@oxiabreathe.eu.

7. Children’s Privacy

The App is not intended for children. We do not knowingly collect personal information from children. If you believe a child has provided us with data, please contact us and we will delete it promptly.

8. Data Retention

We retain data while your account is active. If you delete your account, we delete associated personal and session data within 30 days, except where retention is required for legal reasons (e.g., billing/accounting). Backups may persist for a limited time but are not used for active processing. Anonymous Firebase analytics follow Google’s retention policies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of this page. For significant changes, we will notify you through the App or via email.

10. Contact Us

If you have any questions or requests related to this Privacy Policy:

Epner Solutions OÜ
Email: info@oxiabreathe.eu
Website: oxiabreathe.eu