Privacy Policy

Effective date: June 14, 2026  ·  Version: 1.2  ·  Controller: Icemint LLC

What Tawen Does and Doesn't Do With Your Data — In One Page

Category What happens Does it leave your device?
Sleep, heart rate, HRV, resting heart rate, skin temperature, body temperature, blood oxygen saturation (SpO₂), steps, exercise (read from Android Health Connect on your device) Used by the App on your device to compute your readiness score No — never
Readiness score, pillar sub-scores, AI-generated narratives Stored in the App's local database on your device. Stored on-device only; your history view is limited to the last 7 days (free tier) or last 90 days (Pro tier); you can delete all on-device data at any time in Settings → Privacy → Delete all data No — never
Hourly input snapshots (the Health Connect metrics each score is computed from) Derived working data stored in the App's local database on your device; never raw Health Connect records No — never
Weekly report (Pro) Generated on your device each week from your local data and stored in the App's local database. Preserved across the on-device cleanup so your historical narrative is not lost if you switch tiers No — never
Optional day tags you add on the Dashboard ("Tag today") Stored in the App's local database on your device No — never
App crashes and errors Sent to Firebase Crashlytics: stack traces, device model, OS version, App version, timestamp — no health data Yes, to Google LLC
Anonymous usage events (only if you turn analytics on; off by default) Sent to Firebase Analytics — no health data, no numeric scores, no advertising ID Yes, to Google LLC
Device-integrity attestation Firebase App Check / Play Integrity — no health data Yes, to Google LLC
Tawen Pro purchase token Issued by Google Play after a Tawen Pro purchase Stays local; the Company receives only an anonymized order identifier

The headline: Your health data never leaves your device. The Company does not receive, store, transmit, sell, or share it. The only data that reaches the Company or its service providers is anonymous diagnostic and usage information that contains no health values of any kind.

Washington State residents: A separate Consumer Health Data Privacy Policy applies specifically to consumer health data covered by the Washington My Health My Data Act. See https://tawen.app/health-privacy for that policy.

1. Who We Are; Scope

Icemint LLC (the "Company," "we," "us," or "our") is a limited liability company organized under the laws of the State of Wyoming, United States, with its principal place of business at 30 N Gould St, Ste R, Sheridan, WY 82801. The Company operates the Tawen Android application (the "App") and the website at tawen.app (the "Website" and, together with the App, the "Services").

For privacy questions or to exercise the rights described in this Policy, contact us at [email protected].

Geographic scope. The Services are offered only to users located in the United States and Canada. The App is geo-restricted at the Google Play Store level to limit distribution to the United States and Canada. The Website is offered only in English with United States Dollar pricing, is hosted from United States infrastructure, and is not localized for or marketed to users in any other jurisdiction. The Services are not offered to, marketed to, or directed at users in the European Economic Area, United Kingdom, Switzerland, or any other jurisdiction.


2. Our Privacy-by-Architecture Approach

Tawen is designed so that the wellness data used to compute your readiness score never leaves your device. This is not a marketing claim — it is enforced by the App's architecture:

Because of this architecture, the Company does not receive, collect, store, process, sell, or share your health-related data. References below to "we collect" or "we process" apply only to the limited categories of non-health telemetry described in Section 3.


3. The Non-Health Data We Do Receive

3.1 Firebase Crashlytics (crash diagnostics)

When the App encounters an unexpected failure, we receive an automatic crash report containing:

No health data is included. The App's architecture prevents any score, pillar value, or Health Connect record from being attached to a crash report.

Default: Crash diagnostics are enabled by default when you accept the Terms of Service at first launch. You can turn them off at any time.

Retention: Google retains crash reports for 90 days.

Purpose: To diagnose and fix bugs that affect the App's reliability.

Opt-out: Settings → Privacy → Diagnostic data.

3.2 Firebase Analytics (anonymous usage events)

If you turn on usage analytics, we use Firebase Analytics to understand how users interact with the App in aggregate. Usage analytics are OFF by default; no usage events are collected unless you explicitly turn them on. Our Analytics implementation is constrained by code to allow only string event names and a whitelist of string/boolean parameters. Examples of events: onboarding_complete, score_viewed, pillar_drill_down, paywall_view, purchase.

Purpose: To understand which features users find and use, to improve product decisions.

Opt-in / management: Settings → Privacy → Usage analytics. This is independent of Crashlytics.

3.3 Firebase App Check / Play Integrity (anti-abuse)

We use Firebase App Check with the Play Integrity backend to confirm that requests come from a genuine, unmodified Tawen installation on a Play-certified Android device. This involves an attestation token derived from device-integrity signals; the underlying signals are not shared with the Company. App Check tokens are retained by Google for replay protection in accordance with Google's published Firebase retention policy.

Purpose: To prevent abuse of our backend (such as token forgery or automated abuse).

3.4 Google Play Billing

When you purchase Tawen Pro, payment is processed entirely by Google LLC through Google Play. The Company receives only:

The Company does not receive or store your name, card number, billing address, or any payment information.

Purpose: To grant and verify your Tawen Pro license.

3.5 Website (tawen.app)

The Website is a static page hosted via Cloudflare. We do not run analytics or tracking on the Website. We do not load fonts or other resources from third-party servers. Cloudflare may set the short-lived __cf_bm cookie for bot management; see our Cookie Policy at https://tawen.app/cookies.

If the Website includes a "Notify me at launch" or similar contact link, your default email client opens with our address pre-populated when you tap it. If you send us an email, we receive your email address and message content; we use this solely to respond to your enquiry. You can request deletion at any time at [email protected].


4. Automated Processing and AI Disclosure

Tawen computes a daily readiness score from data on your device. This is automated processing, but the score does not produce legal effects or similarly significant effects on you. It is a wellness estimate that you can view, contextualize, and ignore at any time. You can always view the pillar breakdown to understand how the score was derived.

AI-generated content disclosure. The daily insight narrative — the one-paragraph "why" behind your score — is AI-generated. It is regenerated on your device as your readiness score updates through the day. On supported devices it is produced by Google's on-device Gemini Nano via the ML Kit GenAI Prompt API, running locally on your device; where on-device AI is unavailable, the App produces a rule-based explanation instead. Your prompts and the resulting text never reach the Company's servers or Google's cloud. AI-generated content is clearly labelled as such in the App. AI outputs may contain errors and do not constitute medical advice. See Section 2 of the Terms of Service.

Weekly reports (Pro) are a weekly synthesis of your week, drawn from the same on-device data. They are currently produced by an on-device rule-based summary (not AI-generated) and are clearly presented as such in the App.

For California users: The Company does not use Tawen's readiness score, narratives, weekly reports, or any other Tawen output to make any decision about you (including any decision relating to employment, housing, credit, insurance, healthcare, education, or essential goods or services). All scores and outputs are informational only; you alone decide whether and how to act on them.


5. Data Retention

Data Where it lives How long
On-device readiness scores and AI narratives (free tier) Your device Stored on-device only. History view limited to the last 7 days. You can delete all on-device data at any time via Settings → Privacy → Delete all data. Nothing is uploaded
On-device readiness scores and AI narratives (Pro tier) Your device Stored on-device only. History view limited to the last 90 days. If you downgrade from Pro to free, a 30-day grace period applies before the view narrows to 7 days. You can delete all on-device data at any time. Nothing is uploaded
On-device hourly input snapshots Your device Short-lived working cache on your device. Deletable at any time via Settings → Privacy → Delete all data
Optional day tags ("Tag today") Your device Stored on-device until you delete them via Settings → Privacy → Delete all data
On-device weekly reports (Pro) Your device Not purged. Preserved so your historical narrative is not lost if you switch tiers. Approximately 52 rows per year. You can delete them by tapping Settings → Privacy → Delete all data
Firebase Crashlytics data Google servers 90 days (Google retention)
Firebase Analytics data Google servers 2 months (configured by the Company)
Firebase App Check tokens Google servers Per Google's published Firebase retention policy
Launch-notification emails Our email account Until you request deletion or 12 months after launch, whichever is sooner
Tawen Pro purchase tokens Locally cached While the license is active

6. Your Privacy Rights — By Region

You may exercise the rights below by contacting [email protected]. We will acknowledge your request within 10 business days and respond substantively within 45 days (extendable once by an additional 45 days for complex requests, with notice to you). We will not discriminate against you for exercising your rights. You may also designate an authorized agent to submit a request on your behalf — we will verify the agent's authority and may require verification of your identity.

Because most of the data described in this Policy is on your device, not on our servers, the most powerful rights you have are device-side: revoke Health Connect permissions in Android Settings, and tap Settings → Privacy → Delete all data in the Tawen App.

6.1 All users

Regardless of where you live, you may:

6.2 California residents (CCPA, as amended by the CPRA)

If you are a California resident, you have the following rights:

Right What it means here
Right to know Confirm what personal information the Company collects, the categories of sources, the purposes, the categories of third parties with whom we share, and (if applicable) the categories we sell or share for cross-context behavioral advertising
Right to access Receive a copy of personal information we have collected about you
Right to delete Request deletion of personal information we have collected from you, subject to exceptions in Cal. Civ. Code § 1798.105(d)
Right to correct Request correction of inaccurate personal information
Right to opt out of sale/sharing We do not sell or share personal information for cross-context behavioral advertising. There is nothing to opt out of.
Right to limit use of Sensitive Personal Information We do not collect Sensitive Personal Information for purposes beyond those permitted under Cal. Civ. Code § 1798.121(a)(2). There is nothing to limit.
Right against discrimination We will not deny services, charge different prices, or provide a different level of quality because you exercised a CCPA right

Categories of personal information we collect (CCPA Notice at Collection):

Category (Cal. Civ. Code § 1798.140(v)) Examples we collect Source Purpose Recipients
Identifiers Firebase Installation ID, Firebase App Instance ID Device Crash diagnostics; product analytics Google LLC (Firebase)
Internet/network activity App-screen names, anonymous event names Device Product analytics Google LLC (Firebase)
Commercial information Tawen Pro purchase token, anonymized order ID Google Play License verification Google LLC (Play Billing)
Geolocation (country only, derived from IP) Country code Network request Aggregate analytics Google LLC (Firebase)
Inferences None drawn by the Company on its servers. Analytics events are descriptive (e.g., "screen viewed"), not inferential, and contain no health, demographic, or psychographic profile data. N/A N/A N/A

We do not collect on our servers: precise geolocation, biometric identifiers, government IDs, social security numbers, financial account numbers, account credentials, contents of mail/email/SMS, race, ethnicity, religious beliefs, union membership, genetic data, sexual orientation, or any data that would constitute "Sensitive Personal Information" as defined in Cal. Civ. Code § 1798.140(ae). The readiness score and pillar values derived from Health Connect data — which would qualify as Sensitive Personal Information if collected by us — are processed and stored entirely on your device and are never transmitted to or received by the Company. See Section 2.

Retention: See Section 5.

Authorized agent. A California resident may use an authorized agent. The agent must provide written authorization signed by you and may be required to verify their own identity.

6.3 Washington residents (My Health My Data Act)

Washington's My Health My Data Act, RCW 19.373 et seq., regulates "consumer health data."

In summary, applicable to all Washington residents: the Company does not receive, transmit to its servers, or store on its infrastructure any consumer health data as defined under RCW 19.373.010. All health-derived values — your readiness score, pillar sub-scores, and AI narratives — are computed and stored entirely on your device, under your sole control, and can be deleted by you at any time via Settings → Privacy → Delete all data. None is transmitted to or stored by the Company. You may withdraw consent at any time by revoking Health Connect permissions in Android Settings.

For the full Washington-specific disclosure, including the affirmative non-sale and non-geofencing statements required by RCW 19.373.040 and .060, see the Consumer Health Data Privacy Policy at https://tawen.app/health-privacy (also linked directly from the tawen.app homepage).

6.4 Nevada residents (Nev. Rev. Stat. Chapter 603A; SB 370)

Nevada law regulates the collection, sharing, and sale of "consumer health data." For the same architectural reason described in Section 6.3 — your on-device readiness score and pillar values are never received by the Company's servers — the Company does not receive, transmit to its servers, or store on its infrastructure any consumer health data within the meaning of Nevada law. You may exercise the rights listed in Section 6.1 with respect to any non-health data the Company may hold.

Nevada law also gives Nevada residents the right to opt out of the sale of certain "covered information" as defined in NRS 603A.340. We do not sell your covered information. To submit a verified request to that effect, contact [email protected].

6.5 Connecticut residents (CTDPA, as amended)

Connecticut residents have the rights to access, correct, delete, port, and opt out of the sale/targeted advertising of personal data, plus heightened protections for "consumer health data." For the same architectural reason described in Section 6.3, the Company does not receive, transmit to its servers, or store on its infrastructure any consumer health data as defined under Conn. Gen. Stat. § 42-515(8). You may exercise the rights in Section 6.1 against any non-health personal data the Company may hold about you.

Appeal. If we deny your privacy request, you may appeal by replying to our response within 60 days. If your appeal is denied, you may submit a complaint to the Connecticut Attorney General via portal.ct.gov/AG.

6.6 Other U.S. state privacy laws

Residents of any U.S. state with a comprehensive consumer privacy or consumer health data law — including without limitation Colorado, Virginia, Utah, Texas, Oregon, Montana, Tennessee, Indiana, Iowa, Delaware, New Hampshire, New Jersey, Minnesota, Maryland, Rhode Island, and Kentucky — have rights of access, correction, deletion, portability, and opt-out of sale and targeted advertising. To the extent your state's law confers additional or different rights (including without limitation Maryland's Online Data Privacy Act effective October 1, 2025, which prohibits the sale of sensitive personal data and imposes heightened minimization duties), the Company will honor those rights as required by applicable law. We extend the substantive rights described in this Section 6 to you regardless of which U.S. state's law applies. To exercise them, contact [email protected].

We do not engage in targeted advertising. We do not sell personal data. We do not engage in profiling that produces legal or similarly significant effects.

6.7 Canadian residents (PIPEDA and provincial law)

Canadian residents are protected by the federal Personal Information Protection and Electronic Documents Act (PIPEDA) and, in Quebec, the Act Respecting the Protection of Personal Information in the Private Sector (Quebec Privacy Act, as amended by Law 25), and in Alberta and British Columbia by their respective Personal Information Protection Acts.

Canadian residents may:

To exercise these rights, contact [email protected]. For Canadian residents, the Company will respond to access, correction, and withdrawal-of-consent requests within 30 days of receipt, consistent with PIPEDA's general timeline (this is shorter than the 45-day response window described in the introduction to this Section 6, which applies to U.S. residents).


7. International Data Transfers

The Company is established in the United States. The non-health telemetry described in Section 3 is processed by Google LLC and Cloudflare, Inc., also in the United States.

For Canadian users, the transfer of this telemetry to the United States is permitted under PIPEDA and Quebec Law 25 provided that the recipient provides a comparable level of protection. Google LLC and Cloudflare, Inc. each maintain technical and organizational safeguards consistent with PIPEDA and Quebec Law 25 standards through their respective data processing agreements.

The Services are not offered to users in the European Economic Area, United Kingdom, or Switzerland; the Company therefore does not engage in transfers from those jurisdictions.


8. Security

Breach notification.

In the event of a personal data breach affecting the limited non-health telemetry described in Section 3:

Breach scope on your device. Because your wellness data lives on your device, a breach of the Company's servers cannot expose your wellness data. A loss of physical access to your device, however, would expose any data stored locally. Protect your device with a screen lock and keep your OS up to date.


9. Children and Federal Children's-Privacy Overlay

Minimum age. The Services are not directed to children under the age of 13 in the United States or Canada. You must be at least 16 years old to use the Services. The App presents a neutral age statement during onboarding; we do not encourage users to misstate their age.

COPPA (Children's Online Privacy Protection Act, 15 U.S.C. §§ 6501–6506, and the FTC Rule at 16 C.F.R. Part 312, including the amendments finalized April 22, 2025 and enforceable April 22, 2026). COPPA applies to operators of online services directed to children under 13 or with actual knowledge that they are collecting personal information from a child under 13. The Services are not directed to children under 13 — they are positioned, marketed, designed, and rated for adults — and we do not knowingly collect personal information from anyone under 16. We do not collect biometric identifiers, government-issued IDs, precise geolocation, or any of the data categories added to "personal information" by the 2026 COPPA amendments. We do not engage in targeted advertising or third-party data sharing that would require separate opt-in consent under the 2026 amendments.

If we become aware that we have collected personal information from a child under 16 (or under 13 in the United States) without the legally required parental or guardian consent, we will delete it promptly. Parents and guardians with concerns may contact [email protected].

Other federal sectoral regimes. The Services do not collect or process: financial-account information or "nonpublic personal information" about consumers of a financial institution (GLBA / Reg P); education records held by a school or service provider for a school (FERPA); video-viewing records (VPPA); carrier customer proprietary network information (CPNI); DMV records (DPPA); or SMS/calls covered by the TCPA. Where any of these regimes would otherwise overlay our processing, they do not apply because the Services do not engage in the regulated activity.


10. Third-Party Processors

The following third parties process the limited non-health telemetry described in Section 3 as our processors or service providers:

Processor Processing Location Basis
Google LLC (Firebase Analytics, Crashlytics, App Check, Remote Config) Anonymous usage events, crash data, device integrity attestation United States Firebase Service Terms and Data Processing and Security Terms
Google LLC (Google Play Billing) Tawen Pro entitlement verification United States Google Play Developer Distribution Agreement
Google LLC (ML Kit GenAI Prompt API / on-device Gemini Nano) The App invokes Google's on-device generative AI library to produce the daily insight narrative. Inference runs entirely on your device. No prompt, input, or output is transmitted to Google or to the Company. Google's role is limited to providing the on-device library and the model weights that ship with Android On your device ML Kit Terms of Service and Google APIs Terms of Service
Cloudflare, Inc. (Website CDN and security) IP addresses and request logs for DoS protection and performance United States Cloudflare Subscription Agreement

We do not sell personal information to any third party. We do not share consumer health data with third parties for marketing, advertising, insurance, or any other purpose — there is nothing to share, because consumer health data stays on your device.


11. Changes to This Policy

We will notify you of material changes to this Policy via the App or (if available) email at least 30 days before the changes take effect. The date of the most recent update appears at the top of this page. A copy of the previous version is available at https://tawen.app/privacy/previous.

Version history:


12. Contact

Privacy enquiries and rights requests: [email protected]

Icemint LLC 30 N Gould St, Ste R, Sheridan, WY 82801 United States

Supervisory authorities (selected):



This Privacy Policy is effective June 14, 2026 (v1.2).