01 Data We Collect
COSI collects several types of data to personalize your ambient comfort environment. We only collect what is necessary to deliver the service.
๐ค
Account Data
- Email address
- Display name
- Account creation date
- Subscription status
๐
Physiological Data
- Skin temperature
- Electrodermal activity (EDA / stress)
- Heart rate variability (HRV)
- Motion and activity levels
๐ก๏ธ
Environmental Data
- Room temperature & humidity
- COโ levels
- Ambient light intensity
- Ambient sound levels (dB only โ no recordings)
๐ด
Sleep & Comfort
- Sleep duration and phases
- Sleep quality scores
- Comfort score history
- Personal comfort baseline
๐
Location Data
- Home/work zone detection (optional)
- Used only for automation triggers
- Never stored on our servers
- Processed on-device only
๐ท
Camera (Ambient Light)
- Brightness level analysis only
- No images stored or transmitted
- Processed locally on device
- Used to calibrate lighting comfort
๐ฌ
AI Chat Data
- Messages sent to COSI AI
- AI responses
- Chat history (last 50 messages)
- Used to improve personalization
๐ฑ
Device & Usage Data
- Connected smart devices
- App feature usage (anonymized)
- Automation schedules
- Zone configurations
02 Why We Collect It
Every piece of data we collect serves a specific purpose directly tied to improving your comfort experience.
- Personalize your environment in real time based on your physiological state
- Build and refine your personal comfort baseline over time
- Generate sleep quality insights and environment recommendations
- Enable the COSI AI to give context-aware, personalized responses
- Trigger smart automations based on your location and schedule
- Process payments securely and manage your subscription
- Improve the COSI platform using anonymized, aggregated data only
- Send you product updates and important account notices (with consent)
๐ We never sell your data. We never use your data for advertising. Your physiological data is never shared with third parties for any commercial purpose.
03 Camera & Ambient Light Detection
COSI optionally uses your device's camera to detect ambient light levels in your environment. This helps us calibrate your comfort score more accurately by understanding the lighting conditions around you โ not just what a sensor reports.
- The camera is used to measure brightness levels only โ no facial recognition, no image analysis
- No photos or video are ever captured, stored, or transmitted
- All camera processing happens locally on your device using a single-pixel brightness average
- Camera access is entirely optional โ you can disable it at any time in Settings
- If denied, COSI falls back to the Hub sensor for light data
You will be asked for camera permission explicitly during onboarding. You can revoke this permission at any time through your device settings without affecting other COSI features.
04 Location Data
COSI optionally uses your device's location to enable smart automations โ for example, starting your arrival routine when you get home, or switching to away mode when you leave.
- Location data is processed on-device and used only to trigger automations you have configured
- We do not store your GPS coordinates on our servers
- We do not track your location continuously or build a location history
- Location is only checked at zone entry/exit events โ not in the background otherwise
- Location access is entirely optional โ all COSI features work without it
You will be asked for location permission explicitly during onboarding. You can revoke this permission at any time without losing access to manual COSI features.
05 Audio & Sound Monitoring
COSI monitors ambient sound levels to understand your acoustic environment as part of your comfort score. Loud environments are associated with reduced comfort and sleep quality.
- We measure decibel (dB) levels only โ we do not record, store, or transmit audio
- No voice data, conversations, or identifiable sounds are ever captured
- Sound level processing happens entirely on your device
- The Hub sensor handles sound monitoring โ the microphone is not used by the app itself
- Audio monitoring can be disabled in Settings โ Environmental Tracking
06 Who We Share Your Data With
We work with a small number of trusted service providers to operate COSI. We share only what is necessary for each service to function.
- Google Firebase โ Backend infrastructure, database, authentication, and cloud functions. Your data is stored on Google Cloud servers in the United States.
- Anthropic โ Powers the COSI AI chatbot. Messages you send are processed by Anthropic's API to generate responses. Anthropic does not retain your messages for model training without explicit consent.
- Stripe โ Handles all payment processing. We share your email and subscription status only. No health or comfort data is ever shared with Stripe.
- Govee / Google Nest โ When you connect smart home devices, COSI sends commands to their APIs on your behalf. Only device control commands are sent โ no health or personal data.
We do not sell, rent, or share your personal data with advertisers, data brokers, or any third parties for marketing purposes โ ever.
07 Data Storage & Security
- All data is stored on Google Cloud infrastructure (Firebase) with encryption at rest and in transit using TLS 1.3
- Access to your data is controlled by Firebase Security Rules โ only you can access your own data
- API keys and secrets are stored using Google Secret Manager โ never hardcoded
- Your password is never stored โ Firebase Auth uses secure, salted hashing
- Camera and audio data never leave your device
- Location data is not stored on our servers
08 Your Rights
You have full control over your data. The following rights apply to all COSI users regardless of location.
๐๏ธ
Access
View all data associated with your account at any time through the app
โ๏ธ
Correct
Update or correct inaccurate personal information in your profile
๐๏ธ
Delete
Delete your account and all associated data permanently from Settings
๐ค
Export
Download your comfort data as CSV or PDF (Pro feature)
๐ซ
Opt Out
Disable analytics, notifications, and optional data collection at any time
๐
Withdraw Consent
Revoke camera, location, or audio permissions at any time without losing core features
To exercise any of these rights, go to Profile โ Account Settings or email us at hello@somacomfort.com.
09 Data Retention
- Your data is kept for as long as your account is active
- If you delete your account, all personal data is permanently deleted within 30 days
- Chat history older than 90 days is automatically purged (Free plan: 7 days)
- Anonymized, aggregated comfort data may be retained indefinitely for platform improvement
- Payment records are retained for 7 years as required by law
10 Children's Privacy
COSI is not designed for or directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has created a COSI account, please contact us at hello@somacomfort.com and we will delete the account promptly.
11 Changes to This Policy
We may update this Privacy Policy from time to time. When we make significant changes, we will notify you by email and through a notice in the COSI app at least 14 days before the changes take effect. Continued use of COSI after the effective date constitutes acceptance of the updated policy.
You can always find the current version of this policy at somacomfort.com/privacy.