Privacy Policy
Raxha — Personal Safety Guardian
Last Updated: July 8, 2026
Our core principle: Privacy by design. We collect only the minimum data necessary to keep you safe. Your microphone is used only to listen for signs of danger, and that listening happens in real time on your device. During an emergency (when monitoring detects an elevated threat), a short audio clip may be securely sent to our speech- and AI language-processing providers to better understand spoken calls for help — this is off by default and you can turn it on in Settings; with it off, all audio analysis stays on your device; see the Audio section below. We do not store audio or the words you speak. Sensor data is processed on your device; the resulting health and location data are stored encrypted in our secure cloud — hosted by trusted third-party infrastructure providers — and used only to protect you and your family. You choose who can see your live location: share it with your family group in real time, or keep it private and share it only during an emergency. Either way, the moment an SOS is triggered your location is shared instantly so people can reach you.
1. Who We Are
The Raxha personal safety application and associated services are provided by Raxha, Inc., a Delaware corporation ("Raxha", "we", "our", "us"), with offices at 550 Moreland Way, Apt 4116, Santa Clara, CA 95054, United States. Raxha, Inc. is the data controller responsible for your personal information described in this policy. This privacy policy explains how we collect, use, and protect your information when you use the Raxha app.
2. Data We Collect
- Health & Biometric Data — Health data (such as heart rate, heart rate variability, and a derived stress level) collected during active safety monitoring, stored in our cloud database. Your live health stats (such as your current heart rate and stress level) are private by default — they are shared with your family group only if you turn on live health-stats sharing, and you can turn it off again at any time. Your full vitals history (for example, your heart-rate timeline over time) is likewise private by default and shared only if you separately turn on history sharing. During an active SOS, your live health stats are shared with your family regardless of these settings so they can help you. We retain your health data to provide the service, including your personalized safety baseline, and you can delete it at any time (see Data Retention and Your Rights).
- Audio — When safety monitoring is active, your microphone is used to listen for signs of distress (such as a call for help or a scream). By default, audio is analyzed in real time entirely on your device using on-device models — we do not record, transcribe, retain, upload, or share it, and we do not store the words you speak. Only the resulting safety signal (for example, "possible call for help detected") is acted upon. Cloud voice detection during emergencies (off by default — you choose whether to enable it): if you turn it on, then when safety monitoring detects an elevated threat, a short audio clip (a few seconds) is analyzed on your own paired iPhone using Apple's on-device intelligence (no third party receives it for this step), and may in parallel be securely transmitted to our speech-processing providers to transcribe what is said; the resulting transcript may then be analyzed by an AI language-processing provider to assess whether it indicates danger or a call for help. This happens only during elevated-threat moments; the audio and any resulting transcript are processed transiently to produce a danger signal and are not stored by us or these providers. This feature is off until you enable it, and you can turn it off again at any time in the Privacy tab to keep all audio analysis on your device.
- Safety Telemetry — To verify that protective features work reliably, we record event metadata about the safety system itself — for example, when monitoring turned the microphone on or off and why, whether an SOS countdown was shown and cancelled, and quality metrics of danger analysis (scores, timings, and outcomes). This telemetry never contains audio, transcripts, or the words you speak, and is stored in our cloud database tied to your account.
- Location — Your live location is collected continuously while monitoring is active — including when the app is in the background. You control who can see it. In the default mode, members of your family group can see your live location in real time. If you choose "share location only during an emergency," your live location is hidden from your family group and is revealed to them only while an SOS is active; the moment the emergency ends, it becomes private again. Regardless of this setting, during an SOS your latest location is always sent automatically to your emergency contacts and family so they can reach you. We also store the routes of trips you record. Location data is stored in our cloud database to provide the service. Choosing emergency-only sharing is a visibility control — it hides your live location from your family group except during an SOS; it does not delete data. We retain your data while your account is active and you can delete it at any time (see Data Retention and Your Rights).
- Account Data — Phone number or sign-in credentials for authentication, an optional profile photo you choose to help family recognize you during emergencies, and a record of which version of our Terms of Service you accepted and when, all stored in our cloud database.
- Emergency Contacts — Name and phone number of contacts you designate. We do not access or upload your full contact list.
- App Improvement Data — Diagnostic logs and usage information tied to your account, used to improve app performance and fix bugs. Logs are compressed and uploaded to our secure cloud storage; because they describe the app's operation, they can include operational details such as sensor readings and approximate location coordinates recorded at the time. Email addresses and phone numbers in log content are redacted before transmission, and diagnostic logs are automatically deleted after 30 days.
3. Data We Do NOT Collect
- We do not keep recordings of your audio and we do not store the words you speak — audio is analyzed transiently and discarded. (The one exception is described in the Audio section above: during an elevated-threat moment a few seconds of speech may be securely sent to our speech- and AI language-processing providers for transcription and danger analysis, then discarded. This happens only if you have enabled cloud voice detection, which is off by default and can be turned on or off in the Privacy tab.)
- We do not sell your personal data
- We do not share data with advertisers or use advertising identifiers
- We do not scan or upload your full contact list
4. How We Use Your Data
- Safety monitoring: Detect emergencies and maintain session history
- Live location sharing: Share your live location with your family group — continuously, or only during an emergency, as you choose
- SOS alerts: Automatically send your latest location and alert details to your trusted contacts in real time during an emergency
- Family safety: Share your monitoring status with your family group, plus — if you opt in — your live health stats (such as heart rate and stress level) and your live location, based on your sharing choices
- Authentication: Verify your identity to secure your account
- App improvement: Improve app performance and reliability
5. Data Sharing
We share your data only in these limited circumstances:
- Trusted contacts: Your safety status is shared with the contacts you designate; during an SOS your latest location is sent to them automatically in real time. You choose who these contacts are and can change them at any time
- Family members: Your monitoring status is shared within your family group. Your live health stats (such as heart rate and stress level) and your full vitals history are each private by default and shared only if you explicitly opt in to that specific sharing; your live location is shared based on your separate location choice. You control who is in this group and what you share with them — live health stats, vitals history, and whether your live location is visible outside of an emergency — and you can change any of these or leave the group at any time. During an active SOS, your live health stats and location are always shared with your family so they can help, regardless of these settings
- Service providers: We use trusted third-party infrastructure providers for authentication, data storage, app improvement, and speech and AI language processing during elevated-threat moments (off by default; you can turn it on in the Privacy tab). These providers act as our processors under data-processing agreements that require them to safeguard your data and to process it only on our instructions.
- Legal requirements: We may disclose data when required by applicable law, court order, or subpoena
We do not sell your personal data. We do not share data with advertisers.
6. Data Storage & Security
- On-device data: Certain data remains on your device and is protected by built-in device encryption.
- Cloud data: Account information, Terms of Service acceptance records, optional profile photos, emergency contacts, family groups, health data, location data, trip routes, safety events, safety telemetry, compressed diagnostic log archives, and push notification tokens are stored in our cloud database and storage, which are hosted by trusted third-party infrastructure providers, with encryption at rest and in transit.
7. Data Retention
- Health data, location data, trip routes, and safety events: Retained as long as your account is active. Deleted upon account deletion.
- Privacy settings control sharing, not deletion: Your privacy choices (emergency-only location, vitals-history sharing) control who can see your data — they do not delete it. We retain your data while your account is active to provide the service and your personalized safety baseline, and we do not automatically erase it. You can delete your data at any time (see Your Rights).
- Account data: Retained as long as your account is active. Deleted upon account deletion.
- Diagnostic logs: Retained for up to 30 days, then automatically deleted.
8. Your Rights
You have the right to:
- Access your data — view what we store about you
- Delete your account and all associated data — open About → Delete Account in the app. Deletion is permanent and erases your profile, monitoring history, location, family group membership, and emergency contacts from our cloud database.
- Revoke permissions — disable health data, location, microphone, or contacts access at any time in your device settings
- Opt out of app improvement data collection — contact us to disable this for your account
- Export your data — request a copy of your stored data
9. Children's Privacy
Raxha is intended for adults. The Service is not directed to, and may not be used by, anyone under 18. You must be at least 18 years old to create or use a Raxha account. We do not knowingly collect personal information from anyone under 18. If we become aware that we have collected personal information from a person under 18, we will delete it promptly. If you believe a minor has provided us with personal information, please contact us at privacy@raxha.app. We do not show advertising and do not sell personal information for any user.
(Support for parent-managed accounts for minors, with verifiable parental consent, is planned for a future release and is not offered at this time.)
10. Third-Party Services
Raxha uses trusted third-party providers for authentication, data storage, app improvement, and speech and AI language processing during elevated-threat moments. These providers act as our processors under data-processing agreements that require them to protect your data and process it in accordance with applicable privacy regulations.
Our current sub-processors are:
- Supabase — secure cloud hosting, database, and edge computing for your account, health, and location data.
- ElevenLabs — speech-to-text transcription of a short audio clip during an elevated-threat moment (transient; audio not retained).
- Sarvam AI — speech-to-text transcription for Indian languages during an elevated-threat moment (transient; audio not retained).
- Anthropic — AI analysis of the resulting transcript text to assess whether it indicates danger or a call for help (transient; transcript not retained).
The transcription and AI-analysis providers are used only when cloud voice detection is enabled (off by default; you can turn it on in the Privacy tab) and only during elevated-threat moments.
11. Changes to This Policy
We may update this privacy policy from time to time. We will notify you of material changes by updating the "Last Updated" date at the top of this page. Continued use of Raxha after changes constitutes acceptance of the updated policy.
12. Contact Us
If you have questions about this privacy policy or your data, contact us at: