what the room sees.

Ambielo is a small object on a nightstand that watches your chest from across the room, and an app that turns what it sees into a calm story of your night. To do that, it records some things. This page is what it records, where it lives, and how to make it stop.

what we collect

• Breath rate — breaths per minute, sampled a couple of times a second by the sensor.
• Heart rate — when the radar can read it cleanly.
• Presence — whether a person is in the sensor's field, and a derived sleep stage.
• Timestamps — when each sample was taken.
• A device identifier — a short name in the sensor's firmware (e.g. cesar-bedroom-01); you name your own when you pair it.
• Your morning check-in — an optional one-tap slider (how the night felt) and, if you choose, a couple of spoken or typed words. See your voice below.
• Your schedule and rituals — bedtime, wake time, and the wind-down / morning steps you set. These stay on your phone.

We do not record video. The radar measures distance and motion, not images. We do not track which apps you open or what you read or browse.

your voice

The morning check-in lets you leave a few words about the night. If you speak them, the audio is transcribed on your device — by Apple's on-device speech recognition — and the audio is discarded the moment the transcript is ready. We never upload the recording, and only the text is saved, and only when you tap save. You can always type instead, or skip it entirely.

apple health

Reading from Apple Health is off by default and only turns on if you flip the switch in Privacy. When on, Ambielo reads your heart rate, heart-rate variability, respiratory rate, and sleep from Apple Health (for example, from an Apple Watch) so it can compare the watch against the sensor and tune its accuracy. That health data is stored the same way the sensor's is — on our own relay, never with a third party — and is used only to make the measurement better. It is never used for advertising, never sold, and never shared.

Writing Ambielo's data back into Apple Health is a separate switch, also off by default. Health data is never stored in iCloud. Ambielo is a wellness tool, not a medical device, and nothing here is diagnosis.

the permissions we ask for, and why

• Bluetooth — only while pairing, to hand the sensor your Wi-Fi so it can come online.
• Location — only to pre-fill your Wi-Fi network name at pairing (iOS treats the network name as location-sensitive). Nothing about your location is stored or sent.
• Microphone & speech recognition — only for the optional voice note, transcribed on-device as above.
• Notifications — only for the gentle wake and the optional bedtime reminder, scheduled locally on your phone.
• Apple Health — only if you opt in, as above.
• Focus / app shielding — if you set up a wind-down that quiets distracting apps, you pick those apps yourself in Apple's system picker. Your selection stays on your device and is opaque to us — we never see or store which apps you chose.

where it lives

• On a relay we run — a small server on Fly.io. Each sample, and your check-ins, are appended to a file partitioned by your account. It is a relay, not an analytics vendor.
• On your phone — your schedule, rituals, app-shield selection, and session history stay in local storage and never leave unless you export them.
• Who you are vs. what your breath was — your sign-in (email, passkey, or Sign in with Apple) is handled by Clerk, an identity provider. Clerk knows who you are; Clerk never sees your breath, your heart, or your nights. That boundary is deliberate and non-negotiable.
• Nowhere else. No third-party analytics. No tracking pixels or SDKs. No advertising network. No data brokers. No cross-app tracking, so iOS never has to ask you about it.

how long we keep it

Indefinitely, until you delete it. We are building a real product and the early nights teach us how to build it. If that's not comfortable, the delete button works in one tap.

your rights — exercise them anytime

• Export — Settings → Privacy → Export my data. You get a file with every sample tied to your account.
• Delete — Settings → Profile → Delete account. Your nights, your check-ins, and every account tied to you are removed from the room and from our server. Your sign-in is revoked. Nothing is recoverable after this.

Under GDPR Articles 15 and 17, and under California's CCPA / CPRA, you have the right to access and delete this data. The two controls above are how you exercise it — no email required.

what we don't yet have

Ambielo is early. Some things a mature product has — formal data-processing agreements, a third-party privacy audit, a published security review — we do not have yet. We will, before we ship to anyone we don't know personally. Until then, the honest thing to say is: read the code, and trust the founder.

what changes when we ship

When Ambielo starts taking paid orders, this page becomes a full privacy policy with named processors, retention windows, jurisdictional detail, and a designated data-protection contact. Right now, the founder is the contact.

contact

Cesar Lopez, the founder, is reachable directly at cesar@ambielo.com. The relay's source lives in the same repository as this page; you can read every line of what we collect and what we do with it.

Last updated 3 June 2026. Effective from this date. The mission is to restore the ritual of falling asleep — including the part where you feel safe in your own bedroom.