OruOruBack to Home

Privacy Policy

Effective date: January 15, 2026
Last updated: January 15, 2026

This Privacy Policy explains how Oru Inc. (“Oru,” “we,” “us”) collects, uses, and shares information when you use the Oru mobile application and related services (the “Service”).

If you have questions, contact us at support@oru.is.

1. Information we collect

1.1 Information you provide

Account information. When you create or use an account, we collect information such as your email address, name (if provided), authentication method (email/password, Sign in with Apple, or Google), timezone and preferences (for example, week start day and temperature unit), and identifiers associated with third-party sign-in (such as Apple user ID or Google user ID). Passwords are stored as a cryptographic hash.

Your content. The Service is designed to store information you choose to record, including:

  • Journal entries and related metadata (for example, tags).
  • Tasks, subtasks, task logs, and notes.
  • Goals and goal-related inputs you provide.
  • Chat messages you send in the app.
  • Media you attach (for example, photos, audio, or video). Media is stored as files, and we store references (“media keys”) that point to those files.

Support and security communications. If you contact us (for example, for support) or request account changes (for example, changing your email), we collect the information you provide and may send you service emails such as verification codes or security notifications.

1.2 Information collected from your device (with your permission)

Depending on the features you enable and the permissions you grant on your device, we collect:

Health data (Apple Health / HealthKit). The app may read and sync certain health and activity data, such as step count, heart rate variability (HRV, SDNN), sleep analysis (duration and related breakdown), and workout summaries. We do not write data to Apple Health.

Calendar data (iOS Calendar / EventKit). If you grant calendar access, the app syncs limited calendar information such as event title, start/end time, duration, all-day status, and certain status fields (for example, availability/response status). The app is designed to avoid syncing fields like event notes, attachments, locations, URLs, and attendee details.

Location (iOS Location Services). If you grant location access, the app may use your approximate location (city-level accuracy) to fetch weather. We generally store weather details (such as condition and temperature) rather than precise latitude/longitude.

1.3 Information created by the Service (derived data)

The Service generates additional data to provide features such as search, insights, and summaries, including:

  • Sentiment scores, emotion labels, and other inferred signals derived from your content.
  • Summaries (for example, daily or weekly narratives) and insight cards.
  • “Memory” items and conversation summaries created for continuity across features.
  • Numerical embeddings/vectors created from text to support semantic search and retrieval.

1.4 Log and usage data

When you use the Service, we (and our hosting providers) may automatically receive technical data such as IP address, timestamps, request identifiers, and device/browser characteristics. We use this information to operate, secure, and debug the Service.

2. How we use information

We use information to:

  • Provide and maintain the Service (authentication, syncing, storage, and core functionality).
  • Personalize features such as timelines, summaries, and settings.
  • Provide AI-assisted features (such as suggestions, analysis, semantic search, and chat) when enabled.
  • Communicate with you about the Service (including security notifications and support).
  • Protect the Service and our users (fraud prevention, abuse detection, and incident response).
  • Improve the Service (troubleshooting, testing, and feature development).
  • Comply with legal obligations and enforce our terms.

We do not use your HealthKit data for advertising.

3. AI processing

Some features of the Service use automated processing, including third-party AI services, to generate outputs like suggestions, summaries, classifications, and embeddings. When AI features are enabled, we may send selected content (for example, journal text, task notes, chat messages, or summarized diary signals) to AI providers for processing.

For example, if you enable real-time journaling guidance, the text you are actively writing may be transmitted to our servers (and to AI providers, if enabled) in order to generate an in-the-moment suggestion.

You can disable AI processing for certain features in the app’s settings. If you disable AI processing, we stop sending new content for those features to AI providers, but previously created outputs (for example, stored summaries) may remain in your account unless you delete them.

AI outputs can be inaccurate and may reflect inferences. Do not rely on AI outputs for medical, legal, financial, or other professional advice.

4. How we share information

We share information only as needed to provide and protect the Service, including:

Service providers. We use service providers to host and operate the Service (for example, cloud hosting, databases, object storage for media, email delivery, and background job processing).

Examples of service providers include Amazon Web Services (AWS) for hosting, storage, email delivery, and background job infrastructure.

AI providers. If AI features are enabled, we share selected content with AI providers to generate the requested outputs. An example AI provider is OpenAI.

Authentication providers. If you use Sign in with Apple or Google sign-in, we receive information from those providers and use it to authenticate you.

Legal and safety. We may disclose information if we believe it is reasonably necessary to comply with law, respond to lawful requests, protect rights and safety, or prevent fraud/abuse.

Business transfers. If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred as part of that transaction.

We do not sell your personal information, and we do not share your personal information for cross-context behavioral advertising.

5. Data retention

We retain information for as long as you keep an account, unless we need to retain it longer for legitimate purposes such as security, dispute resolution, or legal compliance.

Account deletion. You can delete your account in the app. When you delete your account, we delete your information from our active databases and storage systems, subject to limited retention in backups and logs that are maintained for operational and security purposes.

6. Your choices and rights

You can:

  • Access and update certain account details in the app.
  • Manage device permissions (Health, Calendar, Location) in iOS settings.
  • Control AI processing for certain features in the app’s settings.
  • Delete content (for example, journal entries) and delete your account in the app.
  • Request support or data export by contacting support@oru.is.

Depending on where you live, you may have additional rights regarding your personal information (for example, access, correction, deletion, or portability). Contact us at support@oru.is to make a request.

7. Security

We use reasonable administrative, technical, and physical safeguards designed to protect your information. No method of transmission or storage is completely secure.

8. International transfers

We and our service providers may store and process information in the United States and other countries. Those locations may have data protection laws that differ from the laws of your jurisdiction.

9. Children’s privacy

The Service is not intended for children under 13, and we do not knowingly collect personal information from children under 13.

10. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice (for example, in the app). The “Last updated” date above reflects the most recent revision.

11. Contact us

Oru Inc. Email: support@oru.is