Back to Home

SPRINGTURN

Cookies

Effective Date: September 9, 2025

This Statement explains how cookies and similar technologies are used on Springturn websites and within Springturn apps.

Technologies We Use

Web cookies (essential, functional, analytics).
Local storage (preferences, session state).
SDKs & device identifiers in apps (for authentication, crash reporting, security, and—with consent—analytics).
Telemetry from Springturn Devices and Apps to maintain safety, quality, and performance.

Purposes

Essential. Security, authentication, session management, fraud prevention, crash/error logging, and device safety/quality telemetry. These are required.

Analytics (consented where required). Usage metrics to improve features and reliability.
Advertising. Springturn does not use health/medical data for third‑party targeted advertising. As a general rule, we minimize tracking and use analytics only as disclosed and consented.

Your Controls

Web: manage preferences through our cookie banner (Accept/Reject/Customize). We honor Global Privacy Control (GPC)/eligible universal opt‑out signals where required.
Apps: manage analytics/notifications/permissions in app settings and OS privacy controls (e.g., “Allow Apps to Request to Track” on iOS; “Opt out of Ads Personalization” on Android).
Withdraw consent at any time via settings; strictly necessary processing is unaffected.

Use the Services only for their intended purposes and in compliance with law and labeling. You may not:

(a) reverse engineer, decompile, or bypass security controls;

(b) use the Services contrary to labeling/IFU;

(d) interfere with security, availability, or device safety;

(e) use any automated scraping/crawling;

(f) collect or use data from the Services to develop, train, or improve AI/ML models without our prior written consent;

(g) remove or alter proprietary notices;

(h) use while driving or performing hazardous tasks.

Third Parties & International Transfers

We disclose processor categories (e.g., hosting, identity/auth, error logging, analytics, attribution) in the app/site or upon request. Vendor contracts restrict processing to our instructions. Some vendors are outside your country; appropriate transfer safeguards (e.g., SCCs/IDTA) apply.

Named vendors & SDKs (baseline set)

We currently use the same baseline vendor set as referenced for Napkin Note, adapted for Springturn’s medical context:

Supabase (backend hosting, authentication, secure storage). Purpose: core functionality, authentication, structured data storage. Data: identifiers, auth tokens; no ad/marketing purposes.

Google Analytics (GA4). Purpose: product analytics (consented where required), performance, crash/usage trends. Data: device/app identifiers, event telemetry (no health measurement values).
Mixpanel. Purpose: product analytics (consented where required), feature adoption. Data: pseudonymous event telemetry (no health measurement values).
Amplitude. Purpose: product analytics (consented where required); cohorting for product improvement. Data: pseudonymous event telemetry (no health measurement values).
Meta (Facebook/Instagram) Pixel — Web properties only (not inside the Springturn App). Purpose: brand/traffic attribution and ad effectiveness, never linked to in‑app health data. Data: cookie/online identifiers, referrers, page events.
Google Ads / Conversion Linker — Web properties only. Purpose: brand/traffic attribution and ad effectiveness, never linked to in‑app health data. Data: cookie identifiers, referrers, page events.
TikTok Pixel — Web properties only. Purpose: brand/traffic attribution and ad effectiveness, never linked to in‑app health data. Data: cookie identifiers, referrers, page events.

Important: Springturn segregates any health/medical measurement data from advertising/attribution systems. We do not use health/medical data for cross‑context behavioral advertising. Ad/attribution SDKs are not embedded in the clinical portions of the App.