Best Self App – Privacy Policy

Privacy Policy

Last Updated: May 6, 2026
Effective Date: May 6, 2026

This Privacy Policy (“Policy”) describes how Peak Leadership LLC (“Peak Leadership,” “we,” “us,” or “our”) collects, uses, shares, and protects information in connection with the Unbounded – Best Self mobile application (the “App”) and any related services (collectively, the “Services”).

By downloading, accessing, or using the App, you agree to this Policy. If you do not agree, please do not use the App.

1. Information We Collect

Information you provide directly

  • Account information: name, email address, password, and profile photograph.
  • Content you submit through the App: responses to assessments and questions, meditation logs, journal entries, and similar inputs.
  • Communications you send to us, including support requests and feedback.

Information collected automatically

  • Device information: device model, operating system and version, language, and time zone.
  • Usage information: screens viewed, features used, session duration, in-app actions, and crash or performance data.
  • Network information: IP address (used for security, abuse prevention, and standard server logging — not used to derive your location) and mobile carrier.
  • Standard server log data.

Health and fitness information (optional)

If you enable the Apple Health integration on iOS (or, in a forthcoming release, the Google Health Connect integration on Android), the App reads and writes meditation, exercise, and sleep data through the relevant Health Platform. This integration is off by default, can be toggled on or off at any time in your device settings, and is described in detail in Section 12.

Information we do not collect

  • Precise (GPS) location data, or approximate location derived from your IP address or any other source.
  • Persistent device identifiers (such as Android Advertising ID, Firebase Installation IDs used as cross-app trackers, or similar).
  • Contact lists, calendar entries, or photo library contents (other than a photo you choose to upload).
  • Microphone or camera input, except when you explicitly use a feature that requires them.
  • Advertising identifiers (IDFA / AAID) for advertising purposes.

2. How We Use Information

We use the information we collect to:

  • Provide, operate, and maintain the App, including account creation and authentication.
  • Generate insight reports, summaries, and personalized content based on your inputs.
  • Improve and develop the App, including troubleshooting, analytics, and feature development.
  • Communicate with you about your account, product updates, and support requests.
  • Detect, prevent, and respond to fraud, abuse, security incidents, or technical issues.
  • Comply with legal obligations and enforce our terms.

We do not use your personal information for advertising. The App does not display third-party advertising. We do not sell or share your personal information with advertisers, ad networks, or data brokers, and we do not engage in cross-context behavioral advertising.

3. Legal Bases for Processing (EU/UK/Swiss Users)

If you are in the European Economic Area, the United Kingdom, or Switzerland, we process your personal data on the following legal bases:

  • Performance of a contract — to provide the App and Services you request.
  • Legitimate interests — to operate, secure, and improve the App, where those interests are not overridden by your rights.
  • Consent — for any optional data uses where consent is required (for example, participation in research). You may withdraw consent at any time.
  • Legal obligation — to comply with applicable law.

4. How We Share Information

Service providers. We share information with vendors that help us operate the App, including cloud hosting, database, authentication, analytics, error monitoring, customer support, and email delivery providers. Service providers are contractually required to use information only for the services they provide to us and to safeguard it appropriately.

Research partners. Where you consent (or where consent is otherwise required by law), we may share pseudonymized data with academic and scientific research partners for studies on wellbeing, meditation, and human performance. Research partners are contractually obligated to (i) use the data only for the agreed research purpose, (ii) not attempt to re-identify you, and (iii) maintain appropriate security safeguards.

Legal, safety, and compliance. We may disclose information when we believe in good faith that it is necessary to comply with law or valid legal process (such as a subpoena or court order); to enforce our terms; to protect the rights, property, or safety of Peak Leadership, our users, or others; or to investigate fraud, security, or abuse.

Business transfers. If Peak Leadership is involved in a merger, acquisition, financing, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such transfer and of any choices you may have.

Aggregated or de-identified data. We may use and share aggregated or de-identified information that cannot reasonably be used to identify you for any lawful purpose.

We do not sell your personal information.

5. Data Retention

We retain your personal information for as long as your account is active and as needed to provide the Services. When you delete your account, we delete or de-identify your personal information from our active systems within 30 days, except where we are required to retain it for legal, accounting, security, or fraud-prevention purposes. Backup copies are purged on our standard backup rotation cycle.

6. Your Choices and Rights

Account deletion. You can delete your account at any time directly within the App. Open the Profile screen and tap Delete Account. Deleting your account permanently removes your profile, responses, and associated content from our active systems within 30 days, subject to the retention exceptions in Section 5. You may also request deletion by emailing help@peakleadershipinstitute.com.

Access and correction. You can review and update your profile information directly in the App. For other access or correction requests, contact us at help@peakleadershipinstitute.com.

Communications. You can opt out of non-essential email by using the unsubscribe link in those emails. You can disable push notifications in your device settings. We will still send essential service messages (account, security, or legal notices).

EU/UK/Swiss residents. Subject to applicable law, you have the right to (i) access your personal data, (ii) correct inaccurate data, (iii) request deletion, (iv) restrict or object to processing, (v) request data portability, and (vi) lodge a complaint with your local data protection authority. To exercise these rights, contact us at help@peakleadershipinstitute.com.

US state residents. See Section 11 for state-specific rights and how to exercise them.

7. International Data Transfers

Peak Leadership LLC is based in the United States, and our servers and service providers are primarily located in the United States. If you access the App from outside the United States, your information will be transferred to, processed, and stored in the United States, which may have data protection laws different from those in your country.

For transfers from the EEA, UK, or Switzerland, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses or other valid transfer mechanisms.

8. Security

We implement reasonable administrative, technical, and physical safeguards designed to protect your information, including encryption in transit, access controls, and regular security reviews. No system is completely secure, and we cannot guarantee absolute security.

You are responsible for maintaining the confidentiality of your account password and for activity under your account. If you believe your account has been compromised, contact us immediately at help@peakleadershipinstitute.com.

9. Children’s Privacy

The App is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If we learn we have collected personal information from a child under 13, we will delete it. A parent or guardian may contact us at help@peakleadershipinstitute.com.

We do not knowingly sell or share personal information of users under 16 in California or other jurisdictions with similar protections.

10. Third-Party Links and Services

The App may contain links to third-party websites or services. This Policy does not apply to those services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you use.

11. US State Privacy Rights

If you are a resident of California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, or another US state with a comprehensive privacy law, you may have the following rights, subject to applicable law:

  • Right to know / access the categories and specific pieces of personal information we have collected, the sources, the purposes, and the categories of recipients.
  • Right to correct inaccurate personal information.
  • Right to delete personal information we have collected from you.
  • Right to data portability — receive a copy of your data in a usable format.
  • Right to opt out of the sale or sharing of personal information, of targeted advertising, and of profiling that produces legal or similarly significant effects. We do not engage in any of these activities.
  • Right to limit use of sensitive personal information. We do not use sensitive personal information for purposes that require an opt-out under California law.
  • Right to non-discrimination for exercising your rights.

Categories of personal information collected (CCPA/CPRA). Identifiers; customer records information; internet or electronic network activity; general (non-precise) geolocation; audio/visual information (profile photos); and inferences drawn from the above. Sources and purposes are described in Sections 1 and 2. We have not sold or shared personal information in the preceding 12 months.

How to exercise your rights. Email help@peakleadershipinstitute.com and identify the right you wish to exercise. We will verify your identity using information already associated with your account before responding. We will respond within the timeframe required by applicable law (typically 45 days, with possible extensions).

Authorized agents. You may designate an authorized agent to submit a request on your behalf. We will require written proof of authorization and may verify your identity directly.

Appeals. In Virginia, Colorado, Connecticut, and similar states, if we deny your request you may appeal by replying to our denial. If your appeal is denied, you may contact your state attorney general.

Do Not Track and Global Privacy Control. The App does not respond to “Do Not Track” browser signals, as no industry standard exists. We honor Global Privacy Control (GPC) signals where required by law.

Financial incentives. We do not offer financial incentives in exchange for personal information.

12. Apple HealthKit and Google Health Connect

The App integrates with Apple HealthKit on iOS and, in a forthcoming release, with Google Health Connect on Android (together, “Health Platforms”). When enabled, these integrations allow the App to:

  • Write your meditation and mindfulness activity to your device’s health data store (for example, recording a Mindful Session when you complete a session in the App).
  • Read related health and fitness data — currently, mindfulness, exercise, and sleep data — to display in the App and to inform your insight reports.

You control the integration. The Apple Health integration is off by default. You can turn it on or off at any time from the App’s settings, and you can also adjust which specific HealthKit data categories the App may read or write through the iOS Settings → Privacy & Security → Health screen. The Google Health Connect integration on Android will work the same way once released. Turning the integration off, or revoking permissions for specific data categories, takes effect immediately.

Server-side handling of Health Platform data. To enable cross-device continuity (so your sessions and history appear consistently across your devices) and to generate insight reports based on your meditation, exercise, and sleep patterns, the App transmits a copy of the relevant Health Platform data — for example, mindful session start time, end time, and duration; workout type and duration; and sleep stage and duration — to our backend servers operated on our behalf by our cloud hosting provider in the United States. This data is associated with your account and stored using the same security safeguards that apply to your other account data, including encryption in transit and access controls.

Health Platform data that we receive on our servers:

  • Is used only to provide the features you have requested, including cross-device sync, history, streaks, and insight reports.
  • Is never used for advertising, marketing, or any similar purpose.
  • Is never sold, rented, or shared with data brokers, advertisers, social networks, or other third parties for their own purposes.
  • Is never disclosed to any party in a manner inconsistent with this Policy or with Apple’s HealthKit or Google’s Health Connect developer requirements.
  • Is never used to make eligibility, insurance, employment, lending, or credit decisions about you.
  • Is not shared with our research partners unless you separately and explicitly opt in to research participation.
  • Is retained for as long as your account is active and is deleted from our active systems within 30 days of account deletion, subject to the retention exceptions in Section 5.

Service providers (such as our cloud hosting and database providers) may process this data strictly on our behalf to operate the App, under contractual obligations that prohibit any other use.

If you turn the integration off or revoke permissions, the App will stop reading from and writing to the Health Platform on your device. Data previously synced to our servers will remain associated with your account until you delete it from the App or delete your account. Data previously written to your device’s Apple Health or Google Health Connect store will remain there until you remove it through the corresponding system app.

13. Changes to This Policy

We may update this Policy from time to time. When we make material changes, we will notify you by email (to the address associated with your account) or through an in-app notice prior to the change taking effect. The “Last Updated” date at the top of this Policy indicates when it was last revised.

14. Contact Us

If you have questions, concerns, or requests regarding this Policy or your personal information, please contact us:

Peak Leadership LLC
Email: help@peakleadershipinstitute.com