Take Quiz
On This Page

Data Security: Where Your Scan Lives and for How Long

  • Common Tech Concerns about Facial Scans, FAQs & Myth Busters

When you complete a facial scan to assess your risk for sleep apnea, you’re not just sharing an image—you’re trusting a system to handle sensitive data. That trust isn’t something we take lightly. From the moment your scan is captured to the moment it’s deleted (or securely archived), we follow strict protocols to protect your privacy and control how long the data stays on our servers.

Here’s exactly where your scan goes, how it’s used, and when it’s removed—no tech jargon, just clear answers.

What Happens Immediately After You Scan

Once you complete a facial scan to assess sleep apnea risk, your image is temporarily encrypted and sent to our secure server for analysis. That server is hosted in a HIPAA-compliant cloud environment and does not store the image indefinitely unless you choose to save your results.

The scan data is then processed through our trained model, which reads your facial landmarks—such as jawline structure and airway angles—to evaluate potential sleep apnea indicators.

How Your Facial Data Is Stored

Here’s what’s stored and what isn’t:

Stored Temporarily Never Stored
Landmark measurements Raw facial photos (unless saved)
Model output (risk score) Your name, location, or full identity
Scan timestamp (for history) Audio, video, or background data

All data is encrypted during both transmission and storage. We use 256-bit AES encryption—the same standard used by hospitals and banks.

Our servers are hosted through Google Cloud Healthcare API infrastructure, which includes full audit logs, multi-region redundancy, and strict access controls.

Who Can Access Your Scan Data?

Only you can see your scan results unless you actively choose to share them with a provider or export them to a personal health app. We do not sell, trade, or share your scan data with advertisers or third parties.

If you’ve opted in to research participation, your scan may be used in anonymized form to help improve the algorithm. But even in those cases:

  • No names, emails, or device IDs are attached
  • Data is grouped statistically, not individually
  • You can opt out at any time with a single click

For more on patient data rights under HIPAA, visit the HHS HIPAA Privacy Rule Summary.

How Long Is Your Data Kept?

We retain different data types for different time periods:

  • Facial landmarks: Stored for 30 days if you don’t save your result
  • Risk score output: Stored for 90 days in case you want to compare scans
  • Saved scan history (if opted in): Retained for up to 12 months, then archived or deleted

You can manually delete your entire history at any time by visiting your account dashboard and clicking “Clear My Data.”

We do not keep expired or deleted scan data in backups longer than necessary. Even archived data undergoes automated pruning every 90 days.

Why We Store Any of It at All

You might wonder: why store anything, even temporarily?

Here’s why:

  • To allow repeat scanning for tracking improvement or changes
  • To generate risk trend reports over time
  • To compare scans across different postures, lighting, or physical changes (e.g., after CPAP use or weight loss)

Without short-term retention, you’d need to rescan from scratch every time—even if you just want to check progress.

But we still put expiration rules in place so your data doesn’t live forever.

Data Deletion: How It Works

You’re always in control. Here’s how to remove your scan data:

  1. Go to the Settings tab in the scan app
  2. Select Data & History
  3. Choose Delete Past Scans
  4. Confirm deletion (this action is irreversible)

All deletion requests are processed instantly, and all trace files are scrubbed from our backup layers within 48 hours.

How We Stay Compliant

We follow strict guidelines for:

  • HIPAA (U.S. patient data privacy)
  • GDPR (EU data rights and consent)
  • PIPEDA (Canada’s health data governance)

All staff undergo regular privacy and security training. In addition, we conduct quarterly audits of access logs to ensure no unauthorized employee or external tool ever sees your data.

For added transparency, our current security policy is published here with regular updates.

What’s Next: Privacy by Design

We’re not done improving. Our future updates will include:

  • Device-side analysis so fewer scans ever leave your phone
  • Zero-image retention models that discard raw data instantly
  • More user controls for setting retention timeframes

We believe the best AI is invisible, secure, and consensual—and you should never have to guess where your data went.

Final Word: You’re in Control

We get it—handing over your face, even for medical purposes, is a big ask. That’s why our model is built around:

  • Minimal storage
  • Maximum encryption
  • Full transparency

Your scan, your data, your choice—always.

Related Content
Dry Mouth at 2 a.m.? Fixes That Actually Work
Dry Mouth at 2 a.m.? Fixes That Actually Work
Leptin & Ghrelin: Appetite Hormones Disrupted by Apnea
Leptin & Ghrelin: Appetite Hormones Disrupted by Apnea
Tweaking Bedtimes Based on Chronotype for Better Apnea Control
Tweaking Bedtimes Based on Chronotype for Better Apnea Control
Can Oral Appliances Help Mild OSA in Teens?
STOP-Bang vs. Berlin Questionnaire: Key Differences
Larks, Owls, and Hummingbirds: Why Chronotype Matters
Sleep on Your Side! Easy Tricks to Avoid Supine Apnea
STOP-Bang vs. Berlin Questionnaire: Key Differences
STOP-Bang vs. Berlin Questionnaire: Key Differences