Privacy Policy & Clinical Data Governance

Effective Date: February 1, 2026

Immersive Authority (Pty) Ltd (“us”, “we”, or “our”) operates the SWEL Health Physiological Intelligence Platform (the “Service”). This policy outlines our governance framework regarding the collection, transcoding, and protection of your biological data.

1. Biological Data & Information Collection

To provide the SWEL Service, we ingest high-fidelity data from third-party wearable ecosystems via OpenWearables and Health Connect.

  • Physiological Data: Heart Rate (HR), Heart Rate Variability (HRV), Respiratory Rate, SpO2, Sleep Stages, and Activity Metrics.

  • Environmental Data: Localized telemetry including altitude density, ambient temperature, and humidity.

  • Personal Data: Name, email, age, and biological sex (strictly used for baseline normalization and physiological cost calculations).

  • Device Data: Unique hardware identifiers, IP addresses, and diagnostic logs required for synchronization.

2. Clinical & Professional Disclaimer

SWEL Health is an information analytics and triage Service only. We do not provide medical advice, diagnosis, or treatment.

  • No Doctor-Patient Relationship: Your use of the Service does not create a professional medical relationship between you and Immersive Authority.

  • “As-Is” Analytical Insights: All outputs, including “Risk Flags,” “Vital Drift” alerts, and “Physiological Cost” scores, are provided “as-is” for informational and educational purposes.

  • Assumption of Risk: You agree that any decisions made based on SWEL insights (such as altering a training schedule, changing medication timing, or seeking medical attention) are made at your own risk.

  • Limitation of Liability: Immersive Authority (Pty) Ltd, its directors, and developers shall not be held liable for any injury, loss, health complication, or death resulting from the use or misuse of the Service, or from inaccuracies inherent in the raw data ingested from third-party wearable hardware.

3. Data Sovereignty & User Control

We operate on a “FHIR-First” mandate. Unlike traditional platforms that lock your data into proprietary formats, we believe you own your biological record.

  • Granular Consent: You control exactly which data streams (e.g., Sleep vs. GPS) are connected to the SWEL architecture.

  • Right to Revoke: You may disconnect any hardware provider or request the permanent deletion of your physiological history at any time. Upon deletion, your data is cryptographically erased from our servers.

  • Non-Monetization: We do not sell, trade, or rent your health data to third-party advertisers, insurance companies, or data brokers.

4. Regulatory Compliance (POPIA & GDPR)

We comply with the Protection of Personal Information Act (POPIA) in South Africa and the General Data Protection Regulation (GDPR) for our international users.

  • Lawful Processing: We process data only for the specific purpose of providing the physiological insights requested by the user.

  • Data Minimization: We only collect the specific metrics required for our normalization engines to function.

  • Data Subject Rights: You have the right to access, correct, or port your data. To exercise these rights, please contact our Information Officer via the contact details below.

5. Security by Design

Your data is treated with the same rigor as financial transactions. Our infrastructure utilizes a Bifurcated Architecture to ensure maximum security:

  • Encryption: We use AES-256 encryption at rest for all database records and TLS 1.3 for all data in transit.

  • Identity Decoupling: Personal Identifiable Information (PII) is separated from physiological streams.

  • Isolated Analytics: Our Advanced Analytics Service Module (ASM) processes data using pseudonymized IDs, ensuring that the engines analyzing your heart rate do not have access to your personal identity.

6. Third-Party Ecosystems

Our Service bridges multiple hardware ecosystems (Huawei, Garmin, COROS, Apple). Each hardware provider maintains its own privacy policy. We have no control over how these third parties collect data before it reaches our API. We strongly advise you to review the privacy policies of any wearable device you connect to SWEL.

7. Changes to This Policy

As we deploy new analytical engines (e.g., DFA Alpha-1 Triage) and device integrations, this policy will be updated. Continued use of the Service after changes are posted constitutes acceptance of the new terms.

8. Contact Us

For inquiries regarding your data, POPIA compliance, or technical governance:

Immersive Authority (Pty) Ltd Attn: Information Officer Email: legal @ swelhealth.com Website: www.swelhealth.com