Privacy Policy
Last Updated: March 2026
Sorce Technologies, Inc. (“SORCE,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard personal data when you access or use the SORCE website, mobile applications, and related services (collectively, the “Services”).
By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy.
Your use of the Services is also governed by our Terms of Use.
1. Scope of This Privacy Policy
This Privacy Policy applies to personal data collected by SORCE through the Services.
“Personal Data” means information that identifies, relates to, describes, or can reasonably be linked to an individual, as defined under applicable privacy laws.
This Privacy Policy does not apply to the practices of third parties that we do not own or control.
2. Categories of Personal Data We Collect
We collect personal data necessary to provide and improve the Services.
Account and Contact Information
When you create an account or interact with the Services, we may collect:
• Name
• Email address
• Phone number (optional)
• Account credentials or identifiers
Biometric and Wellness Data
The SORCE platform uses biometric and behavioral inputs to generate insights related to stress, energy regulation, and nervous system function.
Depending on your use of the Services, we may collect:
• Heart rate variability (HRV) measurements
• Self-reported wellbeing or behavioral inputs
• Usage data related to wellness practices within the platform
On-Device Biometric Processing
SORCE is designed with a privacy-forward architecture intended to minimize the storage of sensitive biometric data.
Where technically feasible:
• HRV measurements are processed locally on the user’s device
• Raw biometric signals captured through camera-based HRV assessments are not stored on SORCE servers
• Only derived insights or summary metrics necessary to deliver the Services may be transmitted securely to SORCE systems
This approach reduces the transmission and storage of sensitive biometric information.
Device and Technical Data
When you use the Services, we may automatically collect certain technical information, including:
• Device type
• Operating system
• Application usage logs
• Diagnostic data for troubleshooting and performance monitoring
Cookies and Website Analytics
Our website may use cookies and similar technologies to:
• Enable website functionality
• Understand how visitors interact with the website
• Improve website performance
Users may control cookie preferences through their browser settings.
3. Sources of Personal Data
We collect personal data from the following sources:
Directly From You
• Account registration
• Use of the Services
• Communications with SORCE
• Responses to surveys or questionnaires
Automatically Through Technology
• Application usage logs
• Cookies or similar tracking technologies
• Device and browser information
From Service Providers
We may receive limited data from service providers that support the operation of the Services.
4. Purposes for Collecting Personal Data
We use personal data for the following business purposes:
Providing and Improving the Services
• Creating and managing user accounts
• Delivering personalized insights through the SORCE platform
• Operating and maintaining the Services
• Troubleshooting technical issues
• Conducting research, analytics, and product development
Communication
• Responding to inquiries
• Providing service updates
• Sending administrative communications related to the Services
Security and Fraud Prevention
• Detecting and preventing unauthorized activity
• Protecting users and maintaining platform security
Legal Compliance
• Complying with applicable laws and regulations
• Enforcing contractual rights and terms
5. How We Share Personal Data
We may disclose personal data to the following categories of recipients:
Service Providers
We engage trusted third-party service providers that assist with:
• Cloud hosting and infrastructure
• Payment processing
• Customer support systems
• Analytics and system monitoring
These providers are contractually required to protect personal data and may only process data as necessary to provide services to SORCE.
Business Partners
In certain cases, SORCE may collaborate with third-party partners to offer joint programs, services, or experiences.
Information shared in connection with such programs will be limited to what is necessary for participation.
Legal Obligations
We may disclose personal data if required to:
• Comply with legal obligations
• Respond to lawful requests from authorities
• Protect the rights, safety, or property of SORCE, our users, or others
Business Transfers
If SORCE undergoes a merger, acquisition, reorganization, or asset sale, personal data may be transferred as part of that transaction.
Users will be notified if personal data becomes subject to a materially different privacy policy.
6. Data Security
SORCE implements reasonable technical, administrative, and organizational safeguards designed to protect personal data.
These safeguards may include:
• Encryption of data in transit
• Access controls and authentication systems
• Secure infrastructure environments
• Monitoring and incident detection procedures
However, no method of electronic transmission or storage is completely secure.
Users are responsible for maintaining the confidentiality of their account credentials.
7. Data Retention
We retain personal data only for as long as necessary to:
• Provide the Services
• Fulfill contractual obligations
• Comply with legal requirements
Users may request deletion of their account and associated personal data by contacting:
Aggregated or anonymized data that does not identify individuals may be retained indefinitely for research and product improvement.
8. Children’s Privacy
The Services are not intended for individuals under the age of 16.
SORCE does not knowingly collect personal data from children under 16. If we become aware that such information has been collected, we will promptly delete it.
9. Privacy Rights
Depending on your location, you may have rights regarding your personal data.
These rights may include the ability to:
• Access personal data held about you
• Request correction of inaccurate information
• Request deletion of personal data
• Request restriction of processing
• Obtain a copy of your personal data
Requests may be submitted to:
10. California Privacy Rights (CCPA / CPRA)
If you are a California resident, you may have rights under the California Consumer Privacy Act, including the right to:
• Request disclosure of personal information collected about you
• Request deletion of personal information
• Opt out of the sale of personal information
SORCE does not sell personal information.
Authorized Agent Requests
You may designate an authorized agent to make privacy requests on your behalf. We may require verification of identity before fulfilling such requests.
Response Timing
We will respond to verified requests within the timeframe required by applicable law, generally within 45 days.
11. Nevada Privacy Rights
Nevada residents may request that a business not sell certain personal information. SORCE does not sell personal information as defined under Nevada law.
Requests may be submitted to:
12. European Economic Area, United Kingdom, and Switzerland
If you are located in the European Economic Area, the United Kingdom, or Switzerland, your personal data is processed in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).
You may have the right to:
• Access your personal data
• Correct inaccurate data
• Request erasure of personal data
• Restrict processing
• Object to processing
• Withdraw consent where processing is based on consent
• Lodge a complaint with a supervisory authority
Requests regarding these rights may be submitted to:
13. International Data Transfers
SORCE is headquartered in the United States. If you access the Services from outside the United States, your personal data may be transferred to and processed in the United States or other jurisdictions.
We take reasonable steps to ensure appropriate safeguards are implemented for international data transfers.
14. Changes to This Privacy Policy
SORCE may update this Privacy Policy periodically to reflect operational, legal, or regulatory changes.
When material changes occur, we will notify users through the Services or by other appropriate means.
Continued use of the Services after updates indicates acceptance of the revised policy.
15. Contact Information
If you have questions regarding this Privacy Policy or our privacy practices, please contact:
SORCE Technologies, Inc.
181 Pier Ave
Santa Monica, CA 90405
United States