Sleep Police Privacy Policy

Last updated: 2026-05-06

This Privacy Policy explains how Touchgrass Health, LLC ("Touchgrass Health," "we," "us," or "our") collects, uses, shares, and protects information when you use Sleep Police, including our mobile app, web app, websites, backend services, and related support services.

Sleep Police is intended for adults 18 and older. It is not directed to children or teens.

This policy is written for the current Sleep Police product direction and should be reviewed by counsel before broad public launch, expansion to minors, or material changes to payments, enforcement, analytics, or location behavior.

Contact

For privacy, account, deletion, or support requests, contact:

https://thesleeppolice.com/support

support@touchgrass.health

Information We Collect

We collect information you provide, information generated by your use of Sleep Police, and information from service providers that help us operate the product.

Account And Contact Information

We may collect your phone number, account identifiers, verification status, language, country, timezone, and support communications. We use phone numbers for account creation, sign-in, verification, security, and service messages.

Device, App, And Installation Information

We may collect device and app information such as device type, operating system, OS version, app version, build number, device model, brand, manufacturer, installation identifiers, push notification tokens, notification channel status, and similar technical metadata.

We may collect carrier or network-related metadata where available, such as carrier name, mobile country code, mobile network code, and network country.

Sleep, Schedule, And Enforcement Information

Sleep Police is an enforcement product. We collect and store information needed to configure, run, audit, and improve enforcement, including bedtime settings, sleep goals, schedule profiles, time blocks, temporary overrides, device groups, connection policies, rule outcomes, manual unblock events, cheats, penalties, and payment-related penalty history.

We may store enforcement history and incident records, including expected enforcement windows, activation and completion status, protection/enforcement status, app installation continuity, notification state, app or permission health, and suspected circumvention or reliability signals.

Location And Geofence Information

If you use location-based enforcement, Sleep Police may collect and store home or other geofence locations that you choose to save, including address labels, latitude, longitude, and radius. We use this information to decide when enforcement rules should apply.

The app may request foreground or background location permission if location-based enforcement is enabled.

If no saved geofence is available, the app may use approximate Vercel IP geolocation to estimate sunrise and sunset for visual timelines and theme behavior. This approximate IP location is not used to decide whether enforcement applies.

On-Device Enforcement Information

Sleep Police may request Android Accessibility permission to support on-device app blocking during scheduled enforcement windows. The app uses this permission to observe foreground app transitions and return the user to Sleep Police when a blocked app is opened during an active window.

Sleep Police does not collect, inspect, sell, or route your browsing history, webpage contents, or network traffic contents through our servers.

Payments And Billing Information

If you use paid penalties or billing features, payment details are processed by Stripe or similar payment service providers. We do not store full card numbers or full bank account numbers on our servers.

We may store payment-related identifiers, billing status, consent records, penalty obligations, payment attempts, processor request identifiers, webhook event records, and payment history needed to operate the service, resolve disputes, comply with legal obligations, and prevent fraud or abuse.

SMS And Service Communications

We use or may use SMS providers such as Plivo, Twilio, or similar providers to send account, authentication, security, billing, support, enforcement, and service-related text messages.

We may also send user-requested bedtime or onboarding reminder messages if you choose to receive them. You can opt out of non-essential SMS messages by following the instructions in the message, such as replying STOP where supported.

Analytics, Diagnostics, And Crash Reporting

We use or may use analytics, diagnostics, crash-reporting, performance monitoring, and feature-flagging tools, such as Sentry, PostHog, Google Firebase services, and similar providers. These tools help us understand app reliability, diagnose errors, improve performance, measure basic product usage, and safely roll out product changes.

These tools may collect device information, app version, operating system, diagnostic events, crash logs, performance data, feature flag exposure, and similar technical or usage information. We do not use these tools to sell personal data or for third-party advertising.

Web, Server, And Security Logs

When you use Sleep Police, our systems and service providers may collect logs such as IP address, request metadata, device/browser metadata, user agent, timestamps, authentication events, error events, security events, and similar operational records.

How We Use Information

We use information to:

• create, verify, and secure accounts;
• provide phone sign-in and account authentication;
• configure and operate sleep schedules, enforcement windows, geofences, reminders, app blocking, and related app behavior;
• process payments, penalties, billing setup, refunds, disputes, and payment compliance;
• send account, authentication, security, billing, support, enforcement, and service-related messages;
• register and deliver push notifications;
• diagnose crashes, errors, and performance issues;
• detect, investigate, and prevent fraud, abuse, security incidents, payment misuse, and circumvention;
• provide support and respond to requests;
• improve Sleep Police and test new functionality;
• comply with legal, regulatory, tax, accounting, and contractual obligations.

How We Share Information

We do not sell personal data. We do not use personal data for third-party advertising.

Mobile information will not be shared with third parties or affiliates for marketing or promotional purposes.

We may share information with service providers that help us operate Sleep Police, including providers for:

• cloud hosting, databases, infrastructure, and security;
• SMS and communication delivery, such as Plivo, Twilio, or similar providers;
• payment processing, billing, and fraud prevention, such as Stripe;
• maps, places, geocoding, and location services, such as Google Maps and Google Places;
• push notifications and app infrastructure, such as Google Firebase services and Expo services;
• analytics, diagnostics, crash reporting, performance monitoring, and feature flags, such as Sentry, PostHog, Google Firebase services, or similar tools;
• support, email, and operational workflow tools.

We may also share information when required by law, legal process, regulation, court order, government request, or to protect the rights, safety, security, or property of Touchgrass Health, our users, service providers, or others.

If Touchgrass Health is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred as part of that transaction, subject to appropriate protections.

Data Retention

We keep information for as long as needed to provide Sleep Police, comply with legal obligations, resolve disputes, enforce agreements, prevent fraud or abuse, maintain security, and support billing, accounting, tax, and audit needs.

If you request deletion, we will delete or de-identify account data within 30 days, except where we need to retain limited records for legal, security, fraud prevention, billing, tax, accounting, dispute, or audit purposes.

Some records, such as billing consent records, payment ledger references, security logs, fraud-prevention records, or enforcement audit records, may be retained longer where necessary for legitimate operational or legal reasons.

Your Choices And Rights

You may request account deletion at https://thesleeppolice.com/account-deletion, by using in-app or web tools where available, or by emailing support@touchgrass.health.

Depending on where you live, you may have rights to access, correct, delete, restrict, object to, or receive a portable copy of your personal data, and to withdraw consent where processing is based on consent. You may make a request by emailing support@touchgrass.health or by using in-app or web tools where available.

Some requests may require us to verify your identity. Some data may be exempt from deletion or restriction where we need it for legal, security, fraud prevention, billing, tax, accounting, dispute, audit, or core service operation purposes.

You can control mobile permissions such as notifications, location, and Accessibility through your device settings. Disabling required permissions may limit or break Sleep Police functionality.

Children And Teens

Sleep Police is intended for adults 18 and older. We do not knowingly collect personal information from children or teens.

If you believe a child or teen has provided personal information to Sleep Police, contact us at support@touchgrass.health.

International Processing

Sleep Police may be used globally. Your information may be processed in the United States and other countries where Touchgrass Health and our service providers operate. These countries may have data protection laws that differ from those in your location.

Security

We use technical, administrative, and organizational safeguards designed to protect information. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

You are responsible for keeping your device, phone number, account access, and payment method secure.

Changes To This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top shows when this policy was last changed. If we make material changes, we will provide notice as required by law or through the app, website, or other reasonable means.