Privacy & Data Protection
Nefesh is built on the principle of data minimization. We process the minimum amount of data needed to generate a stress score, and we delete it as quickly as possible.
Edge-First Processing
Video, audio, and other raw sensor data are processed entirely on the client device. Only extracted features (heart rate, tone classification, expression label) are sent to the API. No video frames, audio recordings, or facial images ever reach our servers.
Data Retention
| Data Type | Retention |
|---|---|
| Live session state | 20 minutes (auto-delete) |
| Session history | 24 hours |
| Trigger Memory profiles | Persistent until deleted via API |
| Raw video / audio | Never stored (edge processing only) |
Encryption
All data is encrypted in transit (TLS 1.3) and at rest. Session data uses encrypted Redis storage with automatic key rotation.
GDPR Compliance
- Right to deletion — call
DELETE /v1/subjects/{subject_id}for cascading deletion of all data - Data minimization — only classified labels are stored, never raw biometric data
- Purpose limitation — data is used exclusively for real-time AI context, not analytics, advertising, or profiling
- No PII storage — strict schema validation rejects fields outside the defined signal schema
GDPR Deletion API
curl -X DELETE https://api.nefesh.ai/v1/subjects/user-123 -H "X-Nefesh-Key: YOUR_KEY"
# Response:
{ "deleted": true, "subject_id": "user-123", "sessions_removed": 12 }