Smart Seat logo
    Casana

    Privacy Policy

    Effective as of April 7, 2026

    This Privacy Policy ("Policy") describes the privacy practices of Casana Care, Inc. DBA Casana and our subsidiaries (collectively, "Casana," "we," "us," or "our") in connection with your use of our website (https://casanacare.com/), the Casana App, Casana Devices (i.e., the Smart Seat System), Casana Cloud, and any other interaction you may have with us (collectively, the "Services").

    This Policy applies to our collection and use of personal information and describes your rights and choices with respect to your personal information.

    Our Commitment to Your Privacy

    Casana collects sensitive and consumer health data. We understand that this data is among the most personal information you can share, we take that responsibility seriously, and we outline our practices and your options in our Consumer Health Data Privacy Notice. Our commitments to you:

    • We do not sell your personal information. We will never sell or rent your personal information, including your health data, to third parties.
    • We do not use your health data for advertising. Consumer health information is not shared with third parties for marketing or advertising purposes unless your explicit, separate consent is obtained.
    • You are in control. You have meaningful rights over your data, including the ability to access, correct, export, and delete it.
    • We protect sensitive data with appropriate safeguards. We implement industry-standard security measures designed to protect health and biometric data from unauthorized access or disclosure.

    Personal Information We Collect

    We collect the following categories of personal information from you:

    Personal identifiers

    Name, email address, physical address, telephone numbers, username and password, IP addresses, and information related to customer reviews or communications with us.

    Consumer health and other sensitive information

    Sensor data from Casana Devices and derived vital signs (including heart rate, respiration rate, blood pressure, weight, and heart rate variability), and other health data generated through your use of the Service. This is considered "sensitive personal information" under certain applicable privacy laws. Please refer to our Consumer Health Data Privacy Notice for additional information about the processing of your consumer health data.

    Biographical and demographic information

    Date of birth, sex/gender, height, weight, and other profile information you provide.

    Commercial and financial information

    Records of products ordered, payment card information, and billing information; payment information is processed by our third-party payment processor and is not stored by Casana.

    Internet and device activity information

    Device and browser type, browsing and search history on our website, and information regarding your interaction with our website and advertisements.

    Inferences

    Conclusions drawn from any of the above categories to create a profile about your preferences, characteristics, or health trends.

    Marketing information

    Your preferences for receiving our communications, and details about how you engage with our communications.

    Communications information

    We exchange with you, including support services or other types of communications.

    Automatically collected data

    Information we collect through automated means using the tools we describe in our Cookie Policy. This information includes:

    • Device data: such as your computer's or mobile device's operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 3G), and general location information such as city, state or geographic area
    • Usage data: such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to our website, navigation paths between pages or screens, information about your activity on a page or screen, access times, duration of access, and whether you have opened our marketing emails or clicked links within them.

    Other data

    Not specifically listed here, which we will use as described in this Policy or as otherwise disclosed at the time of collection.

    Personal Information We Collect from Third Parties

    We also collect personal information from third-party sources:

    Third-party services

    When you explicitly grant us permission to collect data from third parties (such as your accounts with compatible third-party services), information that you authorize will be transmitted through to us.

    Third-party login information

    Such as information we receive when you authenticate through a third-party service depends on the settings, permissions and privacy policy controlled by that third-party service.

    Advertising partners

    Including information about you that we receive from our vendors who assist us with marketing or promotional services related to how you interact with our websites, applications, products, Services, advertisements or communications.

    Data providers

    Including publicly available information about you.

    How We Use Your Personal Information

    We use personal information to:

    • Provide, operate, and maintain the Service, including generating health insights from your data
    • Communicate with you, including sending service updates, security alerts, and support messages
    • Process purchases and manage your subscription
    • Research and develop the Service and improve our algorithms and product performance
    • Respond to your inquiries and provide customer support
    • Market or advertise our Services (we do not use consumer health data for this purpose without your explicit consent)
    • Monitor for and prevent fraud, abuse, or violations of our Terms of Use
    • Comply with applicable legal obligations
    • Protect our rights and the rights and safety of our users and others

    Legal Basis for Processing

    Where applicable law requires a legal basis for processing personal information, we rely on the following:

    • Contract: to provide the Service you have requested, including processing data to generate health insights
    • Legitimate interests: to improve our products, prevent fraud, and operate our business, where these interests are not overridden by your privacy rights
    • Legal obligation: where processing is required by applicable law
    • Consent: for processing activities where we ask for your specific agreement, such as use of health data for research purposes or marketing communications

    How We Disclose Your Personal Information

    We may disclose personal information with the following parties:

    Affiliates.

    Our subsidiaries and corporate affiliates, for purposes consistent with this Policy.

    Other users.

    Our Service includes social and household account linking features. Depending on your privacy choices within the Service, we will share your personal information with other users.

    Service providers.

    Companies that provide services on our behalf, such as cloud hosting, payment processing, customer support, email delivery, and website analytics. Service providers are contractually bound to use personal information only for the purposes for which it was provided and are prohibited from selling or sharing it for their own purposes.

    Research partners.

    As described under "Research and De-identified Data" below.

    Authorities and others.

    We may disclose information to law enforcement, government authorities, or other third parties when required by valid legal process, or when we believe in good faith that disclosure is necessary to protect rights, property, or safety. We will make reasonable efforts to notify you of any such request where legally permissible, and we will oppose requests that we believe are overbroad or not legally required.

    Business transferees.

    In connection with a merger, acquisition, reorganization, sale of assets, or similar transaction, your information may be transferred to the relevant parties as part of that transaction.

    We do not sell your personal information to any third party, and we do not share your consumer health data or other sensitive personal information with advertisers.

    Research and De-identified Data

    As part of our efforts to improve our Services and contribute to health research, consumer health information may be used for research purposes by Casana or by vetted third parties. When used in this manner, unless you have opt-ed into one of our research programs where you have agreed to allow us to use your personal data for research, your data is de-identified in accordance with applicable legal standards and industry best practices, such that no personally identifiable information is disclosed.

    De-identified data may be shared with or licensed to third parties for research, product development, public health analysis, and similar purposes consistent with our mission. We do not share or license de-identified data for advertising or marketing unrelated to health research or innovation.

    Casana maintains contractual and technical controls designed to prevent re-identification of de-identified data by any third party. We cannot guarantee that re-identification is technically impossible in all circumstances, but we take meaningful steps to prevent it and prohibit it by contract.

    Data Retention

    We retain personal information only for as long as is reasonably necessary to fulfill the purposes for which it was collected, or as required by applicable law. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of personal information, the purposes for which we use personal information and whether we can achieve those purposes through other means, and the applicable legal and regulatory requirements.

    You may request deletion of your personal information at any time as described in the "Your Rights and Choices" section below.

    Security

    We implement reasonable administrative, technical, and physical safeguards designed to protect your personal information from unauthorized access, disclosure, alteration, or destruction. These measures include encryption of data in transit and at rest, access controls limiting data access to authorized personnel, maintenance of immutable audit logs to record all internal access to and modifications of personal data, and regular review of our security practices. For more information, please see the Security section of our Terms of Use.

    No security system is impenetrable, and we cannot guarantee absolute security. In the event of a security breach affecting your personal information, we will notify you as required by applicable law.

    Your Rights and Choices

    Depending on your location and the nature of your interaction with the Service, you have the following rights with respect to your personal information:

    Access.

    You may request a copy of the personal information we hold about you.

    Correction.

    You may request that we correct personal information you believe is inaccurate or incomplete.

    Deletion.

    You may request that we delete your personal information, subject to exceptions permitted by law (such as information we are required to retain for legal or compliance purposes).

    Portability.

    You may request an export of your personal information in a commonly used, machine-readable format.

    Withdraw Consent.

    You may withdraw your consent to the collection and sharing of your personal information at any time. Withdrawal of consent may affect your ability to use certain features of the Service.

    Opt-out of marketing communications.

    You may opt out of marketing emails by following the unsubscribe instructions in any such email. You will continue to receive service-related and transactional communications.

    California's "Shine the Light" law (Civil Code Section 1798.83) permits California residents to request information about personal information disclosed to third parties for direct marketing purposes. The disclosures provided under your Right to Know will include information required by this law.

    To exercise any of these rights, contact us at privacy@casanacare.com. We may need to verify your identity before processing your request. We will not discriminate against you for exercising your privacy rights, you will not be denied service, charged different prices, or provided a different level of quality for exercising these rights. Additionally, please refer to our Consumer Health Data Privacy Notice to learn about your rights under applicable state privacy laws with respect to such data.

    Do Not Track

    Some browsers are configured to send "Do Not Track" signals to websites. We currently do not respond to Do Not Track signals. For more information, visit http://www.allaboutdnt.com.

    Children's Privacy

    The Service is intended for users who are 18 years of age or older. We do not knowingly collect personal information from users under 18. If we learn that we have collected personal information from users under 18 without verifiable parental consent, we will promptly delete that information. If you believe a user under 18 has provided us with personal information, please contact us at privacy@casanacare.com.

    The Smart Seat may be used in shared household environments. If a minor uses the device, the account holder is responsible for ensuring appropriate consent and supervision consistent with applicable law. Please see our Terms of Use for additional information regarding age requirements and household use.

    Other Sites and Services

    The Service may contain links to third-party websites or services. These links are not an endorsement of those third parties, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you access through our Service.

    International Data Transfer

    Casana is headquartered in the United States. If you are located outside the United States, your personal information may be transferred to and processed in the United States or other countries where privacy laws may differ from those in your jurisdiction. We take steps to ensure that any such transfers are conducted in accordance with applicable law.

    Changes to This Policy

    We will review and update this Policy from time to time. If we make material changes, we will notify you through the Service, by email, or through another appropriate method, and will update the effective date above. Updates will take effect once posted, unless otherwise stated.

    Accessibility

    We are committed to ensuring our communications are accessible to people with disabilities. To make accessibility-related requests or report barriers, please contact us at privacy@casanacare.com.

    How to Contact Us

    If you have questions about this Policy or wish to exercise your rights, please contact us at:

    Casana Care, Inc.
    150 Metro Park, Suite A
    Rochester, NY 14623
    privacy@casanacare.com

    We use cookies

    We use Google Analytics to understand how visitors use our site so we can improve your experience. No personal data is sold. You can accept or decline analytics cookies; essential site functions always remain active.