Legal

Last updated: August 15, 2025

Questions? Contact us at legal@xclimate.co

Privacy Policy
Terms of Service
Cookie Policy
Data Protection

Privacy Policy

At XClimate, we take your privacy seriously. This policy explains what data we collect, why we collect it, how we use it, and how you can control it.

Information we collect

We collect the minimum information necessary to provide our service:

Account information: Email address you provide when signing up for the beta.
Health signals: Mood and energy scores you voluntarily share via text message.
Environmental data: Air quality, UV, temperature, and humidity data from public APIs based on your general location (city-level, not precise GPS).
Device metadata: Browser type, operating system, and screen size for service optimization. We do not collect device identifiers.

How we use your data

Generate your personal CHR (Climate, Health, and Resilience) score
Deliver personalized health insights and environmental nudges
Improve the accuracy of our AI models using anonymized, aggregated data only
Send you product updates (you can unsubscribe at any time)

We never sell your personal data. We never share individual health data with advertisers, data brokers, or any third party. We never use your private health information to train AI models. Your data is used exclusively to improve your personal experience.

Data retention

We retain your data for as long as your account is active. If you request deletion, we remove all personal data within 30 days. Anonymized, aggregated data (which cannot be linked back to you) may be retained for research purposes.

Your rights

You have the right to:

Access — Request a copy of all data we hold about you
Correct — Update inaccurate personal information
Delete — Request permanent deletion of your account and data
Export — Receive your data in a portable format
Withdraw consent — Opt out of data processing at any time

To exercise any of these rights, email legal@xclimate.co. We respond within 30 days.

Children's privacy

XClimate is not intended for users under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with data, contact us immediately.

Terms of Service

By accessing or using XClimate ("the Service"), you agree to these terms. If you do not agree, do not use the Service.

The Service

XClimate provides an AI-powered platform that connects environmental data with personal health signals to generate insights about how climate conditions may affect your mood, energy, and resilience. The Service is currently in beta.

XClimate is not a medical device and does not provide medical advice. Our insights are informational only and should not be used as a substitute for professional medical diagnosis, treatment, or advice. Always consult a qualified healthcare provider for medical decisions.

Beta program

The Service is currently offered as a free beta. We reserve the right to modify, suspend, or discontinue the Service at any time. Features, pricing, and availability may change without notice during the beta period.

Your account

You must provide accurate information when signing up
You are responsible for maintaining the confidentiality of your account
You must be at least 13 years old to use the Service
One account per person

Acceptable use

You agree not to:

Use the Service for any illegal purpose
Attempt to reverse-engineer, decompile, or extract source code
Scrape, crawl, or harvest data from the Service
Impersonate another person or misrepresent your affiliation
Transmit malicious code, spam, or unsolicited communications
Interfere with the operation or security of the Service

Intellectual property

All content, features, and functionality of XClimate — including the CHR Score methodology, AI models, design, code, and branding — are owned by XClimate Inc. and protected by copyright, trademark, and other intellectual property laws.

Limitation of liability

To the maximum extent permitted by law, XClimate Inc. is not liable for any indirect, incidental, special, consequential, or punitive damages arising from your use of the Service. Our total liability is limited to the amount you paid for the Service (which, during beta, is $0).

Indemnification

You agree to indemnify and hold harmless XClimate Inc. and its officers, directors, employees, and agents from any claims, liabilities, damages, or expenses arising from your use of the Service or violation of these terms.

Governing law

These terms are governed by the laws of the State of New Hampshire, United States. Any disputes will be resolved in the courts of Grafton County, New Hampshire.

Changes to terms

We may update these terms. Continued use of the Service after changes constitutes acceptance. We will notify you of material changes via email or in-app notification.

Cookie Policy

This website uses a minimal set of cookies and local storage to function properly.

What we use

Cookie consent preference (xck) — Stores whether you accepted or declined cookies. Session-only until you accept, then persisted in localStorage.
Visit flag (visited) — Stores whether you've visited before to skip the loading animation on return visits. Session storage only.

What we don't use

No third-party tracking cookies
No advertising cookies
No cross-site tracking
No fingerprinting

Analytics

If analytics are enabled in the future, they will be privacy-respecting (such as Plausible Analytics, which does not use cookies) and will only be loaded after you provide consent via our cookie banner.

Managing cookies

You can clear cookies at any time through your browser settings. Declining cookies on our banner prevents any persistent storage. The site remains fully functional without cookies.

Data Protection

Security measures

We implement industry-standard security measures including:

HTTPS encryption for all data in transit
Encrypted storage for personal data at rest
Content Security Policy (CSP) headers to prevent injection attacks
Rate limiting and bot protection on all form submissions
Regular security reviews of our codebase and infrastructure

GDPR compliance

For users in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR). Our lawful basis for processing is consent (which you provide when signing up) and legitimate interest (service improvement using anonymized data). You may exercise your data rights as described in our Privacy Policy above.

CCPA compliance

For California residents, we comply with the California Consumer Privacy Act (CCPA). We do not sell personal information. You have the right to know what data we collect, request deletion, and opt out of data sharing.

Data location

Data is processed and stored in the United States. By using the Service, you consent to the transfer and processing of your data in the US.

Breach notification

In the event of a data breach affecting your personal information, we will notify affected users within 72 hours of discovery, in compliance with GDPR and applicable state breach notification laws.

Third-party services

We use the following third-party services that may process data on our behalf:

Google Fonts — Font delivery (no personal data collected)
Environmental data APIs — Public air quality and weather data (no personal data shared)

We do not share your personal information with any other third-party services.

Legal

Contents

Privacy Policy

Information we collect

How we use your data

Data retention

Your rights

Children's privacy

Terms of Service

The Service

Beta program

Your account

Acceptable use

Intellectual property

Limitation of liability

Indemnification

Governing law

Changes to terms

Cookie Policy

What we use

What we don't use

Analytics

Managing cookies

Data Protection

Security measures

GDPR compliance

CCPA compliance

Data location

Breach notification

Third-party services