That's the short version. Here's the full picture.
Effective Date: April 14, 2026 · Last Updated: April 14, 2026
Shadowline Ventures LLC (“Company,” “we,” “us,” or “our”) operates the Mosaic Score mobile application (“App”). This Privacy Policy explains how the App handles your information when you use it. We are committed to protecting your privacy and being transparent about our data practices.
By using Mosaic Score, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the App.
Your health data stays on your device. Mosaic Score is designed with a local-first architecture. All personal health data, including heart rate, HRV, SpO&sub2;, sleep, VO&sub2; Max, training load metrics, and your composite Mosaic Score, is processed and stored entirely on your device. We do not collect, transmit, store, or have access to your personal health information.
Mosaic Score does not collect, transmit, or store:
We do not create user accounts. We do not require registration. We do not maintain user profiles.
Mosaic Score collects limited, de-identified usage signals through TelemetryDeck, a privacy-focused analytics service based in the European Union. These signals are used solely to improve App stability, performance, and user experience.
The signals collected may include:
These signals do not contain personally identifiable information (PII). They cannot be used to identify you as an individual. No health data is ever included in these signals. TelemetryDeck does not store IP addresses and does not use device fingerprinting.
Categories of personal information collected (past 12 months):
| CCPA Category | Collected? | Source | Purpose | Third Parties |
|---|---|---|---|---|
| Internet or electronic network activity (usage signals) | Yes | Automatic (TelemetryDeck SDK) | App improvement, stability monitoring | TelemetryDeck GmbH (analytics processor) |
| Commercial information (subscription status) | Yes | Automatic (TelemetryDeck SDK) | App improvement, feature analysis | TelemetryDeck GmbH (analytics processor) |
| Identifiers (personal) | No | — | — | — |
| Health/medical data | No | — | — | — |
| Geolocation data | No | — | — | — |
For more information about TelemetryDeck’s privacy practices, visit telemetrydeck.com/privacy.
Mosaic Score reads data from Apple Health with your explicit permission. When you grant access, the App reads the following health and fitness data types:
This data is:
Data from third-party devices (such as Garmin, Oura, Whoop, or other wearables) that you have connected to Apple Health is available to Mosaic Score only through Apple Health and is treated identically to native Apple Health data — read locally, processed on-device, never transmitted.
You can revoke Mosaic Score’s access to Apple Health at any time through Settings → Health → Data Access & Devices.
Apple’s own privacy practices for Health data are governed by Apple’s Privacy Policy.
HealthKit Data Restrictions. We will not use any data obtained through Apple HealthKit for advertising, marketing, or any similar services. We will not disclose your HealthKit data to any third party without your explicit authorization. We will not sell your HealthKit data. We will not use your HealthKit data for data-mining for any purpose other than the App’s stated wellness functionality on your device. Because Mosaic Score processes all HealthKit data locally and does not transmit it off your device, these prohibitions are inherent to the App’s architecture.
All subscription purchases, renewals, and billing are processed by Apple through the App Store using native StoreKit. Shadowline Ventures LLC does not collect, process, or store your payment information, credit card details, or Apple ID credentials.
Apple’s handling of your payment information is governed by Apple’s Privacy Policy and App Store Terms of Service.
Because Mosaic Score processes all health data locally on your device, your data is protected by your device’s built-in security features, including device passcode, Face ID or Touch ID, and iOS data encryption.
We do not operate servers that store your personal data. There is no cloud database, no user data warehouse, and no remote backup of your health information maintained by Shadowline Ventures LLC.
In the unlikely event of a data security incident affecting the limited de-identified signals we collect through TelemetryDeck, we will comply with all applicable notification obligations under state and federal law.
Since we do not collect personal health data, there is nothing for us to retain or delete on our end. Your health data exists solely on your device and within Apple Health. If you delete the App, any locally cached data used by the App is removed from your device.
De-identified usage signals collected through TelemetryDeck are retained for up to 24 months in aggregated form. Individual event records are not retained beyond that period. For details, see TelemetryDeck’s data retention policies at telemetrydeck.com/privacy.
We do not sell, rent, lease, or share your personal information with anyone. We do not share personal information for cross-context behavioral advertising.
The only data that leaves your device is the de-identified, non-personal usage signals described in Section 3, which are transmitted to TelemetryDeck GmbH (based in the European Union) for analytics purposes. These signals contain no health data and no personally identifiable information.
We may disclose information if required to do so by law or in response to a valid legal process, such as a court order or subpoena. However, because we do not possess your personal health data, we have nothing of that nature to disclose.
Mosaic Score is not directed to children under 18 and we do not knowingly collect any information from users under 18. If you are a parent or guardian and believe a child under 18 has been using the App, please contact privacy@mosaicscore.com and we will delete any associated local-device records on request (to the extent such records exist) and take reasonable steps to prevent further use.
Because Mosaic Score does not collect or store your personal health data, traditional data subject rights (access, correction, deletion, portability) as they pertain to health data are managed entirely through your device and Apple Health, not through us.
You have the right to:
If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including:
You or your authorized agent may submit a request by emailing privacy@mosaicscore.com. We will verify your identity before processing the request. If an authorized agent submits a request on your behalf, we may require proof of authorization.
Under California Civil Code §1798.83 (“Shine the Light”), California residents may request information about personal information disclosed to third parties for direct marketing purposes. We do not disclose personal information to third parties for direct marketing.
If you are a resident of a US state with a comprehensive consumer privacy law (including but not limited to Virginia, Colorado, Connecticut, Utah, Texas, and Oregon), you may have the right to access, correct, delete, or obtain a portable copy of personal information we hold about you, to opt out of targeted advertising or sale (neither of which we engage in), and to not be discriminated against for exercising these rights. Contact privacy@mosaicscore.com to exercise any applicable right.
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the following applies to our processing of your information:
Mosaic Score may offer optional features in the future, such as data export, score sharing, or cloud-based preferences backup, that involve data leaving your device. If and when such features are introduced, we will update this Privacy Policy accordingly and, where required, obtain your explicit consent before enabling those features. Any new feature that transmits personal data will be opt-in, not opt-out.
The App may contain links to third-party websites or services. We are not responsible for the privacy practices or content of any third-party sites or services. We encourage you to review the privacy policies of any third-party services you interact with.
We reserve the right to update this Privacy Policy at any time. If we make material changes, we will notify you through the App or by other reasonable means. Your continued use of the App following the posting of a revised Privacy Policy constitutes your acceptance of the changes.
The “Last Updated” date at the top of this page indicates when this Privacy Policy was most recently revised.
For questions, concerns, or requests regarding this Privacy Policy or our data practices, contact us at:
Shadowline Ventures LLC
privacy@mosaicscore.com
mosaicscore.com
Mosaic Score is developed and published by Shadowline Ventures LLC.