JointReset is operated by Saturlab SAS. In this Privacy Policy, "JointReset," "we," "our," and "us" refer to Saturlab SAS. This Privacy Policy is written to reflect the current JointReset product: a public website and a mobile app experience that currently centers on iPhone, with local storage, educational recovery guidance, optional device permissions, and user-controlled exports.

1. Who we are and what this policy covers

This Privacy Policy applies to information processed through:

  • the public JointReset website at jointreset.org;
  • the current JointReset mobile app, which today is released for iPhone;
  • related support, notice, and product communications that reference this Privacy Policy.

If we later release an Android or other official mobile version of JointReset, this Privacy Policy will also apply to that version unless we publish a platform-specific notice that says otherwise.

It does not control third-party services that you access separately, including Apple, App Store billing and subscription tools, AI providers, YouTube or other external video sources, or the apps and services you choose when exporting data through your device share sheet. Those services operate under their own privacy notices and terms.

2. Information we may process

2.1 Website information

When you visit the public website, we may process limited technical information needed to deliver the site, secure it, and understand basic operational performance. This can include server or CDN logs, IP address, browser details, device type, timestamps, requested pages, and similar diagnostic information.

The current JointReset website is intended to be lightweight. We do not intentionally include advertising trackers, session replay tools, Meta Pixel, or unnecessary third-party behavioral analytics by default.

2.2 App information you enter or generate

The JointReset app may process information that you choose to enter, record, or generate while using the service, including:

  • onboarding and profile details;
  • wellness, movement, and pain-related information such as body areas, activity triggers, work habits, training history, goals, symptoms, and progress logs;
  • session completion data, perceived difficulty, and progress summaries;
  • generated programs, notes, and educational outputs;
  • documents or exports you create in the app;
  • subscription and entitlement status received through Apple;
  • AI provider preferences and related configuration data.

2.3 Optional media and device features

Some features are optional and depend on permissions that you grant. Depending on how you use the app, JointReset may process:

  • camera captures or video recordings for optional form-feedback flows;
  • photos or media you choose to import;
  • HealthKit information, if you authorize HealthKit access;
  • calendar and reminder-related information, if you authorize scheduling features;
  • notification preferences needed to send local reminders.

You can decline many optional permissions, and you can generally revoke them later in your device settings. Some features may not function fully if the related permission is not granted.

3. Permissions and device access

JointReset may request access to mobile-device permissions only when those features are relevant to your use of the app. The exact permission names and prompts may differ by platform.

  • HealthKit: to read or write health-related data that you authorize, such as data used to support progress tracking or activity context.
  • Camera and Photos: to let you record or select media for optional educational guidance and form-feedback features.
  • Notifications: to send local reminders for sessions or recovery planning.
  • Calendar: to create or manage user-requested scheduling events.

Granting these permissions does not mean that all of the corresponding data is routinely sent to us or stored remotely. The exact handling depends on the feature you use. Some data may stay local unless you trigger an export, AI request, or another integration that sends it elsewhere.

4. AI features, external providers, and disclosures

JointReset includes AI-assisted features such as program generation, summaries, and optional form-feedback analysis. When you choose to use these features, the app may send selected input data outside your device so the requested feature can run.

Depending on the version of the app, the feature you use, and the configuration available at the time, AI processing may happen through:

  • provider credentials that you supply directly in the app; or
  • provider access configured or made available by JointReset.

AI providers may include OpenAI, Anthropic, and Google. If you submit profile details, progress information, images, video-derived frames, or other material to an AI-powered feature, that information may be transmitted to the selected or configured provider so the request can be completed. Once information is sent to a provider, that provider may apply its own terms, privacy policy, logging practices, and retention rules.

JointReset also links to third-party content such as exercise videos. If you open an external video or web link, the relevant third party may receive technical information in connection with delivering that content.

4.1 Apple and App Store services

If you use the iPhone version of the app, Apple may process information needed to distribute the app, verify purchases, manage subscriptions, and restore transactions. If we later release Android or other platform versions, equivalent app-store or platform providers may process similar information under their own rules. We do not control those third-party privacy practices.

4.2 Exports and sharing

JointReset may allow you to export documents or other materials. If you choose to export or share content, the data leaves the app at your direction and may be processed by the receiving app, service, storage provider, or contact that you select.

5. How information is stored, used, retained, and protected

5.1 Storage model

JointReset is designed to keep the primary app dataset on your device where practical. App profile data, plans, logs, and similar materials are intended to be stored locally through on-device persistence. API keys and certain sensitive credentials are intended to be stored using secure device credential storage, including the iOS Keychain on Apple devices.

This does not mean that information always stays on-device. Data may leave the device when you:

  • use AI-powered features;
  • open third-party video or web content;
  • export or share documents or media;
  • use Apple-managed billing, subscription, or platform services.

5.2 How we use information

We may process information to:

  • deliver the website and app;
  • generate requested programs, summaries, and educational guidance;
  • support reminders, calendar scheduling, and progress tracking;
  • manage subscriptions and restore purchase access;
  • maintain safety boundaries and service operations;
  • respond to support, notice, and rights requests.

5.3 Legal bases for processing

Where European data protection law applies, we generally rely on one or more of the following legal bases:

  • performance of a contract when we provide the service you request;
  • your consent for optional permissions or optional processing;
  • legitimate interests in operating, securing, defending, and improving the service, provided those interests are not overridden by your rights; and
  • legal obligations where disclosure or retention is required by law.

5.4 Retention

Information that remains only on your device is generally retained until you delete it, remove the app, reset your device permissions, or otherwise remove the underlying local data. Information sent to third-party providers, including AI providers, Apple, external content providers, or your chosen export targets, may be retained under those third parties' own policies.

5.5 Security

We use reasonable organizational and technical measures appropriate to the current product design, including local storage architecture, keychain-backed credential storage where supported, and a limited-use website setup. No method of transmission, storage, or device protection is completely secure, so we cannot guarantee absolute security.

6. Your rights and choices

Depending on where you live, you may have rights to access, correct, delete, restrict, object to, or port personal information that we process, and to withdraw consent for permission-based processing. You can also manage many optional device permissions through your device settings.

If you are in the European Economic Area or another jurisdiction with comparable rights, you may also have the right to complain to your local supervisory authority. If you are in France, you may contact the Commission Nationale de l'Informatique et des Libertes (CNIL).

6.1 Children

JointReset is not directed to young children. We do not intend to knowingly collect personal information from children in a manner that would violate applicable law. If you believe a child has provided personal information through the service inappropriately, contact us so we can review the issue.

6.2 International processing

Some third-party providers used at your direction may process information outside your country, including outside the European Economic Area. When that happens, those providers are responsible for their own international transfer mechanisms and safeguards.

6.3 Policy changes

We may update this Privacy Policy as the JointReset product evolves, including if new permissions, integrations, hosting arrangements, or analytics practices are introduced. If we make material changes, we will update the "Last updated" date and may provide additional notice where appropriate.

7. Contact us

For privacy questions, requests, or notices, contact Thibault Bertin at contact@saturlab.com.

Postal address: Saturlab SAS, 98 Avenue Foche, 75016 Paris, France.

This Privacy Policy should be read together with the Terms and Conditions and the Safety page.