Last updated: March 2026

Privacy Policy

Revere is an AI-powered wearable device and companion platform designed to help people living with Alzheimer's disease and their caregivers. We take privacy seriously — especially given the sensitive nature of the people we serve. This policy explains exactly what we collect, why, and how it is protected.

Who this policy applies to

This policy applies to all users of the Revere device, the Revere caregiver web dashboard, and any related mobile or web applications. "User" refers to both the person wearing the device (the patient) and the caregivers or family members who configure and monitor it.

What we collect

On-device (patient side)

  • Camera data: The glasses camera processes video in real time to identify faces. This processing happens entirely on the device. Raw video is never recorded, stored, or transmitted. Only the result of face recognition (for example, "person identified as Sarah") is used to trigger an audio prompt.
  • Face gallery: Caregivers upload photos of known people through the dashboard. These images are converted into face embeddings (mathematical vectors) and stored locally on the device. The original photos are not stored on the device after processing.
  • Location data: The device collects GPS coordinates to support wandering detection and location-based alerts. Location is only transmitted to the caregiver dashboard when a configurable alert threshold is crossed. Continuous location history is not stored beyond a rolling 24-hour window.
  • Device telemetry: Battery level, connection status, and hardware health diagnostics are collected to support device reliability. This data is anonymised before being transmitted.

Caregiver dashboard

  • Account information: Name, email address, and password (hashed, never stored in plain text).
  • Uploaded face photos: Photos uploaded to build the face gallery. These are processed server-side to generate embeddings, then deleted from our servers within 24 hours. Embeddings are transmitted to the device and stored locally.
  • Schedule configuration: Daily routine and medication reminder schedules set by the caregiver.
  • Alert and activity logs: A timestamped log of alerts triggered (face recognition events, location alerts, reminders) is stored for up to 30 days and accessible only to the caregiver account linked to the device.

What we do not collect

  • We do not record or store audio beyond the duration of a real-time prompt.
  • We do not store raw video footage at any point.
  • We do not sell, rent, or share personal data with advertisers or third parties for commercial purposes.
  • We do not use patient data to train machine learning models without explicit, opt-in written consent.

How data is stored and secured

All data transmitted between the device and our servers is encrypted in transit using TLS 1.3. Data stored on our servers is encrypted at rest using AES-256. Face embeddings stored on the device are protected by device-level encryption.

Access to caregiver accounts is protected by password authentication. We recommend enabling two-factor authentication where available. Our internal team access to patient-linked data is restricted on a strict need-to-know basis and is logged.

Data sharing

We do not sell personal data. We may share limited data with:

  • Infrastructure providers: Cloud hosting and database providers operating under data processing agreements consistent with applicable privacy law.
  • Emergency services: In situations where life safety is at risk, we may share location data with emergency responders if explicitly enabled by the caregiver.
  • Legal requirements: If required by a valid court order or applicable law, we may disclose data. We will notify the account holder unless legally prohibited from doing so.

Retention

  • Alert and activity logs: 30 days, then automatically deleted.
  • Uploaded face photos: deleted from our servers within 24 hours of processing.
  • Account data: retained while the account is active. Deleted within 30 days of a deletion request.
  • Device embeddings: deleted when the caregiver removes a person from the gallery, or when the device is factory reset.

Your rights

Depending on your jurisdiction, you may have the right to access, correct, export, or delete personal data we hold about you. To exercise these rights, contact us at the address below. We will respond within 30 days.

Children and vulnerable adults

Revere is designed to serve people living with Alzheimer's disease, who may lack the capacity to independently consent to data processing. We require that caregivers who configure and use the platform have appropriate legal authority to act on behalf of the patient, such as power of attorney or equivalent guardianship. We do not knowingly collect data from minors under 18 without verifiable guardian consent.

Changes to this policy

We may update this policy as the product evolves. Significant changes will be communicated to registered caregiver accounts via email at least 14 days before taking effect. Continued use of the platform after that date constitutes acceptance of the revised policy.

Contact

For privacy-related questions, data requests, or concerns:

Revere
privacy@revere.health