Privacy Policy Elysia Sleep App
Last updated: October 10, 2025
Loop BV (“Loop”, “us”, “we”, or “our”) is a company dedicated to designing and selling products and services that enhance sensory wellbeing, such as earplugs, sleep masks, and related items including software and apps.
This Privacy Policy describes how Loop may collect, use, and disclose your personal data when you use our Elysia sleep app (the “App”), as described in the App Terms of Use. This Privacy Policy also describes the choices and rights you have with respect to your personal data.
This Privacy Policy applies to information we collect on the App, and through communications between you and the App. This Privacy Policy does not apply to websites, applications and services that are owned and operated by third parties.
Please take some time to read this Privacy Policy to ensure you understand and are comfortable with our use and disclosure of your personal data. If you do not agree to any of the provisions of this Privacy Policy, you should not use the App.
1. Data Controller’s Details.
Loop is the data controller of your personal data provided to, or collected by or for, or processed in connection with, the App. Loop’s registered address is at Lamorinièrestraat 33/105 2018 Antwerp, Belgium, and we can be contacted using the details provided in the “Contact Us” section below.
2. Personal Data We Collect.
Personal data, or personal information, is any information about an individual which could, alone or together with other information, personally identify them or otherwise be reasonably linked or connected with them. It does not include aggregated, non-personally identifying information that does not identify an individual or cannot otherwise be reasonably linked or connected with them. We may use such aggregated, non-personally identifying information for research purposes and to operate, analyze, improve, and optimize the App.
Personal data we collect is related to providing the App and falls into three main categories: (1) personal data you voluntarily provide us; (2) personal data we collect automatically; and (3) personal data we collect from other sources.
2.1 Personal Data That You Voluntarily Provide Us.
We collect personal data that you knowingly choose to disclose. This may include:
(a) Personal Information. Such as your first name.
(b) Interactions. Such as when you respond to questions, communicate with the App, or share your experience with us.
2.2 Personal Data We Collect Automatically.
When you use the App, we automatically collect personal and other data. This may include:
(a) Device and Online Usage Information. Such as details about how you’ve used the App (including if you clicked on links to third-party applications), IP address, access dates and times, hardware and software information, device information, device event information, unique identifiers, crash data, the pages or content you view on the App, and other actions on the App.
(b) Geolocation Information. Such as precise or approximate location determined from your IP address, mobile, or other device’s GPS, or other information you share with us, depending on your device settings.
2.3 Personal Data We Collect From Other Sources.
We may collect data about you from other sources including in some cases data that is publicly available, provided by or purchased from marketing business partners, or present on social media platforms. By gathering additional data about you, we can correct inaccurate information, enhance the security of your transactions and help prevent fraud, and give you product recommendations and special offers that are more likely to interest you. In particular, we collect personal data from the following sources:
(a) Service Providers and Business Partners. We may receive data about you from our service providers and business partners, including companies that assist with analytics, advertising, marketing, data processing and management, account management, hosting, customer and technical support, and other services which we use to personalize your experience on the App.
To provide conversational responses in the App, we use services provided by OpenAI, L.L.C., based in the United States. Messages you enter in the App may be transmitted to OpenAI's API to generate responses. OpenAI acts as our data processor and is contractually bound to process your data in compliance with applicable data protection laws.
(b) Authentication Partners. If you register for or log into the App using third-party credentials (e.g., Facebook or Google), we will import your data from such third party to help create your account with us.
(c) APIs and Software Development Kits. We may use third-party application programming interfaces (“APIs”) and software development kits (“SDKs”) as part of the functionality of the App. APIs and SDKs may allow third parties, including analytics partners, to collect your personal data for various purposes including to provide analytics services and content that is more relevant to you.
2.4 Information You Should Not Provide
To help safeguard your privacy and ensure responsible use of the App, we ask that you do not submit any personal data through your interactions with the App beyond your first name or other personal data that might explicitly be requested, and especially no sensitive personal data, as defined under Article 9 of the General Data Protection Regulation (the “GDPR”).
This includes, but is not limited to information concerning:
· Personal health or medical conditions
· Racial or ethnic origin
· Political opinions
· Religious or philosophical beliefs
· Trade union membership
· Genetic or biometric data
· Sexual orientation or sex life
· Criminal convictions or offenses.
The App is not designed to collect or process additional personal data or sensitive personal data. We do not require such information to provide the App and do not actively collect it. If you choose to submit this type of data within the App (e.g., through interactions or messages), you do so voluntarily and at your own risk.
We disclaim responsibility for any consequences resulting from the submission of additional or sensitive personal data, and such data will not be used for any processing purpose beyond the technical operation of the App.
3. How We Use Your Personal Data.
3.1 General Use of Your Personal Data.
We generally use your data for business and commercial purposes, including to provide the App, for security and fraud prevention, for marketing and promotional purposes, and to perform analytics, as explained in more detail below.
We store App interactions in a pseudonymized form, using only your first name to personalize your experience. These logs are not linked to any other identifiers and are not used to re-identify you.
3.2 Legal Bases for Processing Under the GDPR.
We will only use your personal data if and to the extent that applicable law allows. We may process your personal data as defined by the GDPR under the following bases:
(a) Performance of a Contract (Art 6.1.b). Where the processing is necessary for the performance of a contract with you.
(b) Legitimate Interests (Art 6.1.f). If we (or a third party) have a legitimate interest which is not overridden by your interests or your rights and freedoms.
(c) Legal Requirement (Art 6.1.c). Where the processing is necessary in connection with a legal obligation.
(d) Consent (Art 6.1.a). You have given your consent (where necessary) to such use or the organization you work for has obtained your consent (where necessary) to share your data with us.
(e) Vital Interest (Art 6.1.d). Where the processing is necessary to protect the health, safety, or vital interests of any person.
3.3 Purposes of Use With Legal Bases.
We may use the personal data we collect about you in a variety of ways, including:
(a) Providing the App and Support to You. Specifically, we use personal data to provide the App to you; for troubleshooting, technical, and customer service and support purposes; and to fulfill the purpose for which you provide such information, or fulfill any other purpose disclosed by us when you provide the data. The legal basis for the processing of your personal data for these purposes include performance of a contract, legitimate interest, and legal requirement.
(b) Communicating With You. Specifically, we use personal data to communicate with you about your account (including Services-related announcements). The legal basis for the processing of your personal data for these purposes include performance of a contract, legitimate interest, and legal requirement.
(c) Personalizing the App. Specifically, we use personal data to personalize content and experiences on the App, including providing you reports, recommendations, and feedback based on your preferences and your feedback to our questions in the App. The legal basis for the processing of your personal data for these purposes include legitimate interest.
(d) Marketing and Promotions. Specifically, we use personal data to send you information, news, updates, and offers about us or the Services (subject to your consent where required by applicable law). The legal basis for the processing of your personal data for these purposes include consent and legitimate interest.
(e) Protecting Legal Rights and Preventing Misuse. Specifically, we use personal data to protect the App and our business operations including to detect, investigate, or take action regarding illegal activities, misuse, or suspected fraud; to investigate, enforce, and prevent violations of our policies and terms; and as otherwise necessary to establish, protect, and defend our legal rights. The legal basis for the processing of your personal data for these purposes include performance of a contract, legitimate interest, and legal requirement.
(f) Complying with Legal Obligations. Specifically, we use personal data to comply with the law and to respond to legal process or enforcement or legal process requests. The legal basis for the processing of your personal data for these purposes include legal requirement and legitimate interest.
(g) General Business Operations. Specifically, we use personal data where necessary for the administration of our general business, accounting, recordkeeping, and legal functions. The legal basis for the processing of your personal data for these purposes include legitimate purpose.
4. How We Share Your Personal Data.
We may share your personal data with third parties under one of the following circumstances:
(a) Affiliates and Subsidiaries. We may share your data with our subsidiaries and affiliates in furtherance of the purposes set out in this Privacy Policy.
(b) Service Providers. We may share your data with third-party vendors, consultants, and other service providers that provide us with support services, such as App hosting, network data transmission, security, and other similar services, and who are bound by contractual obligations to keep personal data confidential and use it only for the purposes for which we disclose it to them.
(c) Change in Control or Sale. We may share your data if we are involved in a merger, corporate transaction, or another situation involving the transfer of some or all of our business assets, with business entities or people involved in the negotiation or transfer.
(d) Compliance with Laws. We may be required to share your data to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
(e) With Your Consent. We share data about you with other companies if you give us permission or direct us to share such data.
(f) Aggregated Data. We may share aggregated data (i.e., data about our users that we render in such a way that it no longer identifies or references an individual user) and other pseudonymized information for regulatory compliance, industry and market analysis, demographic profiling, marketing and advertising, and other business purposes.
5. Use of Online Tracking Technologies.
We may use mobile analytics SDKs and similar technologies (such as Mixpanel) to help us understand how users interact with the App and to improve your experience. These technologies may collect device information, app usage data, crash logs, and diagnostic information.
6. Your Rights Regarding Your Personal Data.
The GDPR gives certain rights to individuals in relation to their personal data. Because we do not collect or store directly identifying information such as email addresses or phone numbers, and data is only linked to a first name, we may be unable to identify your data to fulfill certain data rights requests, such as access or deletion. If you believe you’ve shared identifiable data, please provide sufficient detail so we can assist.
As available and except as limited under applicable law, the rights afforded to individuals are:
(a) Right To Access. The right to be informed of, and request access to, the personal data we process about you. Right to Rectification/Correction. The right to request that we amend or update your personal data where it is incorrect or incomplete.
(b) Right to Erasure/Deletion. The right to request that we delete certain personal data we hold about you.
(c) Right to Data Portability. The right to request a copy of your personal data in electronic format, and the right to request that we transfer such data to a third party of your choice.
(d) Right to Restrict. The right to request that we restrict the way we process and disclose certain of your personal data.
(e) Right to Object. The right to object to our processing of your personal data where we are relying on a legitimate interest (or those of a third party), or where we are processing your personal data for direct marketing purposes.
(f) Right to Withdraw Your Consent. The right to withdraw your consent at any time (to the extent we base processing on consent), without affecting the lawfulness of the processing based on such consent before its withdrawal.
You can exercise these rights by contacting us by using the details provided in the “Contact Us” section below and specifying which GDPR privacy rights you wish to exercise. We must verify your identity to honor your request, which we will respond to within one (1) month.
7. How We Protect Your Personal Data.
We take appropriate precautions including organizational, technical, administrative, and physical security measures to help safeguard your data against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure. While we have employed security technologies and procedures to assist safeguarding your personal data, no system or network can be guaranteed to be 100% secure. Due to the inherent nature of the internet, we cannot guarantee that data, including personal data, is absolutely safe from intrusion or other unauthorized access by others. We encourage you to take steps to protect your data and prevent unauthorized access to your password, smartphone or account by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords, or for any activity on your account via unauthorized password activity.
8. How Long We Retain Your Personal Data.
We may retain your data for as long as required to satisfy the purposes identified in this Privacy Policy and to meet legal requirements. We determine the appropriate retention period for personal data on the basis of the amount, nature, and sensitivity of the personal data being processed, the potential risk of harm from unauthorized use or disclosure of the personal data, whether we can achieve the purposes of the processing through other means, and on the basis of applicable legal requirements (such as applicable statutes of limitation). When personal data is no longer needed, or in any event, after legal authority to retain it has expired, personal data will be destroyed, in accordance with local law and pursuant to procedures established in relation to the relevant system or process.
9. International Data Transfers.
Your personal data may be transferred to, stored, and processed in a country or jurisdiction other than the one in which it was collected, including to a country and jurisdiction that does not have the same data protection laws as your jurisdiction. Where we transfer your personal data outside the European Economic Area (“EEA”), we will take reasonable steps to ensure an adequate level of data protection of the recipient as required under the GDPR.
10. Third-Party Links and Services.
The App may contain links to third-party websites such as social media sites, and also contain third-party plug-ins and functionalities. If you choose to use these sites or features, you may disclose your data not just to those third parties, but also to their users and the public more generally depending on how their services function. We are not responsible for the content or practices of those websites or services. The collection, use, and disclosure of your data will be subject to the privacy policies of the third-party websites or services, and not this Statement. We urge you to read the privacy and security policies of these third parties.
11. Children.
We do not knowingly collect or solicit personal data from anyone under the age of 16. If you are under 16, please do not attempt to use our App or send any personal data about yourself to us. If we learn that we have collected personal data from a child under the age of 16, we will delete such data as quickly as possible. If you believe that a child under 16 may have provided us personal data, please contact us by using the details provided in the “Contact Us” section below and we will take (all available) steps to delete their personal data from our systems.
12. Changes to this Privacy Policy.
This Privacy Policy went into effect on the “Last Updated” date noted near the top of this page. We may update this Privacy Policy from time to time. Any changes will be reflected in the revised Privacy Policy posted in our App, together with the updated effective date. Your continued use of the App after we make changes is deemed to be acceptance of those changes, so please check the Privacy Policy periodically for updates.
13. Contact Us.
We welcome questions, comments, and concerns about this Privacy Policy and our privacy practices. If you wish to provide feedback or if you have questions or concerns or wish to exercise your rights related to your personal data, please contact us via our contact page, or by using the details set out below:
Loop BV
To the attention of the Privacy Officer
Lamorinièrestraat 33/105
2018 Antwerp, Belgium
We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, and you are located in the EEA, you have the right to lodge a complaint with our privacy officer (privacy@loopearplugs.com) or with the Belgian Data Protection Authority (for more information, visit www.dataprotectionauthority.be).