Privacy Policy

Last updated 9 June 2026

This policy explains what data we collect when you join the AXIS waitlist or use the AXIS app, why we collect it, who we share it with, and the choices you have. AXIS is operated by ACEX International Limited ("ACEX", "we", "us"), a company registered in England and Wales. We are the data controller for the information described here.

If you have any question about your data, email us at privacy@acexos.com.

The short version

We collect the contact details you give us, the things you record and write in the app, and data about how you use it. Some of that says something about how you are feeling, so we treat it carefully. We do not sell your data. We never see your full card number. You can ask us to delete your account whenever you want.

What we collect

When you join the waitlist

The landing page asks for one thing: an email address or a phone number. We use it to tell you when access is ready and, occasionally, to update you about the launch. That is all the waitlist does.

When you create an account

To set up and secure your account, we collect:

  • your email address or phone number, which is how you sign in;
  • your name;
  • your time zone, so reminders land at a sensible hour;
  • login credentials. You can sign in with a one-time code sent by email or text, or with a password. Passwords are stored only as a hash, never in plain text.

What you record and write in the app

AXIS is a mental performance tool, so some of what you put into it reflects your state of mind. This is the data we are most careful with. It includes:

  • check-in scores you give before and after a session, and the prompts you tap to say what improved;
  • voice notes you record, the audio file itself, the transcript we generate from it, and any intensity rating or written note you attach;
  • daily debriefs, including how you rate the day and what you write about what went well, the pressure you faced, what you learned, and your focus for tomorrow;
  • messages you exchange with the in-app coach;
  • which sessions you play, how far you get, and which ones you save.

You do not have to record or write anything. These features only hold what you choose to put in them.

How you use the app

We record activity such as when a session starts and finishes, how much of it you listen to, where you stop, the time of day you train, your streaks and points, and your notification settings. This is what makes progress tracking and reminders work. If you turn on notifications, we also store a device token so we can send them.

Payment information

Subscriptions are handled by Stripe. Stripe collects and processes your card details directly. We do not see or store your full card number. What we keep is the subscription record: your Stripe customer and subscription identifiers, the plan, the amount, the currency, the status, and the renewal or trial dates.

Technical and diagnostic data

When the app crashes or hits an error, we receive a diagnostic report through Sentry. It can include device and operating system details, the sequence of actions that led to the problem, and identifiers tied to your account. We use it to find and fix faults.

Why we use your data

Under UK data protection law, we rely on these grounds:

  • To provide the service you asked for. Running your account, playing sessions, saving your notes, and processing your subscription are all necessary to deliver the app you signed up for.
  • Your consent. We rely on consent for the waitlist, for push notifications, and for using your microphone to record voice notes. You can withdraw it at any time.
  • Our legitimate interests. We use diagnostic data to keep the app stable and secure, and aggregate usage data to understand what is working. We balance this against your privacy.
  • Legal obligations. We keep certain records, such as payment history, for as long as tax and accounting rules require.

Who we share it with

We do not sell your data and we do not share it for advertising. We do use a small set of service providers that process data on our behalf, under contract and only for the purposes below:

  • Stripe processes payments and manages subscriptions.
  • Cloudflare sends our emails (including login links), stores uploaded files such as your voice notes, and runs the speech-to-text model that transcribes them.
  • Amazon Web Services (AWS) delivers our text messages, such as the one-time codes you use to sign in, and our push notifications.
  • Sentry receives crash and error reports.
  • DigitalOcean hosts the servers and database that run the service.

We may also disclose data if the law requires it, or to protect our rights, our users, or the public.

Voice notes and automated features

Two features rely on automated processing, and we want to be clear about them. When you record a voice note, the audio is sent to Cloudflare's speech-to-text model to produce a written transcript, which is then stored on your account. When you use the coach, your messages are processed to generate a reply. These systems can make mistakes, and the coach is not a person. Nothing it produces is professional, medical, or psychological advice.

Where your data is held

Our providers operate data centres in the UK, the European Union, and the United States, so your data may be transferred outside the UK. When it is, we rely on the safeguards that UK law recognises, such as the International Data Transfer Agreement or standard contractual clauses, so your data keeps a similar level of protection.

How long we keep it

We keep your account data for as long as your account is open. When you ask us to close it, we delete or anonymise your personal data within a reasonable period, except where we have to keep some records longer, for example payment records we are required to retain. Waitlist contact details are kept until you ask us to remove them or the waitlist closes.

Your rights

Under UK GDPR you can ask us to give you a copy of your data, correct it, delete it, restrict or object to how we use it, or send it to another provider. You can also withdraw any consent you have given. To do any of this, email privacy@acexos.com and we will respond within the time the law allows. There is no in-app delete button yet, so this email is the way to ask us to remove your account, and we will action it for you.

If you think we have handled your data badly, you can complain to the Information Commissioner's Office at ico.org.uk. We would rather you came to us first so we can put it right.

How we protect it

We encrypt data in transit, hash passwords, keep login tokens short-lived, and limit who can access the systems that hold your data. No service is perfectly secure, but we take this seriously and review our setup as the product grows.

Children

AXIS is not for children under 16. We do not knowingly collect data from anyone under that age. If you believe a child has given us their data, email us and we will delete it.

Changes to this policy

If we change how we handle your data, we will update this page and move the date at the top. If the change is significant, we will tell you in the app or by email before it takes effect.

Contact

ACEX International Limited, England and Wales. Questions, requests, or complaints: privacy@acexos.com.