Skip to main content
Sauna Scale
Get started

Privacy Policy

Last updated: May 5, 2026

1. Introduction

Cymba Labs LLC ("we", "us", or "our") operates Sauna Scale, a software service for sauna installers and their customers. This Privacy Policy describes how we collect, use, store, and protect personal data when you use Sauna Scale or interact with an installer who uses Sauna Scale to handle their intake.

2. Data Controller

Cymba Labs LLC, a Delaware limited liability company, is the data controller for installer accounts and the data processor for homeowner data captured through the intake widget or SMS on behalf of installers.

Contact: hello@cymbalabs.com

3. What we collect

  • Account data for installers: name, email, business name, phone, and authentication metadata.
  • Conversation data from the intake widget and SMS: messages, timestamps, channel, and any qualification facts the homeowner provides (project type, size, budget, timeline, electrical details).
  • Contact data: homeowner name, email, phone, and ZIP if shared with the agent.
  • Payment metadata via Stripe (subscription status, card brand and last 4, billing email). We do not store full card numbers — Stripe holds them.
  • Operational data: IP address, user agent, error traces, and usage events for security and reliability.

4. How we use it

We use the data above to operate the service, qualify and route homeowner inquiries to the relevant installer, generate quotes, send transactional email and SMS, prevent abuse, and improve the product. We do not sell personal data and we do not use homeowner conversations for advertising.

5. SMS and TCPA

We comply with the Telephone Consumer Protection Act (TCPA). Before we send any automated SMS to a phone number, we capture explicit consent — either by an opt-in disclosure shown when the agent asks for the number on the website, or by a one-time consent prompt sent to a phone that texts an installer's Sauna Scale number.

You can reply STOP at any time to unsubscribe. Reply HELP for help. After STOP, we will not send further automated messages until you reply START. We retain consent records for audit purposes including the date, source, and exact disclosure text version you agreed to.

Standard message and data rates may apply.

6. Subprocessors

We use a small number of vetted vendors to operate the service (database, hosting, AI inference, SMS delivery, payments, error monitoring, transactional email). The current list is at /subprocessors.

7. Analytics and error monitoring

We use Sentry to capture exceptions in production with conversation and organization tags so we can debug and respond to incidents. We use product analytics to measure aggregate usage of the dashboard. Neither tool is used to build advertising profiles.

8. Retention

Active conversation and lead records persist for the lifetime of the installer's account. SMS opt-out and consent records are retained for at least four years following TCPA guidance. Account data is deleted within 30 days of account closure on request, except where we're required to retain it for tax, legal, or audit reasons.

9. California residents

If you are a California resident, the California Consumer Privacy Act (CCPA) gives you the right to know what personal data we have collected about you, to request deletion, and to opt out of sale. We do not sell personal data. To exercise your rights email hello@cymbalabs.com.

10. Security

Data is encrypted in transit (TLS) and at rest in our database and object storage. Access to production systems is limited to a small number of authorized personnel and audited.

11. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent change. Material changes will be communicated to account owners by email.

12. Contact

Questions or requests: hello@cymbalabs.com.