Privacy Policy

Last updated: December 9, 2024

WellStreak ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our mobile application.

Information We Collect

WellStreak is designed with a local-first architecture. Your health data stays on your device.

Data Stored Locally on Your Device:

• Wellness scores and daily logs
• Meal entries and FODMAP tracking data
• Symptom records and exercise logs
• Sleep data and health patterns
• Personal notes and observations
• Streak progress and milestones

Data Synced with Apple Services (Optional):

• If you enable iCloud sync, your WellStreak data may be stored in your private iCloud account using Apple's encrypted CloudKit service
• HealthKit data (sleep, heart rate, workouts) is accessed with your permission and processed locally

Data Processed by Our Services:

• When using the AI Health Coach feature, your conversation messages are sent to our secure servers for processing
• We do not store conversation history on our servers beyond the session
• Device identifiers are used for service authentication and rate limiting

How We Use Your Information

We use information solely to:

• Provide the health tracking and analysis features you request
• Process AI Health Coach conversations
• Authenticate your device for service access
• Improve our app and services

Data Security

We implement appropriate security measures to protect your information:

• All data on your device is stored using Apple's secure SwiftData framework
• iCloud synced data is encrypted using Apple's CloudKit encryption
• Communications with our servers use industry-standard TLS encryption
• API keys and sensitive credentials are stored in the iOS Keychain

HealthKit Data

WellStreak may request access to HealthKit data including:

• Sleep analysis
• Heart rate and heart rate variability
• Workout data

This data is:

• Only accessed with your explicit permission
• Processed entirely on your device
• Never shared with third parties
• Never used for advertising purposes

Third-Party Services

WellStreak uses the following third-party services:

• Apple Sign In: For secure authentication
• Apple iCloud: For optional data sync across your devices
• AI Language Models: For processing Health Coach conversations (no health data is retained)

Data Retention

Your health data is stored locally on your device and remains there until you delete it. You can:

• Export your data at any time through the app's Export feature
• Delete all your data by removing the app
• Request deletion of any server-side data by contacting us

Children's Privacy

WellStreak is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

Your Rights

You have the right to:

• Access your data through the app's export feature
• Delete your data by removing the app or using in-app deletion
• Opt out of optional data collection (iCloud sync, HealthKit)
• Contact us with privacy concerns

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

Contact Us

If you have questions about this Privacy Policy, please contact us at:

Email: privacy@wellstreak.com