🔒 Privacy-Focused Commitment
HealthAI+ is designed with privacy as a core principle. We prioritize on-device processing when possible and are transparent about any third-party services used. Your health data is stored locally and processed securely.
1. Overview
HealthAI+ is committed to protecting your privacy. This policy explains how we handle your health data and what information is shared with third-party services.
2. Data Collection
Health Data from HealthKit
HealthAI+ reads the following types of health data from Apple HealthKit:
- Workouts (type, duration, calories burned)
- Steps and activity data
- Heart rate and heart rate recovery
- Sleep data
- Active and basal calories
- Distance traveled
- Body composition data (if available)
All health data is stored locally on your device. We do not upload your health data to our servers.
User Preferences
User profile information (name, age, gender, weight, height, fitness goals) is stored locally on your device using iOS UserDefaults. This data:
- Stays on your device
- Is encrypted by iOS
- Can be deleted by uninstalling the app
3. Third-Party Services
Apple Intelligence (iOS 26.0+)
On supported devices (iPhone 15 Pro or newer with iOS 26.0+), HealthAI+ uses Apple's Foundation Models Framework for on-device AI processing.
When using Apple Intelligence:
- No data leaves your device - All AI processing happens locally
- Complete privacy - Your health data never reaches external servers
- No internet connection required - AI features work completely offline
- Powered by Apple's on-device AI - Uses the Foundation Models Framework
Groq API (Fallback)
On devices that don't support Apple Intelligence (iOS versions below 26.0 or devices without A17 Pro+ chip), HealthAI+ uses Groq API to generate AI-powered health insights and recommendations.
What data is sent to Groq:
- Aggregated health metrics (workout efficiency, steps, calories, heart rate patterns)
- Your fitness goals and profile information (age, gender, weight, height)
- Time range context (e.g., "This Week", "Last Month")
What Groq does with your data:
- Processes the data to generate personalized health insights
- Does NOT store your data permanently
- Does NOT use your data for training or tracking
- Does NOT share your data with third parties
Data Security:
- All communication with Groq API is encrypted (HTTPS)
- API keys are securely stored and never exposed to users
Third-Party Domain:
- api.groq.com - Used only for AI insight generation (on devices without Apple Intelligence)
4. Data Storage
Local Storage
All health data and user preferences are stored locally on your device:
- HealthKit data remains in Apple HealthKit
- User profile and preferences stored in UserDefaults
- AI-generated insights cached locally for performance
No Cloud Storage
HealthAI+ does not:
- Upload your health data to cloud servers
- Sync data across devices
- Store data on external servers (except temporary processing via Groq API when Apple Intelligence is unavailable)
5. Data Sharing
HealthAI+ does NOT:
- Sell your data to third parties
- Share your data with advertisers
- Use your data for tracking across apps or websites
- Store your health data permanently on external servers
6. Data Security
Your health data is protected by:
- iOS encryption - All data stored on your device is encrypted by iOS
- Apple Health App security - Apple's built-in security for health data
- HTTPS encryption - All API communications are encrypted
- Local processing priority - Apple Intelligence used when available for maximum privacy
7. Your Rights
You have full control over your data:
- Access - All your health data is accessible through Apple's Health app
- Control - You control which health data types HealthAI+ can access via Settings → Health → Data Access & Devices
- Delete - Uninstalling HealthAI+ removes all locally stored preferences
- Revoke - You can revoke Apple Health App permissions at any time
- No Account Required - HealthAI+ doesn't require an account or login
8. Apple Health App Permissions
HealthAI+ requests read access to Apple Health App data types including:
- Workouts and activity data
- Steps and distance
- Heart rate and cardiovascular metrics
- Sleep data
- Body measurements (weight, height, BMI)
- Active and resting calories
You can grant or deny access to each data type individually. HealthAI+ only reads data—it does not write to Apple Health App without your explicit permission.
9. Children's Privacy
HealthAI+ is not intended for children under 13. We do not knowingly collect data from children.
10. Changes to This Policy
We may update this privacy policy from time to time. The "Last Updated" date at the top indicates when changes were made. We encourage you to review this policy periodically.
11. Contact Us
For questions about this privacy policy, please contact us:
Email: masoud.tahsi@gmail.com
Or visit our GitHub repository for more information.
12. Compliance
This privacy policy complies with:
- Apple's App Store privacy requirements
- iOS Privacy Manifest specifications
- GDPR principles (for EU users)
Summary
HealthAI+ prioritizes your privacy. On supported devices (iOS 26.0+ with A17 Pro+), all AI processing happens entirely on-device using Apple Intelligence™ - no data leaves your device. On older devices, we use Groq API as a fallback, which processes your data temporarily to generate insights but does not store or track it. All health data is stored locally on your device, and you have complete control over your information.