Privacy & Security

We build trust through clarity and specificity. Plain-language principles and transparent security practices—no absolute claims unless we can prove them.

Our principles

Data minimisation – We collect only what's needed to provide the service.
Local-first by default – Your data stays on your device unless you choose otherwise.
User control – You decide what leaves your phone and who has access.
Transparency – We explain what we do with your data in plain language.

Read our privacy principles

Security overview

Encryption at rest on device; key management (high level); backups and device loss story. We avoid absolute claims like "end-to-end encrypted" unless we specify what is encrypted, which keys exist, and where decryption can occur.

Security details

What we do not do

We do not sell or share your personal health data without your explicit consent. You control whether your data is shared or sold.
We do not use your health data for targeted advertising.

Threat model (simplified)