PRIVACY POLICY

Your data, your rules.

Last updated: March 16, 2026

TL;DR — We collect only what's needed to run your protocol. Your health data stays on your device and our servers. We never sell your data. Period.

01Information We Collect

Account Data

When you sign in with Apple, we receive your Apple user identifier. We may also receive your email address and name if you choose to share them. We store these securely to maintain your account.

Quiz & Profile Data

When you complete the onboarding quiz, we collect your responses (age, weight, chronotype, goals, activity level, stress level, devices, and focus areas) to generate your personalized protocol.

Health Data

If you connect Apple Health, we read the following data types:

  • Step count
  • Sleep analysis (duration and stages)
  • Heart rate variability (HRV)
  • Heart rate
  • Active energy burned
  • Walking + running distance
  • Resting heart rate

Health data is synced to our servers to power your dashboard and enable cross-device access. We never share health data with third parties.

Protocol Progress

We track which protocol actions you complete each day, your completion percentage, and streak data. This is used to display your progress and optimize your experience.

Usage Data

We do not use third-party analytics or tracking SDKs. We do not collect device fingerprints, advertising identifiers, or browsing behavior.

02How We Use Your Data

Protocol Generation

Your quiz answers generate a personalized daily protocol tailored to your biology.

Health Insights

Apple Health data powers your sleep and steps dashboard cards.

Progress Tracking

Completion data drives your streaks, weekly charts, and protocol score.

Account Sync

Your data syncs across devices when you sign in with Apple.

03Data Storage & Security

Your data is stored on secure PostgreSQL databases hosted on encrypted infrastructure. All data in transit is encrypted via TLS 1.3. Authentication uses industry-standard JWT tokens with Apple's identity verification.

Health data from Apple Health is stored in our health_samples table with per-user isolation. OAuth credentials for future integrations (Whoop, Oura) will be encrypted at rest.

04Data Sharing

We do not sell, rent, or share your personal data with any third party. Your health data is never used for advertising, analytics, or any purpose other than powering your vitae experience.

05Your Rights

You have the right to:

  • Access — View all data we hold about you
  • Delete — Request complete deletion of your account and all associated data
  • Export — Request a copy of your data in a portable format
  • Disconnect — Revoke Apple Health access at any time from your device settings
  • Reset — Clear your protocol and start fresh at any time from within the app

To exercise any of these rights, use the in-app settings or contact us at privacy@vitaeapp.co.

06Data Retention

We retain your data as long as your account is active. If you delete your account, all data is permanently removed within 30 days. Health samples and daily progress data are retained for the duration of your active protocol.

07Children's Privacy

vitae is not intended for users under 16 years of age. We do not knowingly collect data from children.

08Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes through the app. Continued use of vitae after changes constitutes acceptance of the updated policy.

09Contact

Questions about this policy? Reach us at privacy@vitaeapp.co.