OwnVitals
OwnVitals for iPhone

Privacy Policy

How OwnVitals handles selected Apple Health data, app settings, sync metadata, and support requests.

Last updated: May 21, 2026

Overview

OwnVitals is an iOS app that helps a user sync selected Apple Health data from their iPhone to a private backend configured inside the app. OwnVitals does not sell Health data, does not use Health data for advertising, and does not use third-party advertising or behavioral analytics in the app.

Data the app may access

With your permission through Apple Health, the app may read selected HealthKit categories, such as activity, sleep, workouts, nutrition, body measurements, heart, respiratory, blood oxygen, and VO2 max signals. The exact categories depend on what you approve in iOS Health permissions.

The app is designed for read access. It does not write health samples back to Apple Health.

Data the app may send

When sync is configured, the app may send selected HealthKit samples and sync metadata to the backend server URL entered in the app. Sync metadata may include device ID, sample counts, sync status, timestamps, and error details needed to operate the sync.

Device tokens and dashboard tokens are stored locally using the iOS Keychain. Server URL and device ID are stored in local app settings.

How data is used

  • To sync selected Apple Health samples to the configured private backend.
  • To show app sync status, dashboard summaries, and recent health trends.
  • To troubleshoot support requests if you contact OwnVitals.
  • To maintain security, prevent misuse, and operate the service.

What is not done with Health data

  • Health data is not sold.
  • Health data is not used for advertising.
  • Health data is not shared with data brokers.
  • Health data is not sent to third-party analytics providers by the app.

Website data

The OwnVitals public website is a static site. The MVP site does not intentionally set advertising cookies or run third-party behavioral analytics. Hosting providers may process standard technical logs, such as IP address, user agent, request path, timestamp, and error logs, to serve and secure the site.

Retention and deletion

Data stored on the configured private backend is retained according to that backend's configuration and the user's operational choices. To request access, correction, deletion, or token rotation where OwnVitals controls the backend, see the Data Rights page.

You can also revoke Apple Health permissions at any time in iOS Settings or the Health app. Revoking permission stops future reads for the revoked categories but does not automatically delete data already synced to a backend.

Security

OwnVitals uses device-scoped credentials for sync and stores sensitive tokens in the iOS Keychain. No security system is perfect, but the app is designed to keep the sync path explicit and narrow.

Children

OwnVitals is not intended for children under 13. Do not use the app to submit data about a child unless you have the legal authority and appropriate consent to do so.

Changes

This policy may be updated as OwnVitals evolves. The updated policy will be posted on this page with a new effective date.