Privacy Policy

1. Introduction

Correlytic ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the "App").

Important: Correlytic provides statistical correlation analysis of your health data. We do not provide medical advice, diagnosis, or treatment. Always consult with qualified healthcare professionals for medical decisions.

2. Information We Collect

2.1 Health and Fitness Data

With your explicit permission, we collect health and fitness data from Apple HealthKit, including but not limited to:

• Heart rate and heart rate variability
• Sleep analysis and sleep quality
• Activity and exercise data (steps, distance, workouts)
• Body measurements (weight, height, BMI)
• Nutrition data (calories, macronutrients, water intake)
• Respiratory rate and blood oxygen levels
• Blood pressure and blood glucose
• Any other health metrics you have tracked in Apple Health

You control which health data types we can access. We only request read-only access to your HealthKit data. We never write data back to Apple Health without your explicit consent.

2.2 Personal Information

We collect the following personal information when you create an account:

• Email address: Used for account authentication and support communications
• Name: Used to personalize your experience

2.3 Custom Habit Data

You may manually enter custom habit data that is not available in Apple Health, such as:

• Caffeine or alcohol consumption
• Supplement intake
• Stress events or mood tracking
• Travel and timezone changes
• Any other custom habits you wish to track

2.4 Usage Data and Analytics

We automatically collect certain information about how you interact with the App:

• App features accessed and frequency of use
• Correlation analyses performed
• Chart interactions and preferences
• Device type and operating system version
• App performance metrics

2.5 Crash Data and Diagnostics

We collect anonymized crash reports and error logs to improve app stability and performance. This data does not include your personal health information and is used solely for debugging purposes.

3. How We Use Your Information

We use your information for the following purposes:

• Statistical Analysis: Calculate correlations between your health metrics and habits using Pearson correlation coefficients, p-values, and confidence intervals
• Data Visualization: Display your health data in charts and graphs to help you identify patterns
• Account Management: Authenticate your identity and manage your subscription status
• Customer Support: Respond to your inquiries and provide technical assistance
• App Improvement: Analyze usage patterns to improve features and user experience
• Security: Detect and prevent fraudulent activity and ensure app security

4. How We Share Your Information

We do not sell your personal information or health data to third parties.

We share your information only with the following service providers who help us operate the App:

4.1 Supabase (Database Hosting)

• Purpose: Secure storage of your health data, habit entries, and correlation results
• Data Location: United States
• Security: All data is encrypted in transit and at rest. Row-level security policies ensure you can only access your own data
• Website: supabase.com/privacy

4.2 RevenueCat (Subscription Management)

• Purpose: Process in-app subscription purchases and manage subscription status
• Data Shared: Anonymous user identifier, subscription status, and purchase receipts
• Website: revenuecat.com/privacy

4.3 Sentry (Error Tracking)

• Purpose: Monitor app crashes and errors to improve stability
• Data Shared: Anonymized crash reports and error logs (no personal health data)
• Website: sentry.io/privacy

All service providers are contractually obligated to protect your data and use it only for the purposes we specify.

5. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: All data is encrypted in transit (TLS/SSL) and at rest (AES-256)
• Authentication: Secure JWT-based authentication with token storage in iOS Keychain via Expo SecureStore
• Access Control: Row-level security policies ensure users can only access their own data
• Minimal Data Collection: We only collect data necessary for app functionality

However, no method of electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Your Privacy Rights

You have the following rights regarding your personal information:

• Access: Request a copy of your personal data and health data stored in our systems
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and all associated data
• Export: Download your data in CSV or PDF format (Pro subscription required)
• HealthKit Control: Revoke HealthKit permissions at any time through iOS Settings → Health → Data Access & Devices
• Opt-Out: Opt out of non-essential analytics and marketing communications

To exercise these rights, contact us at support@switchgearstudios.com

7. Data Retention

We retain your data for as long as your account is active or as needed to provide you services. When you delete your account:

• All health data, habit entries, and correlation results are permanently deleted within 30 days
• Personal information (email, name) is permanently deleted within 30 days
• Anonymized usage analytics may be retained for up to 90 days for product improvement purposes

8. Children's Privacy

Correlytic is intended for users aged 12 and older. We do not knowingly collect personal information from children under 12. If we discover that a child under 12 has provided us with personal information, we will delete it immediately.

9. International Data Transfers

Your data is stored on servers located in the United States. If you are accessing the App from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify you via email or in-app notification for material changes
• Request your consent if required by applicable law

Your continued use of the App after changes constitutes acceptance of the updated Privacy Policy.

11. Third-Party Links

The App may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information
• Right to opt-out of the sale of personal information (Note: We do not sell personal information)
• Right to non-discrimination for exercising your CCPA rights

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: