Privacy Policy — Zone 2 Longevity Coach
Effective: April 18, 2026 · Last updated: April 18, 2026
This Privacy Policy explains how Zone 2 Longevity Coach collects, uses, and shares information.
1. Information We Collect
1.1 You provide
- Account: email or Apple ID identifier
- Session notes and goals
1.2 HealthKit data (with your permission)
- Heart rate, resting heart rate, heart rate variability
- Workout (running, cycling, walking)
- Active energy burned
- Distance (walking/running, cycling)
- VO2 max
HealthKit samples are read on-device. Raw samples are not uploaded to our servers; only workout metadata (session start/end, duration, Zone 2 time, derived summaries) may be stored in your account.
1.3 Automatically collected
- Subscription state via RevenueCat
- Crash reports (Apple-level, opt-in)
1.4 Not collected
- Camera/photos, microphone/audio, contacts, IDFA, browsing history
- Precise location is not collected unless you enable optional GPS-based workout tracking in a future version. If added, this Privacy Policy will be updated.
2. How We Use Information
- Detect Zone 2 intensity using heart rate and derive session summaries
- Display your history and progress
- Process subscription purchases
3. Third-Party Services
| Service | Purpose | Data shared |
|---|
| Supabase | Backend, auth, database | Account, session metadata |
| RevenueCat | Subscription management | Hashed Apple ID, entitlement |
| Apple | Sign in with Apple, IAP, HealthKit | Apple ID identifier, receipt, HealthKit permissions |
We do not use Anthropic or other AI providers at this time. We do not sell your data. HealthKit data is not used for advertising.
4. Security
- TLS in transit, encryption at rest
- Row-level security for user data isolation
- Raw HealthKit samples remain on-device
5. Retention
Retained while your account is active. Upon deletion, session metadata is removed within 30 days.
6. Your Rights
Access, correction, deletion, export. Email [email protected].
7. HealthKit Disclosures
- HealthKit data is used only for the app's stated features.
- HealthKit data is not used for advertising.
- HealthKit data is not disclosed to third parties for their marketing purposes.
- You may revoke HealthKit permissions at any time in iOS Settings → Privacy & Security → Health.
8. Children's Privacy
Not directed to children under 16.
9. International Transfers
Data may be processed in the United States via Supabase and RevenueCat.
10. Cookies and Tracking
No cookies. No IDFA. No ad networks.
11. Changes
Material changes announced via in-app notice or email at least 7 days before taking effect. New data types (e.g., GPS) will trigger a disclosure update.
12. Contact
Email: [email protected]