Privacy Policy

1. Introduction

Welcome to Ankora (formerly "Steps"), a comprehensive iOS health tracking application. We are committed to protecting your privacy and ensuring transparency about how we handle your data. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your personal information.

Our Core Privacy Principle: Your health data is processed using fully anonymized methods. When cloud processing is used for LLM-powered features, your health metrics are completely anonymized and cannot be linked to you as an individual, ensuring your privacy is protected.

2. Information We Collect

2.1 Health Data

Ankora accesses health data from Apple HealthKit with your explicit permission. This includes:

  • Activity Metrics: Steps, distance, flights climbed, active energy, exercise time, stand time
  • Vital Signs: Heart rate, resting heart rate, heart rate variability, blood pressure, oxygen saturation, respiratory rate, body temperature
  • Sleep Data: Sleep duration, sleep stages (REM, deep, core), sleep quality, wrist temperature during sleep
  • Workouts: Workout types, duration, distance, calories burned, heart rate zones, pace, GPS routes
  • Body Measurements: Height, weight, body mass index, body fat percentage, lean body mass
  • Mobility Metrics: Walking speed, step length, walking steadiness, stair ascent/descent speed
  • Nutrition: Water intake, dietary energy (when logged)
  • Audio Exposure: Environmental and headphone audio levels
  • Other Metrics: UV exposure, mindful sessions, and other health categories as supported by HealthKit

Important: All health data is processed using anonymized data processing. We do not transmit your raw health metrics to external servers except as explicitly described in Section 2.6 below for LLM-generated content features.

2.2 Account Information

When you create an account using Sign in with Apple, we collect:

  • Apple ID: A unique identifier provided by Apple (not your actual email)
  • Email Address: Optional, based on your Sign in with Apple preferences
  • User ID: A unique identifier generated for your account

Account information is stored securely on Supabase, our backend authentication provider, and is used solely for user authentication and session management.

2.3 Profile Information (Optional)

During onboarding or in settings, you may provide:

  • Age: For personalized health insights
  • Height and Weight: For accurate health calculations
  • Gender: For health metric contextualization

This information is stored locally on your device and is only transmitted to our LLM edge functions when generating personalized journal entries or insights (with your consent).

2.4 Location Data (Optional)

If you enable weather-based activity suggestions, we collect:

  • GPS Coordinates: Your approximate location for weather data
  • Location Name: If you manually enter a location instead of using GPS

How We Use Location Data:

  • Location data is cached for 24 hours to optimize weather lookups
  • Used only to fetch weather conditions via Apple's WeatherKit API
  • Location coordinates are anonymized when used for weather services
  • Never used for tracking, advertising, or any purpose beyond weather-based activity suggestions
  • You can disable location access or use manual location entry at any time

2.5 Usage Analytics

We use Amplitude Analytics to understand how users interact with our app. This helps us improve features and fix issues. We collect:

  • Screen Views: Which screens you visit in the app
  • Feature Interactions: Which features you use (e.g., viewing a workout, generating a journal)
  • Error Events: Technical errors that occur to help us fix bugs
  • Session Data: App open/close times, session duration

What We DO NOT Collect:

  • Your actual health metrics or values (e.g., your step count, heart rate numbers)
  • Personal identifiable information beyond a user ID
  • Location data or GPS coordinates
  • Journal content or LLM-generated text
  • Passwords or authentication credentials

Analytics are initialized only after you sign in to the app, and you can opt out of analytics through iOS Settings > Privacy & Security > Analytics & Improvements.

2.6 LLM-Generated Content (Requires Your Consent)

When you use LLM-powered features (journal generation, workout insights, health analysis), we transmit limited data to our edge functions:

  • Aggregated Health Metrics: Summary statistics like "8,000 steps" or "7 hours of sleep" (not raw HealthKit data)
  • Demographics: Age, height, weight, gender for personalized context
  • Workout Summaries: Workout type, duration, distance (not GPS routes)

How This Data Is Processed:

  • Sent to Supabase Edge Functions (hosted securely in the cloud)
  • Processed by xAI's Grok LLM to generate personalized text
  • LLM-generated content (journals, insights) is cached on our servers for performance (7-30 days)
  • Raw health metrics are never stored on our servers
  • This feature is opt-in through your use of journal/insight generation

2.7 Purchase Information

If you subscribe to Ankora Plus (our premium tier), we collect:

  • Subscription Status: Active, expired, or cancelled
  • Purchase History: What you purchased and when
  • Receipt Data: Validation tokens from Apple's App Store

Payment processing is handled entirely by Apple. We never see or store your payment card details. Subscription management is handled by RevenueCat, our in-app purchase provider.

2.8 Crash and Diagnostic Data

We use Apple's built-in crash reporting to identify and fix technical issues. This includes:

  • Crash Logs: Technical stack traces showing where the app crashed
  • Device Information: iPhone/iPad model, iOS version
  • App State: What the app was doing when it crashed

Crash reports never contain health data, personal information, or user-identifiable content.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide Core Functionality: Display your health metrics, track trends, show workout details
  • Generate Personalized Insights: Create LLM-powered health journals and activity suggestions based on your data
  • Improve User Experience: Analyze usage patterns to enhance features and fix bugs
  • Account Management: Authenticate your identity and maintain your session
  • Sync Your Data: Store journal archives in your personal iCloud account
  • Premium Features: Manage subscription access to Ankora Plus features
  • Customer Support: Respond to your questions and resolve technical issues
  • Legal Compliance: Comply with applicable laws and respond to legal requests

4. Data Storage and Security

4.1 Health Data Storage

Your health data is stored exclusively in Apple's HealthKit framework. We never create copies of your health data on our servers.

4.2 iCloud Sync

Saved journal entries are stored in your personal iCloud account using CloudKit. This means:

  • Journals sync across your devices signed into the same iCloud account
  • We cannot access your journals - they are encrypted and stored in your iCloud
  • You control this data and can delete journals at any time
  • If you disable iCloud for Ankora, journals remain local only

4.3 Server Storage

Data stored on our servers (via Supabase) includes:

  • Account Information: User ID, authentication tokens
  • LLM-Generated Content Cache: Previously generated journals and insights (text only, not raw health data)
  • Retention Period: Cached LLM content is deleted after 7-30 days

4.4 Security Measures

We implement industry-standard security practices:

  • Encryption in Transit: All data transmitted over the internet uses TLS encryption
  • Encryption at Rest: Server data is encrypted using industry-standard encryption
  • Authentication: Secure authentication via Apple's Sign in with Apple
  • Access Controls: Limited employee access to production systems
  • Regular Security Audits: We monitor and update our security practices

5. Third-Party Services

Ankora integrates with the following third-party services to provide functionality:

5.1 Apple HealthKit

  • Purpose: Access your health and fitness data
  • Data Shared: When processed for LLM features, health data is fully anonymized and cannot be linked to you
  • Privacy Policy:Apple Privacy Policy

5.2 Sign in with Apple

  • Purpose: Secure authentication
  • Data Shared: Apple ID, optional email
  • Privacy Policy:Apple Privacy Policy

5.3 Supabase (Backend Infrastructure)

  • Purpose: User authentication, LLM content generation, data caching
  • Data Shared: User ID, authentication tokens, aggregated health metrics for LLM generation
  • Privacy Policy:Supabase Privacy Policy

5.4 xAI (LLM Content Generation)

  • Purpose: Generate personalized health journals and insights using Grok LLM
  • Data Shared: Aggregated health metrics, demographics (via Supabase edge functions)
  • Privacy Policy:xAI Privacy Policy

5.5 Amplitude Analytics

  • Purpose: Usage analytics and app improvement
  • Data Shared: User ID, screen views, feature interactions, error events (no health data)
  • Privacy Policy:Amplitude Privacy Policy

5.6 RevenueCat (Subscription Management)

  • Purpose: Manage in-app subscriptions and purchases
  • Data Shared: User ID, subscription status, purchase receipts
  • Privacy Policy:RevenueCat Privacy Policy

5.7 Apple WeatherKit

  • Purpose: Provide weather-based activity suggestions
  • Data Shared: GPS coordinates or location name (cached locally, not by us)
  • Privacy Policy:Apple Privacy Policy

5.8 Apple iCloud / CloudKit

  • Purpose: Sync saved journal entries across your devices
  • Data Shared: Journal entries stored in your personal iCloud account
  • Privacy Policy:Apple Privacy Policy

6. Your Rights and Choices

6.1 HealthKit Permissions

You have complete control over what health data Ankora can access:

  • Grant or deny access to specific health categories during onboarding
  • Change permissions anytime via iOS Settings > Privacy & Security > Health > Ankora
  • Revoke all access at once or selectively disable specific metrics
  • The app will continue to function with limited features if you revoke health access

6.2 Location Permissions

Location access is entirely optional:

  • Decline location permission during onboarding - you can use manual location entry instead
  • Change location permissions via iOS Settings > Ankora > Location
  • Location data is only used for weather-based activity suggestions
  • Disable weather features entirely in app settings

6.3 Analytics Opt-Out

You can opt out of analytics:

  • iOS Settings > Privacy & Security > Analytics & Improvements > Share iPhone Analytics (toggle off)
  • This affects all apps using analytics, not just Ankora
  • The app will continue to function normally if you opt out

6.4 Data Access and Deletion

You have the right to:

  • Access Your Data: View all health data in the Apple Health app; view journals in the app
  • Export Your Data: Share journal entries from within the app
  • Delete Your Data: Delete individual journals, or delete your entire account
  • Request Account Deletion: Contact us to delete your account and all associated server data

To request account deletion, email us at [YOUR SUPPORT EMAIL]. We will delete your account data within 30 days.

6.5 Subscription Management

Manage your Ankora Plus subscription:

  • iOS Settings > [Your Name] > Subscriptions > Ankora
  • View subscription status, renewal date, and pricing
  • Cancel or modify your subscription
  • Cancellation takes effect at the end of the current billing period

7. Data Retention

We retain different types of data for varying periods:

  • Health Data: Never stored on our servers (remains in HealthKit on your device)
  • Journal Archives: Stored in your iCloud indefinitely until you delete them
  • LLM-Generated Content Cache: 7-30 days, then automatically deleted
  • Account Information: Retained as long as your account is active
  • Analytics Data: Aggregated and retained indefinitely for app improvement
  • Crash Reports: Retained for up to 1 year

When you delete your account, we delete all server-side data within 30 days, except aggregated analytics (which cannot be attributed to you).

8. Children's Privacy

Ankora is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information.

Users between 13 and 18 should use Ankora with parental consent and supervision.

9. International Users and Data Transfers

Ankora is hosted in the United States. If you are located outside the United States, please be aware that information we collect (only authentication data) may be transferred to and stored on servers in the United States or other countries.

9.1 GDPR Rights (European Users)

If you are in the European Economic Area (EEA), you have additional rights under GDPR:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate personal data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we process your data
  • Right to Data Portability: Receive your data in a machine-readable format
  • Right to Object: Object to processing of your personal data
  • Right to Withdraw Consent: Withdraw consent for data processing at any time

To exercise these rights, contact us at [YOUR SUPPORT EMAIL].

9.2 California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, disclose, and sell
  • Request deletion of your personal information
  • Opt-out of the sale of your personal information (Note: We do not sell personal information)
  • Non-discrimination for exercising your privacy rights

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:

  • We will update the "Last Updated" date at the top of this policy
  • We will notify you through the app if changes are material
  • Your continued use of Ankora after changes constitutes acceptance of the updated policy

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Note to Users: This Privacy Policy is designed to comply with GDPR, CCPA, COPPA, and Apple App Store requirements. By using Ankora, you acknowledge that you have read and understood this Privacy Policy.

Privacy-First Commitment: We are committed to transparency and protecting your privacy. Your health data is yours - we're just here to help you understand it better.