Privacy Policy

Last Updated: May 20, 2026

Teknical Solutionz LLC ("we," "us," or "our") operates the HealthCoach mobile application ("App"). This Privacy Policy explains how we collect, use, store, and protect your information when you use our App.

By using HealthCoach, you agree to the collection and use of information as described in this policy.

1. Information We Collect

1.1 Account Information

  • Email address
  • Display name
  • Authentication identifiers (Apple Sign-In user ID or Microsoft Entra ID)

1.2 Health and Fitness Data

We collect health and biometric data that you choose to provide or sync, including:

  • Heart rate variability (HRV)
  • Resting heart rate (RHR)
  • Sleep duration, stages, and quality scores
  • Steps and active calories
  • VO2 max estimates
  • Blood oxygen saturation (SpO2)
  • Respiratory rate
  • Body temperature deviations
  • Workout and exercise data (sets, reps, weight, RPE)
  • Daily subjective check-ins (mood, energy, stress, soreness)
  • Continuous glucose monitor (CGM) readings
  • Blood pressure measurements
  • Body composition data (DEXA scans)
  • Fasting session records
  • Thermal exposure sessions (sauna and cold exposure)

1.3 Lab Results and Biomarkers

  • Lab test results uploaded manually or extracted from PDF documents via AI processing
  • Biomarker values, units, test dates, and reference ranges
  • Supplement and medication names, dosages, and schedules

1.4 Apple HealthKit Data

With your explicit permission, HealthCoach reads the following data from Apple HealthKit:

  • Heart rate variability (SDNN)
  • Resting heart rate
  • Sleep analysis (duration, stages including deep, REM, and light sleep)
  • Step count
  • VO2 max
  • Blood oxygen saturation
  • Respiratory rate
  • Active energy burned
  • Workout sessions
  • Blood glucose (from connected CGM devices)

HealthCoach may also write the following data to Apple HealthKit:

  • Workout sessions
  • Fitness and wellness metrics

We use HealthKit data solely to provide you with personalized health insights, recovery scores, training recommendations, and trend analysis within the App. HealthKit data is never used for advertising, sold to third parties, or shared with data brokers. HealthKit data is not used for purposes unrelated to health and fitness functionality.

1.5 Wearable Device Data

With your authorization, we sync data from connected wearable devices:

  • Oura Ring (sleep, activity, readiness, HRV, temperature)
  • Apple Watch (via HealthKit as described above)
  • Garmin (sleep, activity, body battery, stress, HRV)
  • WHOOP (recovery, strain, sleep, HRV)
  • Withings (body composition, blood pressure)

1.6 App Usage and Diagnostics

  • Feature usage patterns (anonymized)
  • Crash reports and error logs
  • Device type, operating system version, and app version

1.7 Camera

HealthCoach uses your device camera solely to scan barcodes and QR codes on supplement and food packaging. Images captured during scanning are processed locally on your device in real-time and are never stored, uploaded, or transmitted to our servers.

2. How We Use Your Information

We use your information exclusively to:

  • Provide personalized health insights, recovery scores, and training recommendations
  • Generate AI-powered health plans and goal suggestions based on your biometric data
  • Analyze trends in your health metrics over time
  • Calculate correlations between your behaviors and health outcomes (N=1 analytics)
  • Extract biomarkers from uploaded lab documents
  • Generate weekly health summaries and coaching recommendations
  • Track supplement protocols and provide progress reports
  • Estimate biological age and longevity metrics
  • Deliver glucose intelligence and nutrition recommendations
  • Send local notifications for protocol reminders and health nudges
  • Improve app performance and fix bugs

We do NOT use your health data for:

  • Advertising or marketing to you based on health conditions
  • Selling to third parties or data brokers
  • Sharing with employers, insurers, or any entity that could use it against you
  • Any purpose unrelated to your direct health and fitness benefit

3. Authentication

HealthCoach offers the following sign-in methods:

  • Sign in with Apple (Apple ID)
  • Microsoft account (via Microsoft Entra External ID)

We receive only the minimal information needed to authenticate you (user identifier, email, and display name). We do not receive or store your password for any authentication provider.

4. Data Security and Encryption

We take the security of your health data seriously:

  • All data in transit is encrypted using HTTPS/TLS
  • Sensitive health data at rest (lab results, biomarker values, goal descriptions, plan details, supplement names) is encrypted using AES-256 encryption
  • Encryption keys are managed through Azure Key Vault, a FIPS 140-2 compliant key management service
  • Authentication tokens are stored in platform-secure storage (iOS Keychain, Android Keystore)
  • Local app data is stored in an encrypted SQLite database on your device
  • We maintain a complete audit trail of all data access for security monitoring
  • Biometric authentication (Face ID, Touch ID, or fingerprint) is handled entirely by your device's operating system. HealthCoach never accesses, processes, or stores your biometric data. We only receive a pass/fail result from the operating system.

5. Data Storage and Retention

  • Your data is stored on Microsoft Azure servers located in the United States
  • We retain your data for as long as your account is active
  • You may request deletion of your account and all associated data at any time
  • Upon account deletion, all personal and health data is permanently removed from our servers within 30 days
  • Anonymized, aggregated data that cannot be linked back to you may be retained for service improvement

6. In-App Subscriptions

HealthCoach offers optional subscription plans that unlock premium features. Subscription purchases are processed through Apple's App Store (iOS) or Google Play Store (Android). We do not directly collect or store your payment information (credit card numbers, billing address). Subscription status is verified through the respective platform's APIs to enable premium features.

7. Third-Party Services

We use the following third-party services:

  • Microsoft Azure (cloud hosting and data storage)
  • Azure Key Vault (encryption key management)
  • OpenAI GPT-4o — AI-powered health plan generation, lab document parsing, and wellness insights. Your health data is routed through our Azure backend before being sent to OpenAI's API for processing. Only anonymized health context is sent — never your name, email, or account identifiers. Data is not retained by OpenAI for model training per our data processing agreement.
  • Application Insights (anonymized crash reporting and performance monitoring)
  • Open Food Facts (supplement barcode lookup — public database, no personal data sent)

We do not share your personally identifiable health data with any third-party service for purposes other than providing direct App functionality as described above.

8. AI Processing

HealthCoach uses AI to generate personalized health plans, extract biomarkers from lab documents, and provide wellness insights. When AI processing occurs, relevant portions of your health data are sent from our Azure Functions backend to OpenAI's API. Your data never leaves our Azure infrastructure directly from your device — it is first received and processed by our secure Azure servers, then forwarded to OpenAI's API for AI analysis.

Only the minimum health data necessary for the specific AI task is included (e.g., lab values, wearable trends, health profile context). Your name, email address, and other directly identifying information are never sent to OpenAI. This data is processed in real-time and is not retained by OpenAI for model training purposes per our data processing agreement.

9. Your Rights and Choices

You have the right to:

  • Access all personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and all data
  • Revoke HealthKit access at any time through iOS Settings
  • Disconnect any wearable device integration at any time
  • Opt out of optional notifications
  • Export your health data (clinician reports, protocol reports)

To exercise any of these rights, contact us at the email address below.

10. Children's Privacy

HealthCoach is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that we have collected data from a child under 13, we will delete it promptly.

11. California Residents (CCPA)

If you are a California resident, you have the right to: request disclosure of the categories and specific pieces of personal information we have collected about you; request deletion of your personal information; and opt out of the sale of your personal information. HealthCoach does not sell, rent, or share your personal information with third parties for their marketing purposes. To exercise your rights, contact us at josephtoland@teknicalsolutionz.com or use the "Delete All My Data" option in the app's Settings.

12. European Residents (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data under the following legal bases: consent (for HealthKit access and wearable device connections), contract performance (to provide the app's core functionality), and legitimate interest (for crash reporting and service improvement). You have the right to access, rectify, erase, restrict processing, and port your data. You also have the right to withdraw consent at any time and to lodge a complaint with your local data protection authority. To exercise your rights, contact us at josephtoland@teknicalsolutionz.com.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy within the App or sending a notification. Your continued use of the App after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions or concerns about this Privacy Policy or your data:

Email: josephtoland@teknicalsolutionz.com
Company: Teknical Solutionz LLC
Website: https://healthcoach.teknicalsolutionz.com