Privacy Policy

Last updated: May 6, 2026

Introduction

Health Check-In (“the App”) is developed and operated by Network Excavators (“we”, “us”, or “our”). We take your privacy seriously, especially given the sensitive nature of health data. This Privacy Policy explains what data the App collects, how it is used, and your rights regarding that data.

Data We Collect

Data stored on your device only

The following data is stored locally on your device using on-device databases and shared preferences. It is never transmitted to our servers unless you explicitly use certain optional features described below.

  • Check-in entries — your mood score (0–100), selected reason tags, optional free-text notes, and timestamps
  • Medications & supplements — names, dosages, notes, and any URLs you save
  • Insights (“What Works”) — your personal insight entries
  • App preferences — theme choice, reminder times, sleep targets, onboarding status, and Pro unlock status
  • Custom reason tags — positive and negative reason lists you create

Health data from connected services

If you choose to connect a health data source (Apple Health, Health Connect, or Fitbit), the App reads the following data types:

  • Sleep data — sleep stages (deep, REM, light, awake), sleep duration, and sleep scores
  • Step count — daily step totals

This health data is used solely to display sleep scores and step counts within the App. It is processed on-device and is not sent to any external server, except when you explicitly request an AI analysis (see below).

Device identifier

The App generates a random, anonymous device identifier (stored locally) that is used solely for rate-limiting AI analysis requests. This identifier cannot be used to identify you personally and is not linked to any advertising or analytics platform.

Anonymous usage analytics

The App collects minimal, anonymous usage data via Aptabase, a privacy-first analytics service. This helps us understand how the App is used so we can improve it. The data collected includes:

  • App opens
  • Whether onboarding was completed
  • Check-in submissions (score range only, not actual content)
  • Which health app was connected (e.g. Fitbit, Oura)
  • Export and AI analysis usage
  • Medication and insight additions (counts only)

No personal information is ever included in analytics data. No names, notes, health scores, or any content you enter is transmitted. Aptabase does not use cookies, does not track users across apps, and is fully GDPR-compliant. You can learn more at aptabase.com/legal/privacy.

How Your Data Is Used

  • On-device analysis — to show you trends, charts, insights, and sleep scores within the App
  • AI analysis (optional, Pro+AI only) — when you tap “Generate” on the AI Analysis screen, your check-in data, medication list, sleep scores, and step counts are sent to our secure server, which processes the data using Google's Gemini AI model and returns the results. Your data is not stored on our server after the analysis is complete.
  • Cloud backup (optional, Pro only) — if you enable cloud backup, your data is uploaded to your own Google Drive account. We do not have access to your Google Drive files.
  • Export (PDF/CSV) — generated on-device and shared through your device's native share sheet. We never see or store exported files.

Third-Party Services

The App integrates with the following third-party services:

  • Apple Health / Health Connect — for reading sleep and step data on-device. Data flows directly from these platform APIs to the App and is not sent elsewhere.
  • Fitbit (OAuth 2.0) — for reading sleep and step data. The App authenticates via Fitbit's OAuth flow and stores your access token locally. Data is fetched directly from Fitbit's API to your device.
  • Oura Ring (OAuth 2.0) — for reading sleep scores, sleep stage data, and step counts. The App authenticates via Oura's OAuth flow and stores your access token locally. Data is fetched directly from Oura's API to your device.
  • Google Gemini AI (via our proxy) — only when you explicitly request an AI analysis. Data is transmitted over HTTPS to our Google Cloud Functions proxy, processed, and immediately discarded.
  • Google Drive — only if you use the cloud backup feature. Backup files are stored in your personal Google Drive, not on our servers.
  • iHerb (links only) — the App may auto-generate convenience links to iHerb product searches. No data is shared with iHerb; these are simple search URLs that open in your browser.
  • Aptabase (analytics) — collects anonymous, aggregated usage events (e.g. app opened, check-in submitted). No personal data or health information is included. Aptabase is a privacy-first service that does not track users across apps and does not use cookies or advertising identifiers.

Data Sharing

We do not sell, rent, or share your personal data with any third party for advertising or marketing purposes. Anonymous usage analytics (containing no personal or health data) are sent to Aptabase to help us improve the App. Your actual health data is only transmitted off-device in the specific, user-initiated scenarios described above (AI analysis and cloud backup).

Data Retention

  • Local data — stored on your device until you delete it (via “Clear all data” in Settings, or by uninstalling the App)
  • AI analysis data — not retained on our server after the response is returned
  • Cloud backup data — stored in your Google Drive account under your control; delete it anytime via Google Drive

Data Security

All data transmitted to our AI proxy is sent over HTTPS with TLS encryption. On-device data is stored using standard platform storage mechanisms (SQLite via Drift, SharedPreferences). We do not implement additional on-device encryption beyond what the operating system provides. On iOS, on-device data is protected by the device's Data Protection encryption. On Android, data is stored in the app's private sandbox directory.

Children’s Privacy

Health Check-In is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

Your Rights

You have full control over your data:

  • Access & export — export all your check-in data at any time via the Export feature (PDF or CSV)
  • Deletion — use “Clear all data” in Settings to permanently delete all local data, or uninstall the App
  • Opt out of AI — AI analysis is entirely optional; the App is fully functional without it
  • Disconnect health sources — revoke health data permissions at any time through the App's settings or your device's system settings

For users in the European Union (GDPR) or California (CCPA), you may also request information about or deletion of any data we process by contacting us at the address below.

Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Last updated” date. We encourage you to review this page periodically.

Contact Us

If you have any questions about this Privacy Policy or your data, please contact us at:

privacy@networkexcavators.com