Privacy Policy

KQuarks ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use the KQuarks iOS app and web dashboard. By using KQuarks you agree to the practices described here.

Apple Health Data

With your explicit permission, we read health metrics from Apple HealthKit including: steps, distance, active energy, flights climbed, heart rate, resting heart rate, heart rate variability (HRV), sleep analysis (stages: awake, REM, core, deep), workouts, body mass, body fat percentage, blood pressure, respiratory rate, and blood oxygen saturation. This data is synced to your private account and is never used for advertising or shared with third parties.

Account Information

When you create an account we collect your email address and a securely hashed password. We may also store a display name and optional profile photo if you choose to provide them.

User-Generated Content

Content you create within the app — including food diary entries, journal notes, mood check-ins, custom goals, and supplement logs — is stored in your account and is visible only to you.

• Sync & storage: to back up and surface your health metrics across devices through your personal account.
• AI-powered insights: when you opt in, aggregated health context is sent to a third-party AI provider (Anthropic or OpenAI, your choice) to generate personalized insights. See Section 5 for details.
• App improvement: anonymised, aggregated usage analytics help us identify bugs and prioritise features. No individual health records are used for this purpose.
• We never sell your data to advertisers, data brokers, or any third party.

KQuarks complies with Apple's HealthKit guidelines. HealthKit data is:

• Never used for advertising or ad targeting.
• Never shared with third parties except as required to operate the service (e.g., your own cloud storage).
• Never sold.
• Only used for health and fitness purposes you have authorised.

If you enable AI health insights, a summary of recent health metrics (e.g., average sleep duration, step count, HRV trend) is sent to the AI provider you select — either Anthropic (Claude) or OpenAI. You can configure this in Settings > AI Coach.

We do not store your AI prompts or the raw responses on our servers. Each AI provider's own privacy policy governs their handling of data sent to their APIs. Anthropic: anthropic.com/privacy. OpenAI: openai.com/policies/privacy-policy.

We do not sell or rent your personal data. We may share data with:

• Supabase — our database and auth provider, acting as a data processor on our behalf under a Data Processing Agreement.
• AI providers — only when you explicitly enable AI insights (see Section 5).
• Law enforcement — only when required by a valid legal process.

Your data is retained for as long as your account is active. You can permanently delete your account and all associated health data at any time from Settings > Account > Delete Account. Deletion is irreversible and typically completes within 30 days across all backup systems.

You can export a complete copy of your health data in JSON format at any time by visiting the /export page or by calling /api/export.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right to access — request a copy of your data at any time via the export feature.
• Right to rectification — correct inaccurate data from within the app.
• Right to erasure — delete your account and all data from Settings.
• Right to portability — export your data in a machine-readable format.
• Right to object — opt out of any processing beyond core service delivery at any time.
• CCPA / California residents — you have the right to know, delete, and opt out of the sale of personal information. We do not sell personal information.

To exercise any of these rights, contact us at privacy@kquarks.app.

We use industry-standard security measures including TLS encryption in transit, AES-256 encryption at rest for sensitive fields, and Row-Level Security (RLS) policies that ensure each user can only access their own data.

KQuarks is not directed at children under 13. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, contact us immediately.

We may update this Privacy Policy from time to time. Material changes will be communicated via in-app notification or email. Continued use of KQuarks after changes take effect constitutes acceptance of the updated policy.

Questions or concerns about this Privacy Policy? Reach out to: privacy@kquarks.app