Your health data belongs to you.

RIKOOP requests access to read the following from Apple HealthKit:

RIKOOP silently reads your biological sex and date of birth from your Apple Health profile to calibrate algorithms to your biology. This data is read once on first launch, stored only on your device in UserDefaults, never transmitted anywhere, and can be changed by updating your Apple Health profile.

RIKOOP's algorithms — including Recovery Score calculation, Sleep Score calculation, Strain Score calculation, Biological Reserve computation, illness detection, and all other features — run entirely on your iPhone. No biometric data is transmitted to any server, cloud service, or third party.

Computed scores and app state (your daily Biological Reserve, Recovery Score, Sleep Score, and settings) are stored locally on your device. This data never leaves your device, is included in your iPhone's encrypted local backup if iCloud Backup is enabled, and is deleted when you delete the RIKOOP app.

RIKOOP offers an optional iCloud Sync feature, enabled by default, which stores the following in your personal iCloud account:

• Your daily journal entries (lifestyle logs including alcohol, stress, caffeine, screens before bed, food quality, and notes)
• Your app preferences (height, weight, notification schedules, training level, sleep target, and notification settings)

iCloud Sync never stores Recovery scores, HRV, heart rate, sleep data, or any Apple Health data. iCloud data is stored in your private iCloud container — only your Apple ID can access it. RIKOOP cannot access this data.

Disable iCloud Sync at any time in Profile → iCloud Sync. To delete iCloud data: iPhone Settings → Apple ID → iCloud → Manage Account Storage → RIKOOP.

Your biometric history is used to build a personal baseline stored locally. It is used to calculate your personal normal for HRV, resting HR, respiratory rate, and sleep; personalize your Recovery Score relative to your own history; detect anomalies; and calibrate your Biological Reserve. This personalization never requires your data to leave your device.

RIKOOP operates within the Apple ecosystem. Apple processes your App Store purchases and manages subscription billing. Data written to or read from HealthKit is governed by Apple HealthKit policies in addition to this Privacy Policy. Apple's privacy policy: apple.com/privacy.

RIKOOP does not integrate any third-party analytics SDKs, advertising networks, crash reporting services that transmit personal data, or any other service that would receive your health or usage data.

We may disclose information if required by law or valid legal process. To our knowledge this would be limited to app metadata — we have no health data to disclose.

Modify permissions at any time: iPhone Settings → Privacy & Security → Health → RIKOOP, or via the Health app → your profile → Apps → RIKOOP. Revoking permissions reduces App functionality but does not affect data already stored in Apple Health.

Enable or disable iCloud Sync at any time in RIKOOP → Profile → iCloud Sync. Disabling sync stops future writes to iCloud; existing iCloud data is not deleted. To delete iCloud data: iPhone Settings → Apple ID → iCloud → Manage Account Storage → RIKOOP. If iCloud is unavailable, RIKOOP automatically falls back to local device storage with no loss of functionality.

Delete the RIKOOP app to permanently delete all locally stored computed scores, journal entries, settings, and app data. If you had iCloud Sync enabled, your journal entries and preferences remain in iCloud until you delete them via iPhone Settings → Apple ID → iCloud → Manage Account Storage → RIKOOP. RIKOOP has no server-side data to delete. Your underlying biometric data in Apple Health is unaffected and must be managed through the Health app directly.

Your raw biometric data lives in Apple Health and can be exported at any time through the Health app. RIKOOP computed scores can be exported from within the RIKOOP app in the Profile section.

RIKOOP includes an optional iCloud Sync feature that stores your journal entries and app preferences in your personal iCloud account. This sync is on by default and can be disabled in Profile → iCloud Sync. iCloud Sync never stores health data, biometric data, recovery scores, or any data sourced from Apple HealthKit.

If you use iCloud Backup, RIKOOP's locally stored data (computed scores, settings) may be included in your iPhone's encrypted iCloud backup governed by Apple's iCloud terms. If you restore an iPhone from backup, RIKOOP's local data will be restored along with other app data.

RIKOOP does not act as a data controller for your health data because we never receive it. All health data processing occurs locally under your direct control. Your legal basis for local processing is your explicit consent via HealthKit permission grants. You may withdraw consent at any time by revoking HealthKit permissions. You have the right to erasure — delete the app to delete all RIKOOP data.

RIKOOP does not sell personal information. We do not share personal information with third parties for cross-context behavioral advertising. We do not collect personal information as defined under CCPA beyond what is described in this policy. We do not discriminate against users who exercise their privacy rights.

RIKOOP is developed in Canada and complies with the Personal Information Protection and Electronic Documents Act (PIPEDA). We collect only the minimum information necessary, with your consent, for the purposes described in this policy.