Privacy Policy

Last updated: 24 June 2026

Health Export AI ("the app") is designed so that your health data stays under your control. This policy explains what the app does and does not do with your information.

The short version

The app reads Apple Health data from your device only with your permission.
It writes a clean JSON summary to your own iCloud Drive (synced privately under your Apple ID) so the AI agent you choose can read it locally — and, optionally, to a network endpoint you configure.
The developer does not receive, store, sell, or share your health data.
The app does not use your health data for advertising, tracking, or analytics.
The app is read-only: it never writes to or modifies your Apple Health data.

What data the app accesses

With your explicit HealthKit authorization, the app can read health and fitness metrics available on your iPhone and Apple Watch (for example: steps, distance, energy, heart rate, heart-rate variability, respiratory rate, blood oxygen, sleep, body measurements, mobility, hearing, and workouts). You choose which categories to allow in the Apple Health permission sheet, and you can change this at any time in the Health app (Sharing → Apps → Health Export) or in iOS Settings.

How the data is used

The app formats the metrics you allow into JSON. By default it writes that JSON into the app's own iCloud Drive container, which Apple syncs privately under your Apple ID; the local MCP server you install reads it on your own computer. If you also configure a network endpoint in Settings, the app sends the JSON directly from your device to that endpoint, authenticated with a token you provide. In neither case does the data pass through any server operated by the developer.

What the app stores on your device

Your settings (endpoint URL, token, schedule) in the app's local storage.
A JSON cache of your exported metrics in the app's iCloud Drive container, synced under your Apple ID for the AI agent you choose to read.
A local log of export attempts (timestamps, counts, status) for your reference.

You can clear the iCloud cache from the app, and deleting the app removes its local settings and logs.

Data retention & deletion

The developer retains nothing server-side — there is no account and no developer server in the data path. Your exported cache lives only on your device and in the destination you configured (your iCloud container, a synced folder you picked, or your own LAN/webhook endpoint). It stays there until you clear it in the app (Settings → delete exports), delete the file at your destination, or delete the app. Revoking Apple Health access or deleting the app stops all further processing immediately. Because there is no account, there is nothing for us to delete on your behalf.

Data sharing

The developer does not collect or share your health data with anyone. Once data reaches the endpoint you configure, it has left the app's control and is governed by that destination (your cloud provider, your own server, or the AI client you point at it) — choose endpoints you trust. We require HTTPS for any public webhook so your data is never sent in cleartext over the internet.

Children

The app is not directed at children and does not knowingly collect data from children.

Your choices

You can revoke Apple Health access at any time, change or remove your endpoint, disable background export, or delete the app — which removes all locally stored settings and logs.

Contact

Questions about this policy: [email protected]

Health Export AI · Apple Health → your AI agent, privately. · Terms · Support