AHIMO

Privacy Policy

Effective Date: 20 September 2025
Last Updated: 22 September 2025

Ahimo is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with the General Data Protection Regulation (GDPR).

Data We Collect

Health Data

  • HealthKit Integration: Accessed only with your explicit permission.
  • User-Entered Data: Information you add (e.g., mood, stress, nutrition, lifestyle, symptoms).
  • Device Sensor Data: Activity metrics such as steps and active calories.

Technical Data

  • Crash & Performance Telemetry (Mandatory): Minimal error logs and stability metrics required to provide the service, collected via Firebase Crashlytics. No HealthKit or health content is included.
  • Optional Usage Analytics: Feature-usage events via Firebase Analytics (only if you opt in).
  • Device Information: iOS version, app version, device type.

Legal Basis for Processing

  • Health Data (special category): Explicit consent (granted when you authorize HealthKit access or manually log data). You may withdraw consent at any time.
  • Crash & Performance Telemetry: Performance of a contract (GDPR Art. 6(1)(b)). This telemetry is strictly necessary to operate and maintain the app and cannot be disabled.
  • Optional Usage Analytics: Consent (GDPR Art. 6(1)(a)). You can enable/disable this any time in Ahimo's settings.

How We Use Your Data

On-Device Processing

  • Local Analysis Only: All health computations run on your device.
  • No Raw Health Data Transmission: Your health data does not leave your iPhone.

AI-Powered Insights (Abstracted Data Only)

  • Data Abstraction Layer: We transform information into aggregated/abstracted patterns before any AI processing.
  • Example: Instead of "User ate pizza at 9 PM", the AI receives "Late-evening food intake correlation detected".
  • No Re-identification: Technical and organizational measures are designed to prevent linking abstracted data back to you.

Analytics & Improvements

  • Crash & Performance Telemetry (mandatory): Diagnose crashes, prevent data loss, and ensure security/stability. Telemetry is data-minimized, excludes HealthKit data, and is not used for marketing or profiling.
  • Firebase Analytics (optional): Understand feature adoption to improve Ahimo.
  • No Health Data Shared: Health information is never sent to Firebase.

Your Data: Storage, Backup & Control

Local Storage

  • On Device: Health data is stored locally on your iPhone.
  • Encryption: Protected by iOS device encryption and Secure Enclave.

iCloud Backup (Optional)

  • Standard iCloud Security: Health data backed up to iCloud uses Apple's standard CloudKit encryption and security protocols. Data is encrypted in transit and at rest using Apple's infrastructure.
  • Apple's Access: As with standard iCloud services, Apple has technical capability to access backed-up data when required by law or their terms of service.
  • Off by Default: You may enable or disable iCloud backup in Ahimo settings at any time.
  • Deletion (high-level steps): On your iPhone open Settings[your name]iCloudManage Account Storage. If Ahimo appears under Apps Using iCloud (or Show All), tap AhimoDelete Data. If data exists only inside a device Backup, go to iCloudManage Account StorageBackups, choose your device, then delete the backup or exclude Ahimo from future backups. (Menu names may vary by iOS version.)

Third-Party Services

Google Firebase

  • Crashlytics (mandatory): Minimal crash diagnostics and performance telemetry essential to operate the app under Art. 6(1)(b).
  • Analytics (optional): Usage analytics only if you opt in.
  • Data Sent: App events (analytics if enabled), crash diagnostics, device metadata.
  • Data Not Sent: Raw health data or identifiable health content.

Generative AI

  • Purpose: Provide insights from abstracted patterns.
  • Data Sent: Aggregated/abstracted patterns only; no personal identifiers or raw health records.
  • Transport Security: Encrypted via HTTPS/TLS.

Your Rights (GDPR)

  • Access: Obtain a copy of your personal data processed by Ahimo.
  • Rectification: Correct inaccurate or incomplete data.
  • Portability: Export data in a structured, commonly used format.
  • Deletion: Delete your data (e.g., remove entries or all app data).
  • Withdraw Consent: Revoke HealthKit or analytics consent at any time (HealthKit in iOS settings; analytics in Ahimo settings).
  • Right to Object: You may object to processing based on legitimate interests (e.g., optional analytics) at any time.
    Clarification: The right to object does not apply to processing that is strictly necessary to perform our contract with you (GDPR Art. 6(1)(b)). Ahimo requires mandatory stability and security telemetry (crash/performance data) to function. If you do not agree to this essential telemetry, you cannot use the app. This telemetry never includes HealthKit/health data, is limited to what is necessary, and is not used for profiling or marketing.
  • Complaint: Lodge a complaint with your local Data Protection Authority.

Exercising Your Rights

  • In-App: Manage HealthKit permissions and analytics preferences in settings.
  • Email: info@ahimo.app - Response Time: We respond within 30 days.

Data Security

We apply industry-standard safeguards to protect your information:

  • Device-Level Protection: Health data is protected by iOS device encryption and Secure Enclave when stored locally.
  • iCloud Security: Optional iCloud backups use Apple's standard CloudKit encryption and security infrastructure.
  • Transport Layer Security: All data transmission uses industry-standard HTTPS/TLS encryption.
  • Access Controls: Strict internal access controls and regular security audits.

Contact Us

If you have questions about this Privacy Policy, please contact us at info@ahimo.app.

This policy is effective as of 20 September 2025 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.