Last updated: May 30, 2026
VitalBrief is a wellness app that reads Apple Health data on your device and generates AI-powered reports. Your privacy is not a feature, it's the foundation of how the app is built.
VitalBrief has no user accounts, no login, no email collection, and no registration of any kind. We do not receive your name, email, Apple ID, or device identifier from the app.
If you contact us for support by email, we receive the email address, message, and any information you choose to include. We use support communications only to respond, troubleshoot, and maintain the service.
VitalBrief accesses the following health data types from Apple HealthKit, with your explicit permission. The app works with any device that syncs to Apple Health, including Apple Watch, Garmin, Oura Ring, Whoop, Fitbit, and Withings:
This data is used exclusively to generate your wellness reports. It is never used for advertising, data mining, or any purpose other than the app's core functionality.
Your profile, preferences, generated reports, and workout notes are stored locally on your device. VitalBrief does not operate user accounts or a cloud sync service for this app data. Your health information remains protected by Apple's built-in device security.
When you generate a report, health metrics are sent through a secure Cloudflare-hosted proxy and processed by an external AI service to create your wellness insights. Here's what you should know:
You provide explicit consent before any health data is processed by the AI service for the first time.
To keep the service reliable and prevent abuse, the proxy may process limited technical metadata such as request ID, IP address, country, user agent, app version, build number, platform, HTTP method, request path, request and response size, response status, duration, rate-limit status, error category, hash-derived abuse-prevention identifiers, AI routing status, and token-usage metadata returned by the AI service when available. These logs are used for security, debugging, reliability, and cost-control purposes. They are not linked to a user account because VitalBrief does not have accounts, and they do not include the full health report prompt or generated report content.
VitalBrief currently uses Cloudflare Workers Logs for these technical logs and does not export them to a separate external log-storage service. Technical logs are short-lived and deleted automatically, generally within a few days. Short-lived rate-limit and circuit-breaker counters expire automatically within hours.
VitalBrief uses local notifications only. These are scheduled on your device to let you know when a new report is available. The app does not send remote push notifications.
Subscriptions are managed entirely through Apple's App Store and StoreKit framework. We do not process, store, or have access to any payment information. All billing is handled by Apple.
When generating reports, your data is processed by two external services: a secure proxy (Cloudflare) that routes your request, and an AI service that generates your report. The app does not add your name, email, Apple ID, device identifier, or account identifier to these requests. We do not use analytics SDKs, advertising networks, crash reporting tools, or tracking pixels.
Where privacy law requires a legal basis, we process health metrics for report generation with your explicit consent, support communications to respond to your request, and technical logs for security, reliability, debugging, and cost control. Report generation, support, and technical operations may involve processing in countries other than your country of residence. Where required, we rely on consent, contractual safeguards, or other lawful transfer mechanisms.
VitalBrief is not designed for or directed at children under 16. We do not knowingly collect information from children.
You can delete app data stored on your device at any time by deleting the app from your device. This removes locally stored reports, profile details, preferences, and notes.
Technical logs and short-lived rate-limit or circuit-breaker counters expire automatically as described above. If you have contacted support by email, you may request deletion of support communications, subject to any records we need to retain for legal, security, or dispute-resolution purposes.
Depending on where you live, you may have rights to request access, correction, deletion, restriction, objection, portability, or withdrawal of consent. Because VitalBrief does not have accounts and stores reports, profile details, preferences, and notes on your device, we may not be able to identify app data from your email address alone. We will respond to requests about support communications or technical logs where we can reasonably identify the relevant records. You can also withdraw Apple Health access at any time in iOS Settings and delete local app data by deleting the app.
If we update this privacy policy, we will post the revised version at this URL with an updated date. Significant changes will be communicated through the app.
If you have questions about this privacy policy, contact us at [email protected].