Privacy Policy

Effective date: May 25, 2026 · Developer: Terry Keller

    Signal is a personal health analytics app. Your health data is used only to
    provide you with insights and track your progress. It is never sold, shared
    with advertisers, or used for any purpose other than operating the app.
  

1. Who We Are

Signal ("the app", "we", "us") is a personal health analytics application developed by Terry Keller. You can reach us at contact@get-signal.app.

2. What Data We Collect

We collect only the data needed to provide the app's features:

Account information

Email address and hashed password
First name (optional)

Personal profile (optional, used to personalize insights)

Date of birth, biological sex, height, and starting body weight
Body diagram skin tone preference

Health and fitness data

Apple Health data you choose to sync: steps, heart rate, sleep, workouts, body weight, body fat percentage, and other metrics exported from the Health app on your device
Oura Ring data (if you connect your Oura account): sleep scores, readiness scores, heart rate variability, activity data, and SpO2
Body measurements you enter manually
Workout sessions you log manually in the app, including type, duration, and estimated calorie burn

Nutrition data

Food log entries you create directly in the app
Nutrition data imported from Lose It (if connected)
Custom recipes and saved foods you create

Usage data

Last login timestamp and onboarding completion status
In-app settings and goal preferences

3. How We Use Your Data

Your data is used exclusively to:

Display your health trends, readiness scores, and daily summaries
Generate personalized AI-powered insights and correlations
Track progress toward your nutrition and fitness goals
Sync data between your devices and our servers
Send transactional emails (account verification, password reset)

We do not use your data for advertising, profiling for third parties, or any purpose not listed above.

4. AI-Generated Insights

Signal uses the Anthropic Claude API to generate health insights from your data. When you request an AI insight, relevant portions of your health data are transmitted to Anthropic's API for processing. Anthropic retains API inputs and outputs for up to 30 days for safety and abuse monitoring purposes, after which they are automatically deleted. Anthropic does not use API data to train their models. Anthropic's privacy practices are governed by their privacy policy at anthropic.com/privacy.

5. Third-Party Integrations

Signal integrates with the following services at your direction:

Apple HealthKit — data is read from your device's Health app only when you grant permission. We do not write data back to Apple Health.
Oura — if you connect your Oura account, we store an encrypted OAuth access token to sync your ring data on your behalf. You can disconnect at any time in Settings.
Lose It — if you import a Lose It export, the nutrition data in that file is stored in your Signal account. No ongoing connection to Lose It's servers is made.

We do not share your data with these services beyond what is necessary to perform the integration you requested.

6. Data Storage and Security

Your data is stored in an encrypted PostgreSQL database hosted on Railway infrastructure in the United States. Sensitive fields (including OAuth tokens) are encrypted at the application layer in addition to database-level encryption. Passwords are hashed using bcrypt and are never stored in plaintext. Access between your app and our servers is encrypted via HTTPS/TLS.

The Signal admin panel is protected by two-factor authentication. Only authorized administrators can access your account data.

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, all associated data — including health records, nutrition logs, insights, and profile information — is permanently deleted from our servers. You can request account deletion by contacting us at contact@get-signal.app.

8. Your Rights

You have the right to:

Access a copy of the data we hold about you
Correct inaccurate data
Delete your account and all associated data
Disconnect any third-party integration (Oura) at any time in Settings
Revoke Apple Health permissions at any time in your device's Settings app

To exercise any of these rights, contact us at contact@get-signal.app.

9. Children's Privacy

Signal is not directed to individuals under 18 years of age. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us with personal information, please contact us and we will delete it promptly.

10. Health Data (HIPAA Notice)

Signal is a personal wellness app and is not a covered entity under HIPAA. The health data you store in Signal is not considered protected health information under HIPAA. We recommend not using Signal to store data you consider to be sensitive medical records.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of this page. We encourage you to review this policy periodically. Continued use of the app after changes constitutes acceptance of the updated policy.

12. Contact

If you have any questions about this Privacy Policy or how we handle your data, please contact:

Developer: Terry Keller
Email: contact@get-signal.app
App: Signal — Health Analytics

This privacy policy applies to the Signal iOS application and its associated backend services at get-signal.app.