My Nexus Health Coach - Privacy Policy

Effective Date: March 16, 2026

My Nexus Health Coach ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, share, and protect your personal information when you use our mobile application and related services.

1. Information We Collect

Personal Information

Account information: Name, email address, phone number (for SMS verification)
Chat messages: Messages you send to the AI wellness coach
Push notification tokens: Device tokens for delivering notifications
Device identifiers: Used for device-bound payment token security

Health Data via Apple HealthKit (iOS)

With your explicit permission, we read the following health data types from Apple HealthKit (read-only access):

Steps: Daily step count for activity tracking and coaching
Weight: Body weight measurements for progress tracking during wellness challenges
Heart rate: Heart rate readings for fitness and recovery monitoring
Sleep analysis: Sleep duration and quality data for holistic wellness coaching
Active energy burned: Energy expenditure for activity and nutrition coaching
Distance walking/running: Distance traveled during activities for workout tracking

HealthKit data is never used for advertising and is never shared with third parties, including Anthropic. Your HealthKit data is not used to train AI models. You can revoke HealthKit access at any time via Settings > Privacy & Security > Health on your iPhone.

Health Data via Health Connect (Android)

With your explicit permission, we read the following health data types from Health Connect (read-only access):

Steps: Daily step count for activity tracking and coaching
Weight: Body weight measurements for progress tracking during wellness challenges
Heart rate: Heart rate readings for fitness and recovery monitoring
Sleep sessions: Sleep duration and quality data for holistic wellness coaching
Active calories burned: Energy expenditure for activity and nutrition coaching
Distance: Distance traveled during activities for workout tracking

Payment Information

Tokenized card data: Payment card information is tokenized via FluidPay; we never store raw card numbers
Transaction records: Payment amounts, timestamps, and approval evidence for consultation and service payments

2. How We Use Your Information

Personalized AI wellness coaching: Your chat messages are processed by our AI service to provide tailored coaching responses
Health metric tracking and visualization: Displaying your health data trends and progress
Transformation challenge progress tracking: Monitoring your wellness challenge goals and milestones
Payment processing: Processing payments for consultations, services, and subscriptions
Push notifications: Sending reminders, milestone celebrations, and coach messages
Account security: Verifying your identity via SMS and securing payment tokens to your device

3. Third-Party Data Sharing

We do NOT sell your data to third parties. We do NOT use your data for advertising.

Anthropic (AI Sub-Processor)

We use Anthropic Claude (Claude API) to process your chat messages and generate AI coaching responses. Anthropic operates as a sub-processor for AI coaching functionality.

Only chat message text is sent to Anthropic's servers
Your health metrics, personal health data, and payment information are NOT sent to Anthropic
We use Anthropic's Commercial API; your data is NOT used for AI model training
Learn more: Anthropic Privacy Policy

FluidPay (Payment Processor)

FluidPay processes tokenized payment card data for consultation and service payments. No raw card data leaves the app; only secure tokens are transmitted to FluidPay's PCI-compliant gateway.

Expo Push Notification Service

We use Expo's push notification service to deliver notifications to your device. Only push tokens and notification content are shared with Expo.

Twilio (SMS Verification)

Twilio sends SMS verification codes for phone number verification. Only your phone number is shared with Twilio for this purpose.

4. Data Retention

Chat messages: 90-day rolling purge (older messages are automatically deleted)
Health metrics: Retained while your account is active
Audit log: 6-year retention (compliance requirement)
Payment transaction records: Retained per applicable financial regulations
Account data: Retained until you request deletion

5. Health Data (iOS & Android)

Apple HealthKit (iOS)

Our app integrates with Apple HealthKit on iOS to read health and fitness data. We request read-only access to the following data types:

Steps: Used to track daily activity levels and provide coaching recommendations
Body Weight: Used for progress tracking during transformation challenges and goal monitoring
Heart Rate: Used to assess fitness levels and recovery for personalized coaching
Sleep Analysis: Used to evaluate sleep quality and provide holistic wellness recommendations
Active Energy Burned: Used to calculate energy expenditure for nutrition and activity coaching
Distance Walking/Running: Used to track workout distances for fitness coaching

HealthKit data is NOT shared with any third parties, including Anthropic. This data is NOT used for advertising or AI model training. You can revoke access at any time via Settings > Privacy & Security > Health.

Android Health Connect

Our app integrates with Android Health Connect to read health and fitness data. We request read-only access to the following 6 data types:

Steps (StepsRecord): Used to track daily activity levels and provide coaching recommendations
Weight (WeightRecord): Used for progress tracking during transformation challenges and goal monitoring
Heart Rate (HeartRateRecord): Used to assess fitness levels and recovery for personalized coaching
Sleep (SleepSessionRecord): Used to evaluate sleep quality and provide holistic wellness recommendations
Active Calories Burned (ActiveCaloriesBurnedRecord): Used to calculate energy expenditure for nutrition and activity coaching
Distance (DistanceRecord): Used to track workout distances for fitness coaching

Health Connect data is NOT shared with any third parties. This data is NOT used for advertising. This data is NOT sent to the AI service (Anthropic). You can revoke access at any time via Android Settings > Apps > Health Connect.

6. Your Rights

You have the following rights regarding your data:

Data export: Request a copy of your personal data by contacting us
Account deletion: Request complete deletion of your account and associated data (chat messages, health metrics, payment methods, and profile data will be permanently removed; audit logs are retained per compliance requirements)
Health data permissions (iOS): Manage or revoke HealthKit data access at any time via Settings > Privacy & Security > Health on your iPhone
Health data permissions (Android): Manage or revoke Health Connect data access at any time through Android Settings > Apps > Health Connect
Push notification preferences: Control notification categories (reminders, milestones, coach messages) in the app settings
Withdraw AI consent: You may withdraw consent for AI processing by clearing app data or contacting us to disable AI coaching for your account

7. Security Measures

We implement the following measures to protect your data:

JWT authentication with token rotation for secure session management
Encrypted storage (SecureStore) for sensitive tokens on your device
HTTPS encryption for all API communication between the app and our servers
Device-bound payment tokens: Payment methods are tied to your specific device, protecting against unauthorized transactions if your phone is lost or stolen
PCI-compliant payment processing through FluidPay (no raw card data stored)
Rate limiting on authentication and sensitive endpoints

8. Children's Privacy

My Nexus Health Coach is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete that information promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

Update the "Effective Date" at the top of this page
Notify you through an in-app notification or push notification
For significant changes affecting AI data processing or health data handling, we may require you to re-accept the updated terms

10. Contact Information

If you have questions about this Privacy Policy, wish to exercise your data rights, or have concerns about how your data is handled, please contact us:

Email: privacy@nexushealthcoach.com