BestYou Privacy Policy

Account and Profile Information

This includes your:

• Name, email address, and password
• Date of birth and gender
• Profile image or photo (if you choose to provide one)
• General location information (country/zip code)
• Health and fitness goals

Sign in with Apple

When you choose Sign in with Apple, we receive a privacy-preserving relay email (if you select "Hide My Email") and a stable Apple-provided user identifier for your account.

We use this identifier solely to authenticate you and operate your account. We do not sell or share it for advertising.

Health and Activity Data

Certain features allow you to voluntarily share information about your health and activities:

• Dietary habits, food intake, and nutrition goals
• Physical activity data (steps, workouts, exercise routines)
• Biometric data (height, weight, BMI, body measurements)
• Sleep patterns and quality metrics
• Health conditions and medical information
• Progress photos and achievement data
• Fitness level and activity goals
• Notes and reflections about your progress and mindset

Note: Health and Activity Data may include sensitive personal information when it indicates or allows someone to infer a health condition.

Communications and Interactions

• Email correspondence and support requests
• Feedback and survey responses
• Community forum posts and social interactions
• User-to-user messages and shared content
• Event registration and participation information

Payment Information

If you purchase premium features, payment information is collected by our third-party payment processors. BestYou does not directly store payment card information. Subscriptions are billed by Apple; we receive payment status from Apple, not full card details.

Subscriptions (In-App Purchases)

Payments are processed by Apple via In-App Purchase. BestYou does not store your card details.

You can manage or cancel your subscription in Settings → [your name] → Subscriptions.

Usage and Device Data

• Device information (type, operating system, app version)
• IP address and general location information
• App usage patterns, features accessed, and time spent
• Performance data and error logs
• Network and carrier information

BestYou does not track you across other companies' apps and websites for advertising.

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and analyze usage. These include:

• Required Cookies: Essential for app functionality and security
• Functional Cookies: Enhance features and analyze usage
• Analytics Cookies: Help us understand user behavior and improve our services

You can manage cookie preferences through your browser settings or app preferences.

Connected Health Devices

With your permission, we may collect data from:

• Fitness trackers and wearable devices
• Smart scales and body composition monitors
• Heart rate monitors and sleep tracking devices
• Continuous glucose monitors
• Health platforms (Apple Health, Google Fit, Samsung Health)

HealthKit (Apple Health)

With your explicit permission, BestYou reads select categories from Apple HealthKit to power health features.

• Storage: HealthKit data is stored locally on your device. BestYou does not upload raw HealthKit records (e.g., individual workouts, sleep sessions, raw glucose readings, GPS routes) to our servers.
• Limited Aggregates Sent: During onboarding (and when you request updated insights), the app may send only aggregated 60-day summaries—sleep averages and sleep stage percentages, glucose mean/variability/time-in-range (if applicable), weekly workout minutes, and VO₂ max (if available)— to generate recommendations.
• Prohibited Uses: HealthKit data is used only to improve health, fitness, and wellness features and is not used for advertising, marketing, or data brokerage, and is not shared with third parties except service providers that help deliver these health features under strict contracts.
• Your Control: You can revoke Health permissions at any time in Health app → Profile → Apps → BestYou or Settings → Health → Data Access & Devices → BestYou, and you can clear BestYou's local health data in-app.

Other Sources

• Service providers and business partners
• Research partners and survey platforms
• Social media platforms (when you connect accounts)
• Other BestYou users (shared content and achievements)
• Public health databases and research institutions

Provide and Improve Our Services

• Deliver personalized AI-powered health recommendations and insights
• Track your progress toward health and fitness goals
• Provide customized meal plans, workout routines, and coaching
• Maintain and improve our algorithms and AI models
• Ensure app functionality, security, and performance
• Provide customer support and technical assistance

AI Insights Processing

To generate health insights and goals, BestYou may process the aggregated, de-identified statistics described above using our own models and trusted AI service providers under data-processing agreements. Raw HealthKit records and personal identifiers are not provided to AI providers.

Personalization and AI Enhancement

• Analyze health patterns and provide intelligent recommendations
• Customize content and features based on your goals and preferences
• Develop and improve our machine learning and AI systems
• Test new features and measure their effectiveness

Communication and Engagement

• Send important account and service updates
• Provide health tips, motivational content, and educational materials
• Respond to your questions and support requests
• Facilitate community interactions and social features

Research and Analytics

• Conduct health and wellness research using aggregated, de-identified data
• Analyze usage patterns to improve user experience
• Measure the effectiveness of health interventions and recommendations
• Contribute to scientific understanding of health behaviors (with anonymized data)

Legal and Security

• Comply with legal obligations and regulatory requirements
• Protect against fraud, unauthorized access, and security threats
• Enforce our terms of service and policies
• Respond to legal requests and protect our rights

AI Processing of Your Health Data

BestYou uses third-party AI services (currently Google Gemini and OpenAI) to power your 19 health agents and generate personalized insights, briefings, and coaching recommendations. When we process your data through these services:

• We send aggregated health summaries, not raw HealthKit records or personal identifiers.
• All AI providers operate under data-processing agreements that prohibit using your data to train their general-purpose models.
• Processing occurs on secure, encrypted connections.

User-Directed Sharing with Third-Party AI Services

When you connect a third-party AI service (such as ChatGPT or OpenClaw) to your BestYou account, you direct us to share certain processed health insights with that service. This is a separate category from how we share data with our own service providers — this sharing is initiated and controlled by you.

What is shared:

• Daily briefings (coaching narrative, readiness score, day type)
• Weekly summaries (domain scores for nutrition, strength, activity, and biometrics; trends and achievements)
• Progress snapshots (health domain scores, top insights, recommendations)
• Action plans (scheduled workout blocks, meal details with macros, nutrition targets)
• Workout generation results (stateless; not stored on our servers)
• Meal analysis results (stateless; not stored on our servers)

What is never shared through MCP:

• Raw HealthKit records (heart rate samples, step counts, workout GPS routes, etc.)
• Body weight or body composition data
• Medication or pharmaceutical plan names
• Internal identifiers, timing data, or system architecture details
• Your account password or authentication credentials

Third-party data practices: Once your data is received by a third-party AI service, that service's own privacy policy governs its use. BestYou does not control how third-party services store, process, or retain your data.

Service Providers and Partners

• Cloud hosting and data storage providers
• AI and machine learning service providers
• Payment processors and billing services
• Customer support platforms
• Analytics and performance monitoring services
• Security and fraud prevention services

These providers are contractually required to protect your information and use it only for providing services to us.

Other BestYou Users

We may share information with other users only when you choose to:

• Use social features like friend connections or community forums
• Share achievements, progress, or content publicly
• Participate in challenges or group activities

You can control these sharing settings in your account preferences.

Research and Health Advancement

We may share aggregated, de-identified data with research institutions and public health organizations to advance health science and improve wellness outcomes. This data cannot be used to identify you personally.

Legal Requirements and Safety

• When required by law or legal process
• To protect the safety and security of our users
• To prevent fraud or illegal activities
• In connection with business transfers or acquisitions

Third-Party AI Services (at Your Direction)

When you connect a third-party AI service to your BestYou account by creating an API key or linking your account, we share processed health insights with that service as described in "User-Directed Sharing with Third-Party AI Services" above. This sharing is initiated by you and can be revoked at any time.

Access and Portability

Request a copy of the personal information we hold about you in a portable format.

Correction

Request correction of inaccurate or incomplete information.

Deletion

Request deletion of your personal information (subject to certain legal exceptions).

Restriction and Objection

Request limitation of processing or object to certain types of data use.

Withdraw Consent

Withdraw consent for processing where consent is the legal basis.

Data Protection Rights

Rights against discrimination for exercising your privacy rights and the right to appeal decisions.

Disconnect Third-Party AI Services

Revoke API keys or unlink third-party accounts at any time in the BestYou app (More > Connected Apps). Revocation is immediate — no new data will be shared. To request that a third-party service delete data already received, contact that service directly.

OpenClaw / MCP API Keys

When you create an API key in the BestYou app, you review a data sharing disclosure that describes what data will be shared and with whom. Creating the key constitutes your consent.

ChatGPT

When you generate a linking code and enter it on the ChatGPT authorization page, you review the requested access scopes and a data sharing disclosure. Completing the linking flow constitutes your consent.

Withdrawing Consent

Revoke your API key or unlink your account at any time. This immediately stops new data sharing.