Privacy Policy for Kiva

Last updated: February 22, 2026

Welcome to Kiva ("the app"). Your privacy is important to us. This Privacy Policy explains what information we collect, how we use it, and how we protect it.

By using the app, you agree to the collection and use of information as described in this policy.

Information We Collect

Account Information

When you sign in using Sign In with Apple, we collect:

  • Name (first name and, optionally, last name)
  • Email address (or Apple's Private Relay email, if you choose "Hide My Email")

Your first name may be visible to other users on the leaderboard. Your email is used as your account identifier and is encrypted at rest.

Health & Fitness Data

With your explicit consent, we read data from Apple Health (HealthKit), which may include:

  • Step count, exercise minutes, workout data
  • Heart rate, resting heart rate, heart rate variability, blood pressure
  • Sleep analysis, respiratory rate, oxygen saturation
  • VO2 Max, body mass, body fat percentage, BMI, lean body mass
  • Blood glucose, wrist temperature
  • Mindful sessions
  • Date of birth, biological sex

We use this data to calculate personalized health scores (biological age, athletic age, longevity score) and provide fitness insights.

Nutrition Data

If you log meals in the app, we store:

  • Food names, calorie and macronutrient values, meal dates

Blood Test Data

If you upload blood panel results, we store the values you provide. This data is encrypted (AES-256-GCM) before being stored in the cloud.

Usage & Analytics Data

We use Firebase Analytics to collect anonymized usage data, including:

  • App session events (screens viewed, features used)
  • Subscription and purchase events
  • Age group and gender (aggregated, not personally identifiable)
  • Device type and iOS version

We do not use this data for advertising or share it with ad networks.

How We Store Your Data

Cloud Storage (Google Firebase Firestore)

Your account information, calculated health scores, nutrition log, and app preferences are stored in Google Firebase Firestore. Sensitive fields (such as blood test data) are encrypted using AES-256-GCM before storage. Your encryption key is stored securely in the iOS Keychain on your device and never leaves your device.

Local Storage

Health data read from Apple Health is processed on your device. Calculated scores and preferences are also cached locally on your device using standard iOS storage.

Data Retention

Your data is retained as long as your account is active. You may request deletion of your data at any time by contacting us (see below).

How We Use Your Data

We use your information to:

  • Provide personalized health and fitness insights
  • Calculate health scores (biological age, athletic age, longevity score, nutritional age)
  • Display your ranking on the leaderboard (first name only)
  • Process subscriptions and in-app purchases
  • Improve app performance and fix bugs (via anonymized analytics)

AI-Powered Health Analysis (Elite Tier)

If you subscribe to the Elite tier, your health metrics (not your name or email) are sent to a third-party AI service (Anthropic Claude) via secure Firebase Cloud Functions to generate personalized health insights from specialist AI agents. This data is:

  • Transmitted securely over HTTPS
  • Not stored by Anthropic beyond the duration of the request
  • Not used to train AI models
  • Limited to aggregated health metrics (no personally identifiable information is sent)

Third-Party Services

We use the following third-party services:

  • Apple HealthKit — to read health and fitness data (with your consent)
  • Google Firebase — for authentication, cloud storage, and analytics
  • Anthropic Claude — for AI-powered health insights (Elite tier only)
  • Apple StoreKit — for subscription and purchase processing

We do not sell, rent, or share your personal data with advertisers or data brokers.

Auto-Renewable Subscriptions

The app offers auto-renewable subscriptions (Monthly and Annual plans). Subscriptions auto-renew unless cancelled at least 24 hours before the end of the current period. You can manage or cancel your subscription in Settings > Apple ID > Subscriptions.

Data Security

We use commercially reasonable measures to protect your data, including:

  • AES-256-GCM encryption for sensitive fields stored in the cloud
  • iOS Keychain for encryption key storage (device-only, never transmitted)
  • HTTPS/TLS for all network communication
  • Firebase Authentication for secure account access

No method of electronic storage is 100% secure, and we cannot guarantee absolute protection.

Your Rights

You have the right to:

  • Access your data by contacting us
  • Delete your account and associated data by contacting us
  • Revoke Apple Health access at any time in iOS Settings > Privacy & Security > Health
  • Revoke Sign In with Apple at any time in iOS Settings > Apple Account > Sign-In & Security > Sign In with Apple

Children's Privacy

This app is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

Changes to This Privacy Policy

We may update this policy periodically. Changes will be posted on this page with an updated date. We will not make material changes that expand data collection without notifying users.

Contact Us

For questions about this Privacy Policy or to request data deletion, please contact us at:

Kiva
Email: support@kivahealth.co

Thank you for trusting us with your fitness journey.