Privacy Policy for Artifex Health

Last Updated: April 06, 2026

Artifex Health (“the App”) is built on a Local-First, Privacy-Focused architecture. This means your sensitive health data stays on your device, under your control. We do not use our own external servers to store your health records, and we do not maintain user health databases.

1. Data Collection and Usage

The App accesses and processes the following data to provide health insights, dashboard metrics, and personalized wellness analysis:

• • Health and Fitness Data (via Health Connect): Health Connect is an Android health data platform developed by Google that allows you to control how health data is shared between apps. We request read-only access to health and activity data you authorize, which may include Heart Rate, Heart Rate Variability (HRV), Steps, Active Calories, Sleep Sessions (including stages), SpO2, Resting Heart Rate, Respiratory Rate, Exercise Sessions, and body composition metrics such as Weight, Body Fat Percentage, Lean Body Mass, Bone Mass, and Body Water Mass.
  • Body Composition Data (Manual Entry and Connected Sources): In addition to Health Connect, the App allows you to manually enter body composition data such as weight, body fat percentage, lean body mass, bone mass, and body water mass. This data is used to provide charts, trends, and comparative insights to help you track changes in body composition over time.
  • Blood Test and Lab Results (Manual Entry): The App allows you to manually input blood test and laboratory results (for example, cholesterol markers, glucose levels, or other health biomarkers). This data is used to generate visualizations such as charts and trends, as well as AI-powered insights to help you better understand your health metrics.
• User Profile: We store profile information such as your name, age, gender, height, and weight to personalize health calculations and features (for example, readiness scoring, BMR estimates, and Energy Bank calculations).
• Usage Data: We store local tags and app inputs you choose to provide, such as lifestyle or context tags like “Late Meal,” “Alcohol,” “Stress,” or similar entries used to improve insight quality.

Purpose: This data is used solely to generate your health dashboard, calculate wellness and readiness metrics, surface trends, and provide AI-driven health and wellness insights within the App. This may include body composition tracking and interpretation of manually entered lab results.

We do not use Health Connect data for advertising, marketing profiling, or sale to data brokers.

2. Local-First Security & Encryption

Your privacy is protected through the following technical measures:

• On-Device Encryption: Health data, profile information, and locally stored app records are encrypted at rest using AES-256-GCM encryption.
• Hardware-Backed Security: Encryption keys are managed through the Android Keystore System, helping ensure that keys remain protected by device-level security and do not leave the secure environment of your device.
• Encrypted Local Storage: Health data, including body composition metrics and manually entered blood test results, as well as user profile and app data, are stored locally in encrypted app storage rather than in Artifex Health operated cloud databases.
• No App-Operated Cloud Storage: We do not maintain our own servers or databases to store your health records. If you lose your phone and do not have a device-level backup, we may not be able to recover your data because we do not store it ourselves.
• Security Limitation: While we use reasonable technical safeguards designed to protect your information, no method of electronic storage or transmission is completely secure, and we cannot guarantee absolute security.

3. Artificial Intelligence and Privacy

The App uses a tiered AI architecture designed to prioritize privacy while providing advanced health and wellness analysis.

• On-Device Primary Processing (Gemini Nano): Where supported by your hardware and software environment, the App prioritizes local AI processing using Gemini Nano or related on-device AI capabilities. In this mode, the relevant AI analysis occurs on your device and the processed prompt data does not need to be sent to cloud-based AI systems.
• Cloud-Based Fallback (Vertex AI for Firebase): If your device does not support on-device AI, if local AI resources are unavailable, or if cloud processing is needed for a requested feature, the App may use Google Vertex AI through Firebase to generate insights.
  • How Data is Shared: The data sent for cloud AI processing may include a summarized and structured snapshot of your recent health metrics, trends, context tags, and, where needed for better insight quality, selected raw health data points or short time-series segments.
  • This may include body composition data and manually entered blood test results where relevant to the requested insight.
  • Data Minimization: We try to limit cloud-shared data to what is reasonably necessary for the requested feature.
  • Data Protection: Data sent for cloud AI processing is transmitted using secure transport. We use a paid Google cloud AI service configuration intended for application use rather than public consumer chatbot use.
  • Model Training Statement: Where supported by the service tier and configuration we use, submitted content is not used to train Google’s global foundation models as general public training data. However, service providers may still temporarily process, log, or retain limited request or response data for service operation, security, abuse prevention, monitoring, debugging, or legal compliance.
• No Intentional Direct Identity Sharing: We do not intentionally send direct identifiers such as your name or contact information to cloud AI systems unless required for a feature you use.
• No Data Selling: We do not sell your data or share it with advertisers, data brokers, or unrelated third parties.

4. Health Connect Limited Use Policy

Our use of information received from Health Connect is intended to adhere to the Health Connect Permissions policy, including applicable Limited Use requirements:

• We only request permissions reasonably necessary to provide the App’s core features.
• We do not use health data for advertising, marketing, credit-worthiness, or data brokerage purposes.
• We do not sell health data to third parties.
• We use Health Connect and manually entered data only to provide and improve the App’s health, wellness, and insight features.

5. Third-Party Services

Artifex Health may rely on third-party platform and infrastructure providers to enable certain features, including:

• Health and Fitness Data (via Health Connect by Android) for authorized health data access
• Android system security services, including the Android Keystore System
• Gemini Nano or related on-device Android AI frameworks for local analysis
• Firebase and Google Cloud Vertex AI for cloud-based AI fallback processing, and crash report analytics using crashlytics

These third-party providers may process information as necessary to provide their services, subject to their own terms, privacy practices, and operational requirements.

6. Children’s Privacy

Artifex Health is not intended for children and should not be used by individuals under the minimum age permitted by applicable law and the requirements of the third-party AI services integrated into the App.

We do not knowingly collect personal information from children through the App for independent server-side storage. If you believe a child has provided information in violation of this policy, please contact us so we can review the issue.

7. Your Rights and Data Control

You control your information in the following ways:

• Complete Deletion: You can use the “Clear All Local Data” feature in settings to wipe locally stored encrypted app data from your device.
• Uninstallation: Deleting the App removes data stored by Artifex Health from your device, although device backups or operating system-managed copies may remain outside the App’s control.
• Permission Revocation: You can revoke Health Connect access and other system permissions at any time through Android settings.
• Feature Choice: Where applicable, you may choose whether to use AI-powered features that require additional processing.

8. Data Retention

Because Artifex Health is local-first, your data generally remains on your device until you delete it, clear the App’s storage, revoke permissions, or uninstall the App.

If cloud AI processing is used, provider-side operational logs, monitoring records, or temporary processing data may be retained according to the configuration and policies of the underlying service provider.

9. Medical Disclaimer

Artifex Health is for general wellness and informational purposes only. The App is not a medical device and is not intended to diagnose, treat, cure, monitor, or prevent any disease or medical condition.

AI-generated insights may be incomplete, inaccurate, or not appropriate for your specific circumstances. Always consult a qualified healthcare professional before making decisions about your health, treatment, or exercise routine.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make changes, we will revise the “Last Updated” date at the top of this document and make the updated policy available through the App or related app listing materials.

11. Contact Us

For questions regarding this Privacy Policy or data practices related to Artifex Health, contact:

Artifex Health
KossApplications LLC
artifexhealth@kossapplications.app