Legal Document

Privacy Policy

Developed and operated by Apex Development Studio LLC · Effective: May 22, 2026 · Last Updated: May 22, 2026

Apex Development Studio LLC ("we," "our," or "us") develops and operates Journey Tracker and is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your health and personal information when you use the Journey Tracker iOS application and associated website (journeytracker.app).

Please read this policy carefully. By using Journey Tracker, you agree to the practices described here.

1. Who We Are

Journey Tracker is an iOS application developed and operated by Apex Development Studio LLC. It is designed to help individuals undergoing GLP-1 therapy (including medications such as semaglutide, tirzepatide, and similar agents) track their health progress, medication history, laboratory results, and related health markers.

Apex Development Studio LLC operates Journey Tracker as a consumer health application. We are not a healthcare provider, health plan, or healthcare clearinghouse.

2. Information We Collect

2.1 Information You Provide Directly

When you use Journey Tracker, you may enter the following health information:

Body measurements: Weight, body fat percentage, muscle mass, BMI, and related metrics
Medication information: GLP-1 medication name, dose, injection dates, and injection site rotation
Side effect logs: Symptoms experienced during therapy, severity, and associated notes
Laboratory results: Blood test values including HbA1c, lipid panel, metabolic markers, thyroid markers, and other health markers you choose to enter
Health goals: Target weight and hydration goals
Notes: Free-text notes you add to any health entry

2.2 Information Collected Through Apple Health (HealthKit)

With your explicit permission, Journey Tracker may read from and write to Apple HealthKit. The specific data types accessed are listed during the permission request and may include:

Body weight and body composition metrics
Blood glucose readings
Blood pressure measurements
Dietary water intake
Laboratory results (if you connect your health system through Apple Health Records)

You control HealthKit access entirely. You can review and revoke any HealthKit permission at any time through iOS Settings → Privacy & Security → Health → Journey Tracker.

2.3 Information Collected Through Sign in with Apple

We use Sign in with Apple for authentication. Apple provides us only with a stable, opaque user identifier — not your Apple ID, real name, or email address.

2.4 Information We Do NOT Collect

Journey Tracker does not collect:

Your full name
Your physical address or precise location
Your date of birth
Your Social Security Number or government-issued identifiers
Your health insurance information
Your prescribing physician's information
Payment card information (payments are processed by Apple App Store)

3. How We Use Your Information

3.1 To Provide the Application

Your health data is used solely to operate the features of Journey Tracker — displaying your health trends, generating charts, tracking your GLP-1 progress, and providing the features you use.

3.3 We Do Not Sell Your Data

We do not sell, rent, or trade your personal or health information to any third party for any purpose, including advertising.

3.4 We Do Not Use Your Data for Advertising

Journey Tracker does not display advertisements and does not use your health data for advertising or marketing purposes of any kind.

4. How We Store Your Information

4.1 On Your Device

All of your health data is stored locally on your iPhone using Apple's Core Data framework. This data is encrypted at rest using iOS FileProtection (AES-256 encryption). Your data is only accessible when your device is unlocked.

4.2 iCloud Backup

If you have iCloud enabled, your Journey Tracker data may be backed up to your personal iCloud account through Apple's CloudKit framework. This data is:

Stored in your personal iCloud account, not any server controlled by us
Subject to Apple's privacy policy and security practices
Accessible only to you through your Apple ID
Not accessible to Journey Tracker developers under any circumstances

You can disable iCloud backup for Journey Tracker at any time through iOS Settings → [Your Name] → iCloud → Apps Using iCloud.

5. Information Sharing

5.1 Apple

We use Apple's platform services (HealthKit, CloudKit, Sign in with Apple, StoreKit) to operate Journey Tracker. Your use of these services is subject to Apple's Privacy Policy (apple.com/privacy).

5.3 RevenueCat (Subscription Management)

Subscription management is handled by RevenueCat. RevenueCat receives subscription status information to verify your Pro subscription. RevenueCat's privacy policy is available at revenuecat.com/privacy.

5.4 Formspree (Contact Form)

The contact form on our support page is processed by Formspree, Inc., a third-party form submission service. When you submit the contact form, your name, email address, and message content are transmitted to and temporarily stored by Formspree in order to deliver the message to us. Formspree does not use this data for advertising and does not sell it. For details, see Formspree's Privacy Policy.

5.5 Cloudflare, Inc. (API Proxy)

5.6 No Other Third-Party Sharing

We do not share your health or personal information with any other third parties.

6. Your Rights and Choices

6.1 Access Your Data

You can view all of your health data within the Journey Tracker app at any time.

6.2 Delete Your Data

You can delete all of your Journey Tracker data by:

Deleting individual entries within the app
Using Settings → Privacy & Security → Delete Account & All Data within the app (removes all on-device data)
Deleting the app (removes all on-device data)
Managing your iCloud storage to remove Journey Tracker backups via iOS Settings

Third-party data: Apex Development Studio LLC does not store health data on any server it controls. There is nothing on our end to delete.

6.4 HealthKit Permissions

You can review and revoke any HealthKit permission at any time through iOS Settings → Privacy & Security → Health → Journey Tracker.

6.5 California Residents (CCPA/CPRA)

If you are a California resident, you have the right to:

Know what personal information we collect and how it is used
Delete your personal information
Correct inaccurate personal information
Opt out of the sale of your personal information (we do not sell personal information)
Limit use of sensitive personal information to purposes explicitly disclosed in this policy
Non-discrimination for exercising your privacy rights

Sensitive Personal Information: Journey Tracker collects the following categories of sensitive personal information as defined by the California Privacy Rights Act (CPRA): health data (body weight, body composition, blood glucose, blood pressure, medication information, laboratory results, and symptom logs). This data is used solely for the purposes disclosed in this policy and is never sold or shared for advertising. You have the right to limit the use of your sensitive personal information to the purposes described in this policy.

To exercise these rights, contact us at support@journeytracker.app. We will respond within 45 days. If an extension is necessary, we will respond within 90 days total and notify you of the extension.

6.6 Virginia, Colorado, and Other State Residents

Residents of Virginia (CDPA), Colorado (CPA), and other states with consumer privacy laws have similar rights to access, delete, and correct their personal information. Contact us at support@journeytracker.app to exercise these rights.

8. Children's Privacy

Journey Tracker is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18.

Journey Tracker does not collect or store user data on our servers. All health data is stored locally on the user's device and, if iCloud is enabled, in the user's personal iCloud account — neither of which we control or can access. Because we have no server-side records, we are unable to identify or delete data belonging to any specific user, including minors.

If you believe a child under 18 has used Journey Tracker, please contact us at support@journeytracker.app and we will respond promptly. To remove all associated data, we recommend: (1) deleting the Journey Tracker app from the device, and (2) removing any iCloud data via iOS Settings → [Your Name] → iCloud → Manage Storage → Journey Tracker.

9. Data Security

We implement technical and organizational measures to protect your health information, including:

On-device encryption: All health data is encrypted using AES-256 encryption
Secure authentication: Sign in with Apple with optional biometric lock
Secure transmission: All data transmitted over the internet uses TLS 1.3 encryption
No developer server access: We do not operate servers that store your health data
Debug code exclusion: Developer and debug features are excluded from the production app

No security system is perfect. If we become aware of a security breach that affects your health information, we will notify you as required by applicable law.

10. Breach Notification

In the event of a security breach involving your health information, we will notify affected users in accordance with the FTC Health Breach Notification Rule (16 C.F.R. Part 318) and applicable state law, including Washington's My Health My Data Act where applicable.

Notification procedures:

For breaches affecting fewer than 500 individuals: notification to affected users within 60 calendar days of discovery, via in-app notification and/or email
For breaches affecting 500 or more individuals: notification to the FTC and affected users within 60 calendar days of discovery, plus notification to prominent media outlets serving the affected area

Notification content will include: a description of the breach, the types of health data involved, steps you can take to protect yourself, and contact information for further inquiries.

If you believe your health data has been compromised, contact us immediately at support@journeytracker.app.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you through the app and update the "Last Updated" date at the top of this policy. Your continued use of Journey Tracker after such notification constitutes your acceptance of the updated policy. For material changes that affect how we process your health data, we will seek your renewed consent where required by law.

12. Contact Us

If you have questions about this Privacy Policy or how we handle your health information, please contact us:

Company: Apex Development Studio LLC
Email: support@journeytracker.app
Website: journeytracker.app
Mailing Address: Available upon request — email support@journeytracker.app

For data deletion requests or to exercise your privacy rights, please email support@journeytracker.app with the subject line "Privacy Rights Request."