Download App

Privacy Policy

Last Updated:

Sovi Health Solutions (“Sovi Health,” “we,” “our,” or “us”) is committed to protecting the privacy and security of your personal health information. This Health Data Privacy Policy outlines how we collect, use, store, and protect health data obtained through Apple HealthKit and Google Fit integrations with the Sovi Health mobile application (“App”). 

This policy applies specifically to data accessed through Apple HealthKit APIs and Google Fit APIs. 

1. Overview of Health Data Access

When you choose to connect Apple HealthKit or Google Fit to the Sovi Health app, you explicitly authorize us to access select categories of health-related information stored on your device. The categories of data we may access—based solely on your permission—include:

  • Activity metrics (e.g., steps, walking distance, active minutes) 
  • Heart rate data
  • Sleep duration and quality
  • Weight, body mass index (BMI), and related metrics
  • Nutrition and hydration intake

We do not access, collect, or use any data outside of the categories you specifically grant permission for. 

2. Purpose of Data Collection

All health data accessed from HealthKit or Google Fit is used exclusively to improve your in-app experience and health outcomes. Specifically, we use this data to:

  • Provide personalized recommendations across the four pillars of health: movement, nutrition, sleep, and stress
  • Enhance the precision of habit suggestions and goal tracking
  • Improve the functionality and relevance of the Sovi Health app over time
  • Help users build lasting behavior change based on data-driven insights

We do not use your health data for advertising, marketing, third-party analytics, profiling, or resale under any circumstances.

3. Data Use & Internal Access Controls 

Sovi Health stores and processes all health data in-house. Your health data is:

  • Never sold or shared with any third parties, advertisers, brokers, or data aggregators
  • Only accessible by our internal team of product developers, engineers, and data scientists for the sole purpose of improving the app’s health features and behavioral science engine
  • Governed by strict internal access controls and role-based permissions to minimize exposure and risk

All internal access to your data is logged, monitored, and limited to team members who are bound by confidentiality agreements and trained in data privacy protocols.

4. HIPAA and SOC 2 Compliance Principles

We design our systems, processes, and data handling procedures to align with industry-leading privacy and security standards, including:

  • HIPAA-aligned practices for the protection of individually identifiable health information, including secure storage, access logging, breach response, and user consent controls.
  • SOC 2 compliance principles, including controls for security, availability, confidentiality, and privacy across all systems that store or process health data.

While Sovi Health is not a covered entity under HIPAA in all cases, we voluntarily adopt HIPAA-compliant security and privacy controls as best practices.

5. Data Storage and Security

We take the protection of your health information seriously. All data is: 

  • Encrypted at rest and in transit using industry-standard protocols (TLS 1.2+, AES-256)
  • Stored in secure U.S.-based data centers compliant with SOC 2 standards
  • Protected by ongoing vulnerability monitoring, access controls, and regular security audits

No data is stored on your device unless explicitly cached for performance, and all synced data is securely transferred to our cloud infrastructure.

6. User Consent and Control

We operate under a strict opt-in model for all health data access.

  • You must manually authorize the Sovi Health app to access HealthKit or Google Fit data
  • You can revoke access at any time through your device’s privacy settings
  • You may request the deletion of all your data from our servers by emailing [Insert Email Address] at any time

Revoking access does not affect the usability of the Sovi Health app, but it may limit personalized functionality.

7. Data Retention

We retain health data only as long as it is required to support your use of the app or fulfill the improvement goals outlined above. You may request early deletion of your health data at any time.

Upon account deletion or request for data removal:

  • All associated health data is permanently deleted from our systems within 30 days
  • Backup data (if any) is also purged in the next scheduled backup cycle

8. No Third-Party Use

To reiterate:

  • We do not share, disclose, or sell HealthKit or Google Fit data with third parties
  • We do not use this data for advertising, cross-platform profiling, or external analytics
  • We only use your health data to serve you directly inside the Sovi Health app and improve our product experience

9. Contact Us

For any questions, concerns, or requests related to your health data or this privacy policy, please contact:

Email: [email protected]

10. Updates to This Policy

We may update this policy to reflect changes in our privacy practices or legal requirements. We will notify you of significant changes through the Sovi Health app and/or email prior to implementation.

Summary

Your health data belongs to you. We exist to help you use it better—not to monetize it. At Sovi Health, your privacy is not an afterthought—it is the foundation of our product philosophy.