How Personal Health handles your data

Effective May 22, 2026 · Last updated May 22, 2026

Personal Health is a single-user health dashboard operated privately by the account owner. It aggregates lab, body composition, and recovery signals from authorized providers into trends the owner reviews for personal decision support.

1. Data we collect

With the account owner's explicit OAuth authorization, the app may retrieve and store:

• WHOOP — profile, cycle, recovery, sleep, workout, and body measurement records.
• Withings — weight, body fat, muscle mass, visceral fat, basal metabolic rate, vascular age, and related body composition measurements.
• Manually imported labs — lipid panels, metabolic markers, and inflammation markers supplied by the account owner.

No data is collected from any person other than the account owner. The app does not use cookies, analytics, ad networks, or third-party tracking.

2. How data is used

Data is used solely to render summaries, trends, and decision-support views in this dashboard. The app does not sell data, share data with advertisers, build profiles for third parties, or use data to train external models.

3. Storage and security

• All data is stored on Cloudflare infrastructure (Workers, D1, R2, KV) bound to the operator's account.
• OAuth access and refresh tokens are encrypted at rest with AES-GCM using a key held only as a Cloudflare Worker secret.
• Raw provider payloads may be retained so trend calculations can be reproduced; they are not transmitted off-platform.
• All traffic to and from this site uses TLS 1.2 or higher.

4. Third parties

The app communicates with two categories of third parties, both at the operator's authorization:

• Infrastructure providers — Cloudflare hosts the worker, database, storage, and DNS for health.onecyber.com.
• Data sources — WHOOP (developer.whoop.com) and Withings (developer.withings.com) provide the API endpoints the app queries on the owner's behalf.

5. Revoking access

You can revoke this app's access at any time from the provider side:

• WHOOP — app.whoop.com → Account → Apps & Integrations.
• Withings — account.withings.com → Settings → Authorizations.

After revocation, the app cannot retrieve new data. Previously synced records remain in the app database until the operator removes them.

6. Deletion

As a single-user system, deletion is handled directly by the operator. To remove all stored data (observations, panels, OAuth tokens, raw payloads), the operator can drop the relevant D1 tables and R2 objects. Requests can be sent to the contact address below.

7. Medical disclaimer

Personal Health is a personal tracking and decision-support tool. It is not a medical device and does not provide diagnosis, treatment, or medical advice. Any clinical interpretation should be reviewed with a qualified clinician.

8. Changes to this policy

If material changes are made to how data is collected, used, or stored, this page will be updated and the "Last updated" date above will change.

9. Contact

For privacy questions, contact greg.martin@ghost.security.