Last updated: April 2026
Kin Health Ltd ("Kin", "we", "us") operates the Kin iOS application. This Privacy Policy explains what information we collect, how we use it, where it is stored, and the choices you have. We collect only what we need to run the service, and we do not sell your data or use it for advertising.
To provide the service, we collect and store the following:
Your data is stored locally on your device and, if you sign in, synced to our cloud backend so it can be backed up and restored across your devices. Cloud storage is provided by Supabase, which hosts our PostgreSQL database. Data is encrypted in transit using TLS and encrypted at rest by the underlying infrastructure. Access to the database is restricted to authenticated systems and authorized personnel. You can delete all of your data at any time from Settings inside the app.
We do not use your data for advertising, and we do not sell your personal information to third parties.
When you interact with the AI coach, the relevant context — your conversation messages and a summary of your fitness profile (goals, training preferences, and recent workout or nutrition entries needed to answer you) — is sent to Anthropic's Claude API to generate a personalized response. Anthropic processes the request to return a reply and, under their API data usage policy, does not use this data to train their models. We do not send raw health data, passwords, payment information, your Apple identifier, or your email to Anthropic.
Conversations are stored locally on your device and, if you are signed in, optionally synced to your encrypted Supabase account so they are available across your devices. You can delete your conversations and all other data at any time from Settings inside the app.
If you log activities by voice, the audio is sent to OpenAI's Whisper API for speech-to-text transcription, and the resulting text is processed like any other entry. OpenAI's API data usage policy applies; OpenAI does not use audio submitted to the API to train their models. We do not retain audio recordings after transcription completes.
Crash reporting is opt-in. If you enable "Share Crash Reports" in Settings, we use Sentry to receive anonymized crash reports and performance diagnostics so we can fix bugs and improve reliability. Sentry receives stack traces, device model, OS version, app version, and performance metrics. We do not send your name, email, fitness data, nutrition entries, or coaching messages to Sentry. You can turn this setting off at any time, and no crash data is collected when it is disabled.
We may use a privacy-respecting product analytics provider (such as Mixpanel or PostHog) to collect anonymized usage data that helps us understand how Kin is used and improve the experience. The events we may collect include screen views, feature usage frequency, and session duration. Analytics events do not include your name, email, Apple identifier, payment details, fitness or nutrition data, body metrics, or any content from your AI coaching conversations. We do not use analytics for advertising or sell any analytics data, and we do not combine analytics with third-party data sources to build a profile of you. Where required by law, we will request your consent before enabling analytics.
We use a small number of trusted service providers to operate Kin. Each handles only the data needed for its function:
We do not use any third-party advertising networks, ad trackers, or analytics services that build a profile of you.
We retain your account data and synced content for as long as your account is active. If you delete your account, we delete the associated data from our systems, subject to the exceptions noted below.
You can delete your account and all associated cloud data at any time from Settings inside the app, or by emailing us at artemis.ops@proton.me. On deletion, we remove your authentication record and your stored workout, nutrition, profile, and coaching data from our Supabase database. Anonymized crash reports, anonymized analytics events, and minimal records we are required to keep for legal, tax, or fraud-prevention reasons may be retained.
Depending on where you live, you have rights regarding your personal information. Under the EU/UK GDPR and similar laws, these include:
You can exercise these rights from within the app or by contacting us at artemis.ops@proton.me. We will respond within the timeframe required by applicable law.
Kin is not directed to children under 16 and we do not knowingly collect personal information from them. If you believe a child has provided us with personal information, please contact us so we can delete it.
Kin Health Ltd is based in the United Kingdom. Our service providers may process your data in the United States, the European Union, or other regions where they operate. Where required, we rely on appropriate safeguards such as standard contractual clauses for these transfers.
We use industry-standard measures to protect your data, including TLS encryption in transit, encryption at rest, access controls, and authentication tokens managed by Supabase Auth. No system is perfectly secure, but we work to keep your information safe and to disclose any incidents that affect you as required by law.
We may update this Privacy Policy from time to time. When we make material changes, we will notify you in the app or by updating the "Last updated" date above. Continued use of Kin after changes take effect constitutes acceptance of the updated policy.
If you have questions about this Privacy Policy or how we handle your data, contact Kin Health Ltd at artemis.ops@proton.me.