Privacy Policy
Last updated: July 2026
Overview
Kinosis ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal and health information when you use the Kinosis health protocol management platform, including our WhatsApp assistant, our mobile app, and connected data sources such as wearables and health platforms.
By using Kinosis, you agree to the collection and use of information in accordance with this policy.
Information We Collect
We collect information that you voluntarily provide through the WhatsApp assistant or the mobile app, and — only with your explicit authorization — data from health platforms and wearables you choose to connect:
- Health Information: Symptoms, meals, activities, moods, medications, and life events you share with us
- Medical Documents: Lab reports, medical images, and other documents you upload
- Connected Sources: With your consent, health and fitness data from wearables and platforms you link — including Oura, WHOOP, Apple Health, and the Google Health API (see the "Google Health API Data" section below)
- Contact Information: Your phone number
- Usage Data: Conversation history, timestamps, and interaction patterns
How We Use Your Information
We use your information to:
- Provide and maintain our health memory service
- Remember and organize your health information
- Generate summaries and reports at your request
- Improve and personalize our service
- Send you reminders and check-ins (with your consent)
Data Storage and Security
We take the security of your health information seriously:
- All data is encrypted in transit and at rest
- We use secure cloud infrastructure with industry-standard protections
- Access to your data is strictly limited to authorized systems
- We do not sell or share your personal health information with third parties for marketing purposes
AI Processing
We use artificial intelligence (Claude by Anthropic) to understand your messages and extract health information. Your conversations are processed to:
- Identify symptoms, meals, activities, and other health data
- Analyze food photos for nutritional estimates
- Extract information from medical documents
- Generate conversational responses
Google Health API Data
If you choose to connect a Google account through the Google Health API, Kinosis reads only the health data types you consent to, and only to provide features you have requested. Specifically, we may access:
- Sleep — sleep sessions, stages, and duration, to build your sleep history and track sleep-related protocol targets.
- Activity and fitness — steps, workouts, active energy, and distance, to track physical-activity targets and your adherence score.
- Health metrics and measurements — such as weight, body fat, blood pressure, blood glucose, resting heart rate, heart-rate variability, and blood oxygen, to build your biomarker history and measure whether your protocol is working over time.
- Nutrition — logged meals, calories, and macro/micronutrients, to complete your dietary history and correlate nutrition with your other health data.
- Exercise location (GPS) — route and location data associated with your workouts, to add geographic and environmental context to your activity history.
- Irregular rhythm notifications — heart-rhythm alerts recorded by your device, stored as part of your cardiovascular history.
- ECG — electrocardiogram readings recorded by your device, stored as part of your cardiovascular history.
- Basic profile — a user identifier and basic attributes, to link the connection to your Kinosis account and personalize evidence-based targets.
We access this data on a read-only basis. We use it solely to provide and improve the user-facing features of Kinosis described in this policy — your personal health history, protocol adherence and efficacy metrics, and personalized insights. We do not use Google Health API data for advertising, we do not sell it, and we do not transfer it to third parties except as necessary to provide or improve these features, to comply with applicable law, or as part of a merger or acquisition with your consent. We do not allow humans to read this data unless we have your affirmative consent to do so, it is necessary for security purposes (such as investigating abuse), to comply with applicable law, or the data has been aggregated and anonymized.
Kinosis's use of information received from the Google Health API and/or Google Developer Tools will adhere to the Google Health API Developer and User Data Policy, including the Limited Use requirements.
You can disconnect your Google account at any time from the Kinosis app. On disconnection we stop accessing new Google Health data. You may also request deletion of previously imported Google Health data, which we will remove from your Kinosis account. Data already synced remains part of your health history until you disconnect or request its deletion.
Data Retention
We retain your health information for as long as your account is active or as needed to provide you services. You can request deletion of your data at any time by contacting us. Health data imported from connected sources (including the Google Health API) is deleted when you disconnect the source and request its removal, or when you delete your account.
Your Rights
You have the right to:
- Access your personal data
- Request correction of inaccurate data
- Request deletion of your data
- Export your data in a portable format
- Opt out of promotional communications
Third-Party Services
Our service operates through WhatsApp (Meta) and uses Anthropic's AI services. We also use Amazon Web Services (AWS) for cloud infrastructure, and — where you connect them — health platforms and wearables such as the Google Health API, Oura, and WHOOP. These third parties have their own privacy policies, and we encourage you to review them.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.
Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us at: