Attune
Privacy Policy
Last updated: April 6, 2026
Attune is a hormone-intelligent health and fitness app designed for women 35 and older. This Privacy Policy explains what data we collect, how we use it, who we share it with, and your rights regarding that data. Please read it carefully before using the app.
Attune processes sensitive health data including menstrual cycle information, body photographs, and blood work results. By using the app you consent to the collection and processing of this data as described in this policy.
1. Information We Collect
We collect the following types of information when you use Attune:
- Account data: email address, name, date of birth, and profile details you provide during signup.
- Health and fitness data: menstrual cycle dates, cycle length, period length, workout logs, exercise weights and reps, daily readiness check-in responses, body measurements, weight, height, dietary preferences, intolerances, and health goals.
- Body photographs: progress photos you choose to upload for AI-powered body composition analysis. These are stored securely and are never shared with third parties except as described in section 4.
- Blood work data: photographs of laboratory results you choose to upload for AI-powered biomarker interpretation. This is sensitive medical data and is treated with the highest level of care. It is never shared with third parties except as described in section 4.
- Meal and nutrition data: meal plans generated for you and any dietary information you provide.
- Usage data: app interactions and feature usage collected through analytics services to help us improve the app.
- Purchase data: subscription status and purchase history managed through RevenueCat. We do not store your payment card details at any point.
2. How We Use Your Information
- To generate personalised AI-powered workout plans tailored to your cycle phase, readiness score, and body composition.
- To generate personalised AI-powered meal plans based on your profile, dietary preferences, and hormonal phase.
- To analyse body photographs and provide body composition insights that inform your workout programming.
- To analyse blood work photographs and provide educational biomarker interpretation to support your health awareness.
- To provide cycle phase tracking, daily readiness scoring, and AI-generated health insights.
- To manage your subscription and process payments through RevenueCat.
- To understand how the app is used through anonymised analytics so we can improve features.
- To send you important notifications about your account or the app where you have consented.
We do not sell your personal data to any third party. We do not use your data for advertising purposes.
3. AI Processing of Sensitive Health Data
Attune uses artificial intelligence to analyse body photographs and blood work results. This processing is performed by Anthropic's Claude AI models via a secure API connection. When you submit a photograph for analysis:
- The image is transmitted securely to Anthropic's API for processing.
- Anthropic processes the image to generate an analysis response.
- The analysis result is stored in your Attune account.
- Your images and analysis results are not used to train AI models.
AI analysis of body photographs and blood work results is for educational and wellness purposes only. It is not a medical diagnosis, does not constitute medical advice, and should never replace consultation with a qualified healthcare professional. Always consult your doctor before making health decisions based on AI-generated insights.
4. Third-Party Services
Attune uses the following third-party services. Each has its own privacy policy and data practices:
- Supabase — database, file storage, and authentication. Your data is stored in the Asia Pacific region (Seoul, South Korea). supabase.com/privacy
- Anthropic — AI language model provider used for body photo analysis, blood work interpretation, workout plan generation, meal plan generation, and exercise instructions. Body photographs and blood work images are transmitted to Anthropic for processing. anthropic.com/privacy
- RevenueCat — subscription and in-app purchase management. Handles all payment processing. revenuecat.com/privacy
- Amplitude — anonymised usage analytics to understand how the app is used. No personally identifiable health data is shared with Amplitude. amplitude.com/privacy
- PostHog — product analytics and event tracking to understand feature usage. No personally identifiable health data is shared with PostHog. posthog.com/privacy
- USDA FoodData Central — nutritional data API used for the Dining Out Advisor feature. Your restaurant queries are sent to the USDA API. No personal health data is shared. fdc.nal.usda.gov/privacy-policy
5. Body Photographs and Blood Work Images
Photographs you upload are stored in encrypted cloud storage provided by Supabase. Access is restricted to your account only. We apply the following protections:
- Images are stored with access controls that prevent any other user from viewing your photos.
- Images are transmitted over encrypted connections at all times.
- Images are shared only with Anthropic for the purpose of generating your requested analysis.
- Images are not used for any marketing, advertising, or model training purpose.
- You can request deletion of all photographs and associated analysis data at any time.
6. Data Storage and Security
Your data is stored using Supabase infrastructure hosted in the Asia Pacific region in Seoul, South Korea. We use industry-standard encryption for data in transit (TLS) and at rest. Access to your data is controlled through authentication tokens and row-level security policies that ensure only you can access your personal information.
7. Data Retention
We retain your data for as long as your account remains active. If you delete your account, we will delete your personal data, health data, photographs, and analysis results within 30 days. Some anonymised usage data may be retained in analytics systems for a longer period as it cannot be linked back to you.
8. Your Rights
You have the following rights regarding your personal data:
- Access: you can request a copy of the personal data we hold about you.
- Correction: you can update your profile data directly in the app at any time.
- Deletion: you can delete your account and all associated data through the app or by contacting us.
- Portability: you can request an export of your data in a structured format.
- Objection: you can object to certain types of processing including analytics tracking.
If you are located in the European Economic Area, United Kingdom, or a jurisdiction with similar data protection laws, you have additional rights under applicable legislation including the right to lodge a complaint with a supervisory authority.
9. Children's Privacy
Attune is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has created an account, please contact us immediately and we will delete the account and associated data.
10. International Data Transfers
Attune is operated from the United Arab Emirates. Your data may be processed by third-party services located in the United States and other countries. By using Attune you consent to the transfer of your data to these countries, which may have different data protection laws than your country of residence.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make significant changes we will notify you through the app or by email before the changes take effect. The date at the top of this page indicates when the policy was last updated. Continued use of the app after changes are made constitutes acceptance of the updated policy.
12. Contact Us
If you have any questions about this Privacy Policy, want to exercise your data rights, or need to report a privacy concern, please contact us at:
hello@attuneapp.io