Privacy Policy

Last updated: March 7, 2026

HeatLab is built with privacy as a core principle. Your health and workout data belongs to you, and we've designed the app to keep it that way.

What Data HeatLab Collects

When you use HeatLab, the app stores the following information:

• Workout data (heart rate, duration, calories burned)
• Session metadata (date, time, workout type)
• Temperature readings you enter for each session
• Custom tags and notes you add to sessions
• App preferences and settings

What We Do NOT Collect

We do not have access to your health data. Specifically:

• Your workout data is never sent to our servers
• We do not use third-party analytics that track your health information
• We do not sell, share, or monetize your personal data
• We do not use advertising trackers

Where Your Data is Stored

All your HeatLab data is stored:

• Locally on your device — Your iPhone and Apple Watch store your session data
• In your private iCloud account — If you have iCloud enabled, your data syncs across your devices using your personal iCloud storage. Only you have access to this data.

We cannot access, view, or retrieve your workout data because it never leaves your devices and iCloud account.

Apple HealthKit Integration

HeatLab integrates with Apple HealthKit to read workout data (with your permission). This integration:

• Only accesses data you explicitly grant permission for
• Reads data locally on your device
• Never transmits HealthKit data to external servers

Garmin Connect Integration

If you choose to connect your Garmin account, HeatLab can import your workout data from Garmin Connect. Here's how we handle this:

• User consent — Connection happens via Garmin's official OAuth flow. You explicitly authorize HeatLab to access your workout data.
• What we access — Activity details and heart rate data for workouts you choose to import (yoga, pilates, barre, etc.)
• On-device processing — Imported workout data is processed on your device and stored locally, just like other HeatLab sessions
• Token storage — HeatLab's backend stores only the authentication tokens needed to access Garmin on your behalf. These tokens are encrypted at rest. We do not store your workout or health data on our servers.
• Disconnect anytime — You can disconnect Garmin from HeatLab at any time in the app settings. This immediately deletes your stored authentication tokens.
• Delete imported data — Any workouts imported from Garmin can be deleted from within the app, just like any other session.

We do not sell, share, or use your Garmin health data for advertising or any purpose other than providing you with workout analysis within HeatLab.

AI Insights

If you use AI-powered insights (available on devices with Apple Intelligence), this processing happens entirely on your device. Your data is not sent to external AI services.

How to Delete Your Data

You have full control over your data:

• Delete individual sessions — Swipe to delete any session within the app
• Delete all data — Uninstall the app to remove all local data. If you use iCloud sync, your data will also be removed from iCloud.
• Request deletion — Contact us at [email protected] if you need assistance

Data Export

You can export your session history at any time from the app settings. Your data is yours to keep.

Children's Privacy

HeatLab is not intended for children under 13. We do not knowingly collect information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes through the app or by updating the "Last updated" date above.

Contact Us

If you have questions about this Privacy Policy or your data, please contact us:

Email: [email protected]

← Back to HeatLab