What we collect. Where it goes. How we delete it.

1. What we collect

Akros collects only what is needed to calibrate your plan: a relayed email address from Sign in with Apple (we never see your real address unless you choose to share it), any health data you choose to import (lab PDFs, wearable readings, selfies, meal photos), and basic device + app telemetry. We do not buy data from third parties. We do not run third-party trackers or ad pixels on the marketing site or in the apps.

2. How your data is used

Inputs you provide are used to generate your monthly plan, weekly insights, daily score, and shareable progression cards. Akros AI never trains foundation models on your data; the model providers below operate under contractual no-training-on-user-data terms or equivalent. We do retain a minimal copy of derived analytics (e.g., your Akros Score history) to render trend charts; you can delete this any time from Settings.

3. Subprocessors

Akros relies on the following service providers to operate. Each operates under its own privacy and security obligations; we maintain a Data Processing Addendum or equivalent with each one. If we add a new subprocessor we will update this list and notify active subscribers by email at least 30 days in advance.

• Anthropic, Inc. · United States
  Clinical reasoning (bloods, DEXA, skin/face/body photos, sleep+recovery). Operates Claude Opus 4.7 (bloods analysis), Claude Sonnet 4.6 (specialist agents + voice chat with PHI), and Claude Haiku 4.5 (lightweight routing). BAA-eligible.
• Cloudflare, Inc. · Global edge (USA-headquartered)
  Workers runtime, AI Gateway, Workers AI inference (the Kimi K2.6 model runs on Cloudflare-operated GPUs), object storage, DNS. Cloudflare may route certain inference requests to underlying model providers under its own Data Processing Addendum.
• Voyage AI, Inc. · United States
  Search and retrieval (embeddings and reranking of our internal knowledge base).
• Deepgram, Inc. · United States
  Voice transcription for voice-logging features.
• Supabase, Inc. · Singapore region (ap-southeast-1)
  Database (Postgres with row-level security), encrypted object storage for reports and selfie baselines, and server-managed envelope-key metadata.
• Stripe, Inc. · United States
  Web-based subscription billing for users who subscribe on akros.life instead of through the App Store. Apple StoreKit handles in-app subscriptions and never exposes your card to us.
• Resend, Inc. · United States
  Transactional email — subscription receipts, trial-end reminders, account-deletion confirmations, data-export confirmations. Reply-to is hello@akros.life and a human reads every reply.
• Sentry, Inc. · United States
  Error monitoring (technical logs; no personal health data sent intentionally).
• Apple Inc. · United States
  App Store distribution, in-app purchase processing (where applicable), Push notifications, HealthKit data access — all per your iOS/Mac device permissions.

Akros does not currently route inference requests directly to providers operating from mainland China. The underlying Kimi K2.6 model runs on Cloudflare-operated GPUs — your data does not leave the Cloudflare tenancy.

4. Where your data lives geographically

Database and object storage are hosted in Singapore (ap-southeast-1) by Supabase. Inference runs at the Cloudflare edge nearest your request, typically within your region. Anthropic, Voyage, Deepgram, and Stripe operate from the United States. Cross- border data transfers from EU/UK to the United States are governed by Standard Contractual Clauses; transfers to Singapore rely on Australia and India adequacy + APP 8 / DPDPA equivalents.

5. Your rights

Under GDPR (EU/UK), CCPA / CPRA (US states), the Australian Privacy Principles, India’s DPDP Act, PIPEDA (Canada), LGPD (Brazil), and POPIA (South Africa), you have the following rights with respect to your data:

Access

See every piece of data we hold about you in the in-app data-export view.

Rectification

Edit or correct any field in the app. Bloods PDFs can be re-uploaded.

Erasure

Delete your account inside the app — every row in our database tied to you is hard-deleted within 30 days.

Portability

Export your full data set as JSON at any time from inside the app (Settings → Privacy → Export my data). One tap, no charge, no friction. The export ships to iOS share sheet — we keep no server-side copy.

Restriction & objection

Disconnect any wearable or lab integration with one tap; the data ingested via that integration is purged immediately.

Withdraw consent

Mute non-transactional emails per category at Settings → Notifications. Disconnect any wearable or lab integration with one tap. Sign-in, billing receipts, and deletion confirmations remain (required for transparency, security, and GDPR/CCPA compliance).

6. Children

Akros is intended for users 13 years and older. Parental consent is required for users under 18 in jurisdictions where this applies. We do not knowingly collect data from children under 13. If you believe a child under 13 has signed up, email privacy@akros.life and we will delete the account immediately.

7. Security

Data in transit is protected by TLS 1.3. Data at rest in Supabase is encrypted via AES-256. Blood reports and selfie photos are additionally protected by per-user row-level security in Postgres. Sunday Selfie pose uploads are encrypted before storage and associated with a server-managed per-user envelope key recorded through pgsodium metadata. This is not a zero-knowledge design: Akros can decrypt the file when needed to generate your share card. The zero-knowledge client-side key path is a future hardening milestone. We do not retain ML training datasets that include your data.

Raw PDF reports are retained only so failed or partial extractions can be retried and audited by you. Share-card PNGs are public-readable only when you create or share a public progress link.

8. Changes to this policy

We will email active subscribers at least 30 days before any material change to this policy. The Effective Date above will be updated accordingly. Prior versions are archived; email privacy@akros.life for access. Section 9 below describes our additional commitment if Akros is ever acquired.

9. If Akros is ever acquired

This Privacy Policy survives any acquisition, merger, or change of ownership of Akros. Any successor entity must honour the same subprocessor list, the same zero-training promise, the same one-tap deletion workflow, and the same export-on-request affordance described above.

If the successor entity wants to change any of these terms in a way that weakens your rights, you will receive at least 90 days' notice and a one-tap "export everything and delete my account" affordance before the change takes effect. Your continued use after that 90-day window will be taken as consent to the revised terms; if you do not consent, you can export and delete in a single tap.

This clause is included because we believe data trust must survive the company, not just the founders. We will publish any acquisition publicly within 7 days of signing, including the named successor entity's data-handling commitments.

10. Contact

Mitsi Agarwal, Akros (Sydney, NSW, Australia). For privacy enquiries: privacy@akros.life.