Privacy Policy

Effective Date: January 17, 2026 | Last Updated: January 17, 2026

1. Overview

Risi AI ("the App", "we", "us", or "our") is a privacy-first wellness companion designed to provide health insights entirely on your device. We are committed to protecting your privacy and ensuring you have full control over your personal health data.

2. Data Collection Summary

We do not collect any personal data. Risi AI operates with a zero data collection architecture:

• No accounts required - Use the app without creating an account or providing personal information
• No cloud services - All data processing occurs locally on your device
• No analytics or tracking - We do not use third-party analytics, advertising, or tracking services
• No data transmission - Your health data never leaves your device
• No third-party SDKs - We do not include third-party analytics, advertising, or data collection SDKs

3. HealthKit Data

Risi AI integrates with Apple HealthKit to provide wellness insights.

3.1 Data Types Accessed

With your explicit permission, Risi AI may read the following HealthKit data types:

• Activity and workout data (steps, exercise minutes, active calories)
• Sleep analysis and sleep stages
• Heart rate and heart rate variability (HRV)
• Resting heart rate and walking heart rate
• Mindfulness minutes
• Body measurements (weight, body fat percentage, BMI)
• VO2 Max and cardio fitness data
• Cardio recovery metrics
• State of Mind (iOS 18+)
• Daylight exposure time

3.2 How We Use HealthKit Data

• All HealthKit data is processed locally on your device
• Data is used solely to calculate your Wellness Score and provide personalized insights
• The on-device AI analyzes patterns to offer wellness suggestions
• No HealthKit data is ever transmitted, stored externally, or shared with any third party

3.3 HealthKit Compliance

In accordance with Apple's HealthKit guidelines:

• We do not use HealthKit data for advertising or user tracking
• We do not sell or share HealthKit data with third parties
• We do not use HealthKit data to build user profiles for advertising

3.4 Your Control

• You may revoke HealthKit access at any time via iOS Settings > Privacy & Security > Health > Risi AI
• Deleting the app removes all locally stored preferences and cached data
• You may selectively enable or disable individual health data types

4. On-Device AI Processing

Risi AI uses Apple's MLX framework to run a local AI model:

• The AI model runs entirely on your device using Apple Silicon
• No prompts, responses, or health data are sent to external servers
• Your conversations with the AI remain completely private
• The AI cannot access any data outside of what you explicitly share within the app
• Model weights are downloaded once during initial setup and stored locally

5. Data Storage

All data is stored locally on your device:

• Preferences - App settings stored in iOS UserDefaults
• Conversation history - Stored locally, never transmitted
• Wellness calculations - Computed on-demand, not persistently stored
• Goals and reminders - Stored locally using iOS standard frameworks

5.1 Data Retention

• All data remains on your device until you delete the app
• Uninstalling Risi AI removes all app data from your device
• HealthKit data is managed by Apple Health and is not affected by uninstalling Risi AI

6. Third-Party Services

Risi AI does not integrate with any third-party services that collect user data. The only external integrations are:

• Apple HealthKit - Read-only access to health data you authorize
• Apple Game Center (optional) - For wellness achievements and leaderboards, governed by Apple's privacy policy
• Apple EventKit (optional) - For calendar integration, governed by Apple's privacy policy

No user data is shared with these services beyond what is required for their standard functionality.

7. Children's Privacy

Risi AI does not knowingly collect any information from children under 13 (or the applicable age in your jurisdiction). The app is designed for general audiences interested in wellness tracking. If you believe a child has provided us with personal information, please contact us immediately.

8. International Users

8.1 GDPR Compliance (European Economic Area)

Since Risi AI does not collect, process, or store personal data on external servers, GDPR rights are automatically satisfied:

• Right to Access - All your data is on your device
• Right to Rectification - You can modify your data directly in the app
• Right to Erasure - Delete the app to remove all data
• Right to Portability - Your HealthKit data remains in Apple Health
• Right to Object - No external data processing to object to

8.2 CCPA Compliance (California Residents)

In compliance with the California Consumer Privacy Act:

• We do not sell personal information
• We do not share personal information for cross-context behavioral advertising
• Since we collect no personal information, opt-out rights are automatically satisfied

8.3 Other Jurisdictions

Risi AI's architecture ensures compliance with privacy regulations worldwide by not collecting personal data.

9. Security

We implement security best practices:

• All local data storage uses iOS secure storage mechanisms
• The app follows Apple's security guidelines for HealthKit integration
• No network connections are made for data collection purposes

10. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be reflected in the "Last Updated" date above. Continued use of the app after changes constitutes acceptance of the updated policy. Significant changes will be communicated through app updates.

11. Contact Us

If you have questions about this Privacy Policy or the app's privacy practices, please contact us:

Email: privacy@risi.ai

Developer: Andrei Lyskov
Location: San Francisco, California, USA

12. Your Rights Summary

This privacy policy complies with Apple App Store requirements, GDPR, CCPA, and applicable privacy laws.