01
Who We Are
PulseAnvil is an iOS workout tracking application developed and operated by TrueNorthTactics ("we", "us", or "our"). This Privacy & Security Policy explains how PulseAnvil handles information when you use the app.
We have designed PulseAnvil from the ground up with a privacy-first architecture. The simplest summary: your health and workout data belongs to you, lives on your devices, and is never monetised.
02
Data We Access & Why
PulseAnvil requests access to the following categories of data solely to provide core app functionality. We do not access any data beyond what is necessary.
| Data Type | Purpose | Stored Where |
|---|---|---|
| Workout history & session logs | Track completed workouts, duration, and split times | On-device Private iCloud |
| Heart rate (via HealthKit) | Calculate intensity score and HR zone distribution | On-device only |
| Resting & max heart rate (HealthKit) | Personalise intensity calculations | On-device only |
| Active energy burned (HealthKit) | Session metrics and calorie estimates | On-device only |
| Distance — walking, running, cycling, swimming (HealthKit) | Estimate workout distance for relevant categories | On-device only |
| Body mass & height (HealthKit) | Contextualise performance metrics | On-device only |
| Biological sex & date of birth (HealthKit) | Calculate age-adjusted HR zones | On-device only |
| App preferences (theme colour, units, appearance) | Personalise the app interface | On-device |
| Subscription status | Gate premium features | On-device |
| Your name or email (if signed in) | Account identification only | On-device |
03
HealthKit Data — Special Protections
All HealthKit reads and writes happen locally on your iPhone or Apple Watch. When HealthKit sync is enabled, PulseAnvil reads data from Apple's Health app to enrich your workout metrics (heart rate zones, intensity score, Progress Pulse). It also writes completed workouts back to Health so your activity rings and health records remain accurate.
HealthKit data is processed entirely on-device. It is never uploaded to PulseAnvil servers, never included in analytics payloads, and never shared with third-party SDKs.
You can revoke HealthKit permissions at any time in iOS Settings → Privacy & Security → Health → PulseAnvil. Revoking access disables the relevant metric features but does not affect your workout history stored in PulseAnvil's own database.
04
iCloud & Data Sync
Premium subscribers may sync workout history across their devices using Apple's private CloudKit container. This sync uses Apple's end-to-end encrypted private iCloud infrastructure — PulseAnvil has no access to data stored there. Not even we can read it.
Free-tier users store all data locally on their device only. No sync occurs.
You can disable iCloud sync or delete all PulseAnvil iCloud data from iOS Settings → [Your Name] → iCloud → Manage Account Storage.
05
Our Commitments to You
No data sales
We do not sell, rent, or trade your personal or health data to any third party, ever.
No advertising
PulseAnvil contains no advertising SDKs and no advertising-based tracking.
No research sharing
We do not share health data with research institutions or data aggregators.
No behavioural profiling
We do not build advertising profiles or behavioural models from your usage.
No external servers
HealthKit data never leaves your device or your private iCloud container.
Minimal collection
We request only the permissions required to deliver the features you use.
06
Third-Party Services
PulseAnvil uses the following Apple platform services. No independent third-party analytics or advertising SDKs are included.
| Service | Provider | Data Shared |
|---|---|---|
| HealthKit | Apple Inc. | Health data read/written locally; governed by Apple's HealthKit policies |
| CloudKit (Private) | Apple Inc. | Encrypted workout history (premium only); Apple cannot read it |
| StoreKit / App Store | Apple Inc. | Subscription receipt validation only; no health data involved |
| Sign in with Apple | Apple Inc. | Anonymous user token and optional email only |
07
Children's Privacy
PulseAnvil is intended for users aged 17 and older. We do not knowingly collect personal information from anyone under 13. If you believe a child under 13 has provided us with personal information, please contact us immediately and we will delete it.
08
Your Rights & Data Deletion
Because PulseAnvil stores your data on-device and in your own private iCloud, you retain full control at all times:
Delete app data: Delete the PulseAnvil app from your iPhone. All SwiftData records are removed automatically.
Delete iCloud data: iOS Settings → [Your Name] → iCloud → Manage Account Storage → PulseAnvil → Delete Data.
Revoke HealthKit: iOS Settings → Privacy & Security → Health → PulseAnvil → disable all permissions.
Request account deletion: Email us at support@pulseanvil.app and we will delete any account-related records within 30 days, in compliance with App Store guidelines.
09
Security Measures
We take security seriously. PulseAnvil relies exclusively on Apple platform security:
Encryption at rest: All on-device data is encrypted by iOS when your device is locked. iCloud data uses Apple's end-to-end encryption for private containers.
No custom backend: Because there is no PulseAnvil server storing your health data, there is no PulseAnvil server to breach.
App Transport Security: All network communication (e.g., subscription validation) uses HTTPS with ATS enforced.
10
Changes to This Policy
We may update this policy to reflect changes in the app or applicable law. Material changes will be communicated via an in-app notice before they take effect. The "Effective" date at the top of this page always reflects the most recent revision. Continued use of PulseAnvil after the effective date constitutes acceptance of the revised policy.
11
Contact Us
Questions, concerns, or data deletion requests? We respond within 48 hours on business days.