The short version. Your health data lives on your device and syncs only through your own private iCloud. Sulis runs no servers that collect your personal health data. There are no analytics or tracking SDKs, no advertising networks, and no accounts required to use the app. We never sell or share your health data. You can export or delete everything from inside the app at any time.
In this policy, "Sulis," "we," "us," and "our" refer to the developer of the Sulis iOS app. "You" means the person using the app. By using Sulis you agree to the practices described here.
What Sulis stores, and where
Sulis is an on-device app. The information you put into it or connect to it — your supplement stack, logged doses, workouts, recovery and vitals, nutrition, bloodwork, appointments, notes, daily readiness scores, daily reads, and (if you choose to track it) cycle information — is stored on your device.
If you are signed in to iCloud and have it enabled, this data syncs across your own Apple devices through Apple's private iCloud (CloudKit) in your personal iCloud account. This sync happens between you and Apple. We do not operate servers that receive, store, or have access to this data, and we cannot read it.
Sulis does not require you to create an account with us, and we do not collect names, email addresses, or contact information through normal use of the app. (Sign in with Apple is available only for optional features and uses Apple's private relay; we do not receive your real email unless you choose to share it.)
Apple Health and connected wearables
With your permission, Sulis reads data from Apple Health — which may include heart rate variability (HRV), resting heart rate, sleep, steps, VO₂ max, respiratory rate, wrist temperature, workouts, and related metrics — and from connected services such as Apple Fitness, Oura, WHOOP, and nutrition apps you link.
This data is used solely to render your readiness score, trends, and insights inside the app. HealthKit data is never sold, never shared with third parties for advertising or marketing, and is never used for any purpose other than providing the app's features to you. You control exactly which Health categories Sulis can read in the iOS Health app or Settings, and you can revoke access at any time.
Bloodwork files
When you import a lab report (for example, a PDF), Sulis reads the markers so it can track your values over time. Imported bloodwork is stored encrypted in your private iCloud alongside your other Sulis data and stays under your control. We do not receive copies of your lab files.
How AI insight works
Sulis can generate plain-language insight in one of two ways, depending on your choice:
- Apple Intelligence (on-device). When you use Apple Intelligence, processing happens on your device. Your health context is not sent to us.
- Your own Claude API key. If you choose to add a Claude API key, the relevant health context needed to generate an insight is sent directly from your device to Anthropic's API to produce that insight, and the response comes back to your device. These requests go from you to Anthropic — they do not pass through any server of ours, and we do not receive, log, or store them. Anthropic's handling of API data is governed by their Privacy Policy and applicable commercial terms. Sulis uses this only to generate the insight you requested and for no other purpose.
Your Claude API key is stored securely in your device's Keychain and is never transmitted to us.
What we do not do
- We do not include third-party analytics, advertising, or tracking SDKs in the app.
- We do not build advertising profiles or track you across other apps or websites.
- We do not sell, rent, or trade your data.
- We do not operate servers that collect your personal health data.
This website (sulisapp.com) is a static informational site. Visiting it does not require you to provide personal information.
Your control over your data
Because your data lives on your device and in your iCloud, you remain in control of it:
- Export. You can export your data from within the app.
- Delete. You can delete your data from within the app. Deleting the app removes its on-device data; you can also remove its iCloud data from your iCloud settings.
- Revoke access. You can revoke Health and connected-service permissions at any time in iOS Settings.
Children's privacy
Sulis is not directed to children under 13 (or the equivalent minimum age in your jurisdiction), and we do not knowingly collect personal information from children. Sulis is intended for use by adults managing their own health. If you believe a child has provided information to us, please contact us so we can help.
Changes to this policy
If we update this policy, we will revise the effective date above and post the updated version on this page. Material changes will be made clear.
Contact
Questions about privacy? Email privacy@sulisapp.com.