The short version
Your data is yours. We encrypt it end-to-end. We don't sell it. We don't share it. We don't look at it. If you delete your account, we delete your data — for real.
What data we collect
When you use Claito, we collect:
- Account information: Your email address and name, used for authentication and communication.
- Metric data: Data you connect or enter (health metrics, financial data, custom metrics, etc.). This data is end-to-end encrypted — we cannot read it.
- Anonymized aggregates: We compute anonymized, aggregated statistics (like median values by age group) to power benchmarks. These aggregates cannot be traced back to any individual.
- Usage data: Basic analytics (pages visited, features used) to improve the product. We use privacy-respecting analytics with no third-party trackers.
How we use your data
- To display your personal dashboard and visualizations
- To compute your benchmarks and percentile rankings
- To detect trends and send you relevant insights
- To improve the Claito product and user experience
How we protect your data
- End-to-end encryption: Your metric data is encrypted on your device before being sent to our servers. We hold encrypted blobs we cannot decrypt.
- Differential privacy: Benchmark statistics are computed using differential privacy techniques, ensuring individual data points cannot be reverse-engineered from aggregates.
- Infrastructure: We use SOC 2-compliant cloud infrastructure with encryption at rest and in transit.
- Access controls: Only essential engineering staff have access to infrastructure, and no one has access to your encrypted data.
What we don't do
- We never sell your data to third parties.
- We never share your individual data with advertisers.
- We never use your data for ad targeting.
- We never train machine learning models on your personal data.
Third-party integrations
When you connect a data source (e.g., Apple Health, Strava, Plaid), we access your data through their official APIs using OAuth. We only request the minimum permissions needed. You can disconnect any integration at any time, and we'll delete the associated data.
Data retention & deletion
You can delete your account and all associated data at any time from Settings. When you delete your account, we permanently erase all your data within 30 days. Anonymized aggregate statistics that have already been computed are retained, as they cannot be traced back to you.
Your rights
You have the right to:
- Access all your data (via export)
- Correct inaccurate data
- Delete your data and account
- Port your data to another service (CSV/JSON export)
- Opt out of anonymized benchmarking