Holna Privacy Policy

1. What Holna is (and is not)

Holna is a wellness and personal record-keeping tool. It helps you measure, show, track, and export your own health readings and prepare a summary for a doctor's appointment. It does not diagnose, assess risk, predict, score, classify, or interpret your health, and it is not a medical device. The way we handle your data is shaped by that purpose: we hold your health information on your device so that you can look at it and share it, not so that anyone (including us) can analyse it about you. The full position is set out in our Terms of Service.

2. Who we are (data controller)

Holna is published by:

Obscurity Ltd, a private company limited by shares incorporated in Ireland.
Registered office: 71 Lower Baggot Street, Dublin 2, D02 P593, Ireland.
Company Registration Office (CRO) number: 622475.
Contact: contact@holna.app

Obscurity Ltd is the data controller for the limited personal data described in Section 6 (the support emails you choose to send us). Holna is account-free and runs entirely on your device. For your health data specifically, please read Sections 3 and 4: because that data never leaves your device and is never transmitted to us, we have built Holna so that we do not, in any practical sense, act as a controller or processor of it. We cannot access it.

We have considered whether we must appoint a Data Protection Officer under Article 37 of the GDPR, and have concluded that we are not required to, because we do not carry out large-scale processing of special-category data (the health data stays on your device and never reaches us). We have also considered Article 27 (EU representative) and the UK GDPR representative requirement, and will name any such representative here if and when one is required. If our processing ever changes so that an appointment becomes necessary, we will update this section first.

3. The information Holna works with on your device

Holna works with two kinds of information, both held only on your device:

• Apple Health readings. With your permission, Holna reads selected health and fitness data from Apple Health (HealthKit). This typically covers around twelve metric types, for example blood pressure, body weight, resting heart rate, heart rate variability, and steps. You choose what to share, and you can change it at any time in the iOS Settings app or the Apple Health app.
• Your own logs. Anything you enter into Holna yourself, such as a blood pressure reading, a weight, a meal or its macros, a drink, a habit tick, or a note.

Both categories include health information, which is special-category personal data. Holna's entire design exists to protect it.

4. Health data, Article 9, and what "on-device only" means

Health information is special-category personal data under Article 9(1) of the GDPR and attracts the highest level of protection. Here is precisely how Holna treats it.

The data is processed entirely on your device and is never transmitted to Obscurity Ltd.

• Your health readings and logs are stored only on your iPhone, in an encrypted store (Section 9).
• This information is never transmitted to Obscurity Ltd. We operate no servers that receive it, run no analytics, keep no back-end database of users, and make no network calls that send your health data anywhere in version 1 of the app.
• Because the data never reaches us, we cannot read it, copy it, profile you with it, sell it, lose it in a breach of our systems, or be compelled to disclose it, for the straightforward reason that we never hold it.

What this means for lawful basis. The on-device handling Holna performs is carried out on your own device, under your own control, for your own personal purposes. To the extent any lawful basis is engaged for the on-device features, it rests on your explicit decision to grant HealthKit access and to enter your own logs, which aligns with consent (Article 6(1)(a)) and, for special-category health data, explicit consent (Article 9(2)(a)), given and managed by you through the iOS permission system and withdrawable by you at any time without affecting the lawfulness of anything done before withdrawal. Because we never receive the data, we hold no consent record for it and do not need one. We do not rely on legitimate interests for any health data, because we process none.

In short: the architecture is the privacy guarantee. We have deliberately built Holna so that the most sensitive data it touches stays beyond our reach.

5. Scope of this policy

This policy covers the Holna iPhone app, the limited correspondence you may send to Obscurity Ltd, our website at holna.app, and our relationship with Apple. It does not govern how Apple processes your data; Apple is a separate, independent controller for the App Store, your Apple ID, and payments, under Apple's own privacy policy (Section 8).

6. The only information that could actually reach us

Holna is account-free. You do not register, and you do not give us your name, email, or any identifier to use the app. In practice, the only information Obscurity Ltd may receive is:

• Support email you send us. If you contact contact@holna.app, we hold the contents of that correspondence so we can help you and keep a record of the exchange.
  • Purpose: to provide support and respond to you.
  • Lawful basis: our legitimate interest in answering and supporting our users (Article 6(1)(f)). If you choose to include health details in your message, our basis for holding those details is your explicit consent in volunteering them (Article 9(2)(a)); you may ask us to delete them at any time.
  • Please do not include health details you would rather we did not see. You do not need to share any health information to get help.
• Apple's aggregate developer reporting. When you download Holna or buy a subscription, Apple gives us aggregate, anonymised sales and download figures through App Store Connect. We do not receive your name, payment details, or Apple ID, and we cannot identify you from them.

We do not run third-party analytics, advertising, crash-reporting SDKs, or trackers in version 1.

7. HealthKit data and Apple's rules

Holna uses Apple's HealthKit framework to read the readings you choose to share, and, if you ask it to, to write a reading you logged back into Apple Health. Apple sets strict rules for apps that use HealthKit, and Holna follows all of them:

• Holna uses HealthKit data only to provide the app's features to you on your device: to show your readings, build your trends, and create the report you export yourself.
• Holna never uses HealthKit data for advertising, marketing, or use-based data mining, and never sells it.
• Holna does not share HealthKit data with any third party.
• Holna does not store HealthKit data in iCloud or any other cloud service. Apple prohibits storing HealthKit data in iCloud. In version 1, your data lives on a single device and is not synced.
• When Holna writes a reading back to Apple Health, it writes only the real value you entered, only with your permission, and only on your device. Holna never writes false or inaccurate data into Apple Health.

You choose exactly which readings Holna may see when you first grant access, and you can change or withdraw that permission at any time in the iOS Settings app or the Apple Health app.

8. Your data and Apple (payments and the App Store)

Holna is distributed through Apple's App Store and uses Apple's technologies to read your readings and to take payment.

• The App Store and payments. Apple distributes Holna and handles every purchase. When you download the app or buy Holna Plus or the Founder Lifetime option, Apple processes that transaction under Apple's own privacy policy and acts as an independent data controller. We never see or store your card or payment details, your name, or your Apple ID. We receive only aggregate, anonymised sales figures.
• On your device only. Holna keeps your readings and logs in an encrypted store on your iPhone. None of this is sent to Obscurity Ltd.
• You move your data, not us. Your data leaves your phone only when you choose to export a report or an encrypted backup and share it through the iOS share sheet. You decide where it goes.

9. How your data is protected on the device

• Your health data and logs are kept in an encrypted store on your iPhone.
• The encryption key is held in the device's Secure Enclave / Keychain and is gated by Face ID (or your device passcode). The key is configured so that it is available only when the device is unlocked, never leaves the device, and is invalidated if your enrolled biometrics change.
• Apple's own platform protections (device encryption, app sandboxing) apply on top of this.

You can delete all of Holna's data at any time from the app's Settings, and removing the app removes its on-device store. Because we hold none of your health data, there is nothing of yours on our systems to breach; the security of the data on your device depends on you keeping your device, passcode, and biometrics secure.

10. No profiling, no automated decisions, no ads, no selling

In version 1 of Holna, and as a matter of design:

• There is no profiling and no automated decision-making producing legal or similarly significant effects (Article 22 does not apply). Holna is descriptive only: it measures, shows, tracks, and exports your readings. It does not score, classify, predict, diagnose, or interpret your health.
• There are no third-party analytics or tracking SDKs, and Holna does not track you across other apps or websites.
• There is no advertising, and no data brokers or third parties receive your information.
• Your data is never sold or monetised. Our revenue comes only from people choosing to pay for Holna Plus.

If any of this ever changes, we will update this policy and the App Store privacy declarations before the new version ships, explain plainly what is changing, and never reduce your protections without telling you clearly first.

11. Your App Store privacy label

In the App Store, every app shows a privacy "nutrition label". Holna's reads "Data Not Collected" across every category. Under Apple's definition, an app "collects" data only when it sends that data off your device so the developer or a partner can reach it. Holna does not do that: your readings stay in the encrypted store on your iPhone; there is no analytics, advertising, crash-reporting, or tracking code; there is no account; payments are handled by Apple; and the only time your data moves off your phone is when you choose to export and share it yourself.

12. The Holna website (holna.app)

This policy covers the Holna iPhone app. Our website at holna.app is a simple marketing and support site. It does not require you to log in.

Under the Irish ePrivacy Regulations (S.I. No. 336 of 2011) and the GDPR, we may only store information on your device, or read information already stored on it, with your consent, unless it is strictly necessary for a service you have asked for. Our policy for holna.app is to use no non-essential cookies and no third-party tracking, advertising, or analytics cookies. We use only storage that is strictly necessary for the site to work. Because we set no non-essential cookies, you do not need to consent to any, and we do not show you a tracking banner. If we ever introduce any analytics or other non-essential storage, we will ask for your consent first, through a clear banner that lets you accept or reject equally easily, and we will update this policy before doing so.

13. Your rights under the GDPR (EU, EEA, and UK)

You have the full set of rights: access, rectification, erasure, restriction, objection, portability, and the right to withdraw consent. How you exercise them depends on where the data sits.

For your health data and logs (held only on your device). Because this data never reaches us, your rights are satisfied directly on your device, instantly and without needing to ask us:

• Access and portability: view all your data in the app, and export an encrypted copy or a readable report at any time.
• Rectification: edit or correct your own logged entries.
• Erasure: delete all data from the app's Settings, or by deleting the app. Readings stored in Apple Health itself are managed in the Apple Health app.
• Restriction, objection, and withdrawal of consent: control what Holna reads from Apple Health in the iOS Settings app, and withdraw that permission at any time.

We cannot action an access, erasure, or portability request for your health data on your behalf, because we do not hold it and have no technical means to reach it. This is by design and is itself a privacy protection.

For the support correspondence that may reach us (Section 6). You have the usual rights over that correspondence. To exercise them, contact contact@holna.app. We will respond without undue delay and within one month, as required by Article 12(3).

The law that applies, and your right to complain. Where we process personal data, we do so under the GDPR as it applies in Ireland and the Irish Data Protection Acts 1988 to 2018. If you are unhappy with how we have handled your data, please contact us first at contact@holna.app. You also have the right to lodge a complaint with the supervisory authority:

An Coimisiún um Chosaint Sonraí / Data Protection Commission
21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland
Website: www.dataprotection.ie
Telephone: +353 (0)1 765 0100

If you live in another EU or EEA country, you may instead complain to your local supervisory authority, or bring a claim before the courts of the country where you live.

14. Your rights wherever you live

Holna is sold around the world, so people use it under many different privacy laws. Because Holna holds almost nothing about you, there is very little for these laws to reach.

Everyone. Because your health data stays on your device, you already hold the strongest version of every data right: you can see all of it in the app, correct your entries, export it, and delete it whenever you like, without asking us.

United States: California (CCPA/CPRA). We do not sell your personal information, and we do not share it for cross-context behavioural advertising. We have never done this and have no mechanism to. California treats health information as sensitive personal information; Holna does not use or disclose any sensitive personal information beyond providing the app to you on your own device. You still have the rights to know, access, correct, and delete, and we will not discriminate against you for exercising any privacy right.

United States: Washington (My Health My Data Act), Nevada, Connecticut, and similar. These laws are aimed at apps that collect consumer health data and then share or sell it. Holna does not collect, receive, store, or have access to your consumer health data; it stays in an encrypted store on your iPhone. We do not sell it, we do not share it, and we operate no geofencing around healthcare locations.

Other US states and other countries. The answer is the same everywhere: we do not collect your personal data to any server, we do not sell or share it, we run no targeted advertising, and we carry out no profiling. If your local law gives you rights over the limited support correspondence we may hold, contact contact@holna.app and we will honour them.

15. Children's privacy

Holna is made for adults looking after their own health information. It is not directed at children, and we do not design, market, or intend it for them.

• Age expectation. Holna is intended for people aged 16 and over. This matches the age of digital consent in Ireland, where Obscurity Ltd is based, and it sits above the under-13 threshold of the US Children's Online Privacy Protection Act (COPPA).
• We knowingly collect nothing from anyone, including children. Holna has no account, no servers, and no analytics, so there is no mechanism by which we could collect a child's personal information, and we hold none.
• COPPA. Because we do not collect personal information from anyone through the app, we do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided personal information to us (for example, by emailing support), contact contact@holna.app and we will delete it promptly.
• For parents and guardians. A device shared with or used by a child may contain that child's readings in Apple Health. Holna reads only what the device's owner permits, and that information never reaches us. You can review and limit what Holna can read at any time in the iOS Settings app, and delete all of Holna's on-device data from its Settings.

16. Retention

• Health data and logs: kept on your device for as long as you keep the app or until you delete the data. We set no retention period because we never hold this data; you control it entirely.
• Support correspondence: kept only for as long as needed to handle your query and keep a reasonable record, then deleted or anonymised. You may ask us to delete it sooner.

17. Where your data lives, and crossing borders

Your health data does not cross borders, because it does not travel. It stays in the encrypted store on your iPhone. We operate no servers that receive it, in any country, so there is no international transfer of your health data by us.

• Apple handles purchases as a separate company and may process that information in its own locations under its own safeguards, which we do not control.
• If you email us from abroad, your email reaches us in the EU, and we handle it under European data protection standards. Where our email provider processes data outside the EEA, we rely on appropriate safeguards (such as Standard Contractual Clauses or an adequacy decision), and we will identify our provider and the relevant safeguard on request.

18. Data protection by design, and our DPIA position

We have built Holna on data protection by design and by default (Article 25): the most sensitive data the app touches is processed only on your device, encrypted, behind your biometrics, and never transmitted to us. We have considered whether a Data Protection Impact Assessment (Article 35) is required, and concluded that, because Obscurity Ltd carries out no server-side processing of health data at all, the residual processing on our side (support email) is low risk and does not meet the Article 35 threshold. We will revisit this before shipping any feature that would change the architecture, for example cloud sync, analytics, or crash reporting.

19. Changes to this policy

We may update this policy, for example if the law changes or if we add features. When we do, we will revise the "Last updated" date and version above and, for material changes, make a reasonable effort to highlight them in the app before they take effect. We will never weaken your privacy protections without telling you clearly first.

20. Contact

Questions about this policy or your privacy:

Obscurity Ltd
Email: contact@holna.app