Privacy posture
Your stack is your business.
Regimio is built privacy-first. Not as a marketing line · as an architectural precondition. Protocol data is sensitive. Trust is the foundation, not a tab.
Principles
What we promise, and what it actually means.
Local by default
No account required
One-tap erase
No analytics on values
Visible in the UI
Where your data lives
Every category, every destination.
No hand-waving. Here is the literal data map.
| Data kind | Where it lives | Sent off-device | Encryption |
|---|---|---|---|
| Compounds, doses, schedules | App-local device storage | Never by Regimio by default | Protected by OS sandbox and device encryption when enabled |
| Symptom check-ins | App-local device storage | Never by Regimio by default | Protected by OS sandbox and device encryption when enabled |
| Lab values, PDFs | App-local storage and user-controlled files | Never by default. Imports and exports stay user-controlled. | Protected by OS sandbox and device encryption when enabled |
| Wearable data (HRV, sleep, weight) | Roadmap integrations, opt-in only | Not collected in the MVP | Not applicable in the MVP |
| Reconstitution math | Computed on-device (pure module) | Never. No remote calculation. | n/a · computed only |
| Crash signatures (Sentry) | Sentry (opt-in only) | Only stack traces, scrubbed of values | TLS in transit |
| Subscription status | Apple / Google / RevenueCat | Standard in-app purchase entitlement flow | TLS in transit and store-provider controls |
| Support email | Your email app and Regimio support inbox | Only if you email support | TLS in transit where supported by mail providers |
What we will never do
The forever list.
- ×Sell your data to anyone. Period.
- ×Share data with research partners by default.
- ×Show 'consult your doctor' pop-ups before you log a compound.
- ×Restrict which compounds you log.
- ×Build features that require an account before you can use the app.
- ×Auto-enroll you in cloud sync.
- ×Auto-write doses or symptoms back to HealthKit.
- ×Send analytics events that include compound names, doses, or lab values.
- ×Make the privacy policy harder to read than a settings page.
- ×Send you marketing email without explicit opt-in.
One-tap erase
The button is always there.
No dark patterns. Settings -> Danger zone -> Erase everything.
App data
Local Regimio app storage is cleared and the app returns to a fresh state.
Local preferences
Settings, trial state, stack state, and local tracking preferences are cleared.
Cached files
Regimio-generated local export files and caches are cleared where the OS permits.
Erase is final. We do not keep a hidden recovery copy. This is the trade we make for being a privacy-first app.
Steady is a strategy
The privacy posture is the product.
If we ever weaken it, you'll find out from the changelog · not from a press release.