Privacy Policy

Last updated: March 2026

The short version: Your health data goes from your device directly to your Intervals.icu account. The app uses a lightweight authentication server to securely connect your Intervals.icu account via OAuth — no health data passes through this server.

IntervalsWellnessSync is an independent application developed and maintained by Ryan Grgurich. It is not affiliated with, endorsed by, or officially connected to Intervals.icu or any of its subsidiaries. This policy details what data the application accesses, transmission methods, local storage, and authentication mechanisms.

Health Data Accessed

The app requests read-only access to the following Apple HealthKit data types on the iPhone:

Sleep analysis (duration, stages, and computed sleep score)
Heart rate variability (SDNN)
Heart rate and resting heart rate
Body mass and body fat percentage
Step count
Oxygen saturation (SpO₂)
VO₂ max
Respiratory rate
Dietary energy and macronutrients (calories, carbohydrates, protein, fat)
Blood glucose
Menstrual flow (used to derive cycle day count)
Heartbeat series (for Enhanced HRV Mode)

Users control which HealthKit permissions are granted through iOS Settings and can modify them at any time.

Sleep Score

The app computes a sleep score (0–100) on-device from your HealthKit sleep data. This score is derived from sleep duration, sleep stage composition (deep, REM, core), sleep continuity, sleep efficiency, and average sleeping heart rate. The score is calculated entirely on your device and is not sourced from Apple's proprietary sleep score. Like all other metrics, it can be excluded from synchronization.

Enhanced HRV Mode (Apple Watch)

When Enhanced HRV Mode is enabled, the Apple Watch companion app reads heartbeat series, heart rate, HRV (SDNN), and sleep analysis data. It also writes the following to HealthKit:

Heartbeat series: Beat-to-beat timing data captured during overnight 5-minute measurement epochs.
Workout session records: A background workout session of type "Other" is used to keep the Watch app active during sleep. This session appears in HealthKit as a workout record.

These writes occur only when Enhanced HRV Mode is actively enabled and are confined to the watchOS companion app.

Subjective Wellness Data

The app collects the following self-reported wellness ratings via an optional daily prompt (all use a 1–4 scale):

Sleep quality
Soreness
Fatigue
Stress
Mood
Motivation
Injury status
Hydration

Users may also enter optional free-text comments. Subjective data is only transmitted when manually submitted by the user.

Authentication Process

The application implements OAuth 2.0 to connect with Intervals.icu accounts. Users authorize the app on Intervals.icu's website rather than entering passwords directly into the application.

A developer-hosted server (Cloudflare Worker at intervalswellnesssync.com) handles only the OAuth token exchange. This server does not receive, process, or store any of your health or wellness data. The OAuth client secret is stored server-side and never included in the app.

Data Transmission

Health and wellness data transmits directly from your device to the Intervals.icu API via HTTPS (PUT /api/v1/athlete/{id}/wellness-bulk and GET /api/v1/athlete/{id}/wellness). The developer's authentication server is not involved after the initial sign-in.

Users can exclude individual metrics from synchronization (e.g., metrics managed by a Garmin, Oura, or other device). Excluded metrics are never sent to Intervals.icu.

On-Device Storage

The app stores the following data locally on your device:

Keychain (encrypted):

OAuth access token
Intervals.icu athlete ID
Athlete display name

Preferences (UserDefaults):

App theme, unit preferences, and dashboard configuration
Sync schedule settings (check-in time, enabled/disabled)
Per-metric sync exclusion list

App Group (shared between iPhone and Watch):

HRV capture mode setting
Last night's HRV/sleep session summary

Local Database (SwiftData):

Per-day wellness records (both HealthKit-sourced and manually entered values)
Backfill history snapshots (for undo functionality)

No data is stored on external servers other than Intervals.icu (where wellness data is uploaded at the user's direction).

Server-Side Storage

The developer's authentication server (Cloudflare Worker) does not store any user data. It processes the OAuth token exchange in memory and immediately redirects the result to the app.

What the App Does NOT Do

Collect analytics or usage data
Include third-party tracking libraries or SDKs
Use advertising identifiers
Collect device identifiers, device names, or contact information
Collect location data
Send crash reports to external services
Route health data through external servers
Share data with any party other than Intervals.icu

Third-Party Services

The app communicates exclusively with:

Intervals.icu (intervals.icu): OAuth authorization and wellness data uploads
IntervalsWellnessSync authentication server (intervalswellnesssync.com): OAuth token exchange only

No other external services, analytics providers, or third-party SDKs are used.

Data Deletion

Uninstalling the app removes all local data, including Keychain credentials, preferences, and the local wellness database.
Backfill history can be deleted individually or entirely within the app.
Revoking access through Intervals.icu's OAuth settings invalidates the access token.
HealthKit data remains unaffected by any of the above actions.
Uploaded wellness data is managed within your Intervals.icu account.

Children's Privacy

IntervalsWellnessSync is not directed at children under 13.

Policy Updates

Updated policy versions will be posted at intervalswellnesssync.com/privacy with revised dates. Material changes will be noted in app release notes.

Contact

For questions about this privacy policy or the app, contact:

Email: support@intervalswellnesssync.com