Derive — Privacy Policy
Last updated: June 13, 2026
Derive ("we", "us") provides AI-assisted fitness tracking and coaching. This policy explains what we collect, how we use it, who we share it with, and your choices.
Data we collect
- Health & fitness data (from Apple Health, read-only, with your permission): heart rate, resting heart rate, heart rate variability (HRV), heart rate recovery, workouts (type, duration, distance, energy, HR samples), sleep stages and duration, steps, active/basal energy, exercise minutes, VO2 max, respiratory rate, blood oxygen, running form metrics, and body composition (height, weight, body fat, lean mass, waist).
- Profile information: name, email address (for password accounts), date of birth (used as age), biological sex, height, and weight.
- Account & device identifiers: a per-install device identifier (Apple's
identifierForVendor) and an account/session token. - Coaching content: the messages you send to the AI Coach and the goals you create.
- Usage records: which AI features you used and their token/cost totals, for billing and abuse prevention.
We do not write data back to Apple Health. We do not use advertising or third-party tracking SDKs, and we do not sell your data.
How we use your data
- Compute derived fitness metrics, trends, benchmarks, and your daily readiness score.
- Generate personalized coaching, goal recommendations, and the 3-day review.
- Maintain your account and weekly AI credit allowance.
Third-party processing (Anthropic)
To generate recommendations, we send your goal description, profile attributes (age and sex), and summarized health metrics to our AI provider, Anthropic (the Claude API), which processes them to return coaching text. Anthropic acts as our processor for this purpose. Anthropic does not use this data to train its models and retains it only briefly for abuse monitoring. See Anthropic's data-handling terms for how they treat API data. We send only what is needed to generate the response; we do not send your name or email to Anthropic.
Storage and retention
Your data is stored securely on our backend, hosted with a third-party cloud infrastructure provider. We retain it until you delete your account. When you delete your account (Settings → Delete Account), we permanently remove your profile, goals, chat history, and all synced health data. We retain anonymized usage records (device identifier, feature, token/cost totals) needed to enforce the weekly AI credit allowance across reinstalls; these contain no health data.
Your choices and rights
- Access/permissions: manage Apple Health sharing in iOS Settings → Privacy & Security → Health → Derive.
- Deletion: delete your account and all associated personal and health data in-app at any time (Settings → Delete Account).
- Depending on your region (e.g. EEA/UK under GDPR, California under CCPA) you may have additional rights to access, correct, or export your data. Contact us to exercise them.
Children
Derive is not directed to children under 13 (or the minimum age in your jurisdiction) and we do not knowingly collect their data.
Not medical advice
Derive provides general fitness information and AI-generated guidance. It is not medical advice and is not a substitute for a physician, physical therapist, or mental-health professional. For symptoms, pain, or any health concern, consult a qualified professional.