Privacy, data & legal

How DayByDay stores your health data, what we collect, your rights, and the legal disclaimers you should know.

DayByDay is a personal wellness tracking app, not a medical device. The information and data shown are for personal tracking and informational purposes only β€” not for diagnosis, treatment, or clinical decision-making. Always consult your healthcare provider before making changes to your health regimen.

Your data belongs to you

DayByDay is built on a simple principle: your health data is yours. We store it securely, we never sell it, and we never use it for advertising. You can export everything you've entered, or delete it all permanently, at any time.

No ads. No data selling. Ever.

DayByDay earns revenue through subscriptions only. Your health data is never shared with advertisers, data brokers, or any third party for commercial purposes.


What we collect

We collect only what you choose to enter into the app, plus the basics required to run your account.

  • ✦Account info β€” your name and email address.
  • ✦Health data you log β€” weight, body fat, sleep, GLP-1 doses, exercise, body measurements, and lab values.
  • ✦App settings β€” your preferred units, goal weight, theme preferences.
  • ✦Subscription status β€” managed by Apple App Store (via RevenueCat). We do not see your payment card details.

We do not collect your location, browser history, food logs, or any data from other apps beyond what you explicitly sync via Apple Health.


How your data is stored

Your data is encrypted in transit using TLS (the same standard used by banks) and encrypted at rest on our servers. We use Supabase (PostgreSQL) hosted on US-based servers. Every database table is protected by Row-Level Security, which means your data is mathematically inaccessible to other users β€” even if they tried.

Row-Level Security

Every piece of data in DayByDay is scoped to your account with Row-Level Security enforced at the database level. No DayByDay employee or other user can read your records without your credentials.


Third-party services we use

DayByDay uses a small number of third-party services to run the app. Here is exactly what each one does with your data.

ServicePurposeWhat they see
SupabaseDatabase hostingYour encrypted health data, stored on US servers.
RevenueCatSubscription billingYour subscription status and purchase history. Not your health data.
Apple HealthHealth data sync (iOS only)Health data is processed on your device only. It never leaves your phone via our systems.
Apple App StoreSubscription billing (iOS)Your purchase history and subscription status. DayByDay never sees your card number.

Apple Health data stays on your device

When you connect Apple Health, DayByDay reads data from your device's local HealthKit store and syncs it to your DayByDay account on Supabase. Apple itself does not receive your DayByDay account data. Apple Health data is never used for advertising.


Medical disclaimer

DayByDay is not a medical device

DayByDay is a personal wellness tracking application. It is not FDA-cleared, CE-marked, or approved for diagnostic, clinical, or therapeutic use. No data, metric, or estimate shown in the app constitutes a medical diagnosis, prognosis, or prescription. Always consult a qualified healthcare provider before making changes to your medications, diet, or health regimen.

The charts, trend lines, predictions, and scores you see in DayByDay are calculated from data you enter. They are meant to help you understand your own patterns over time. They are not clinical measurements.


Not a substitute for medical advice

No diagnosis. No treatment. No cure.

DayByDay does not diagnose, treat, prevent, or cure any medical condition. GLP-1 medication tracking is informational only β€” the medication level estimate is based on pharmacokinetic half-life data, not a blood measurement. Blood oxygen readings from consumer wearables are not equivalent to clinical pulse oximetry. Do not use DayByDay data to make clinical decisions.

If you are experiencing a medical emergency, call 911 or your local emergency number immediately. DayByDay is not a crisis or emergency tool.


Your rights (GDPR & CCPA)

Depending on where you live, you have legal rights over your personal data. DayByDay honors these rights for all users, regardless of location.

  • ✦Right to access β€” You can request a copy of all data we hold about you.
  • ✦Right to export β€” Export your weight, sleep, medications, measurements, and labs as CSV from within the app.
  • ✦Right to correction β€” Edit or correct any inaccurate data directly in the app.
  • ✦Right to deletion β€” Delete your account and all associated data permanently from Settings β†’ Delete Account.
  • ✦Right to restrict processing β€” Contact us to restrict how your data is used.
  • ✦Right to object β€” You can object to any data processing at any time.

Contact us about your data

To exercise any of the rights above, or to ask questions about your data, email us at support@mydaybyday.app. We will respond within 30 days as required by GDPR. For CCPA requests, we will respond within 45 days.


Deleting your account

You can delete your account at any time from Settings β†’ Scroll to bottom β†’ Delete Account. Deleting your account permanently removes all of your data from our servers β€” weights, sleep records, GLP-1 doses, measurements, labs, and your profile.

Deletion is permanent

Once your account is deleted, your data cannot be recovered. Export your data before deleting if you want to keep a copy. See Settings β†’ Export Data.

Deleting your account does not automatically cancel your App Store subscription. Cancel your subscription separately before deleting your account to avoid future charges.

Data retention after deletion

After account deletion, your personal data is purged from our active database within 30 days. Encrypted backups are rotated and purged within 90 days. Anonymized, aggregated analytics (which cannot identify you) may be retained indefinitely.

Was this helpful?

Send feedback β†’