Privacy
Privacy Policy.
Version of 18 July 2026
1 Controller
BSNS GmbHBirkenstrasse 47
6343 Rotkreuz, Switzerland
contact@yourkata.com
BSNS GmbH is the controller for the processing described in this policy. It covers the websites yourkata.com and docs.yourkata.com, the Kata web app at app.yourkata.com, and the Kata mobile apps for iOS and Android.
BSNS GmbH has not appointed, and is not required to appoint, a statutory data protection officer. For every privacy matter, contact@yourkata.com is the direct line to the people responsible.
2 The short version
Your health data belongs to you. All logs, chats, photos and Kata's memory of you are stored locally on your device, not on our servers: in the browser and in the mobile apps alike. We run no tracking, no analytics profiles and no advertising, and we never sell data. Apart from the email address and account identifier that sign you in, the one thing that leaves your device is a message to Kata, sent to the AI to generate your reply and kept by no one, not even us.
3 Legal framework
We process personal data in accordance with the Swiss Federal Act on Data Protection (FADP, revised version in force since 1 September 2023) and, where it applies to users in the European Economic Area, the EU General Data Protection Regulation (GDPR). Where this policy names a legal basis, it refers to Art. 6(1) GDPR; under the FADP, the processing described here is covered by the principles of Art. 6 FADP and does not rely on consent unless stated.
4 Website visits
- No tracking, no analytics, no advertising pixels, no profiling.
- Consent banner: the website stores a single consent flag in your browser’s localStorage after you dismiss the notice. Only technically necessary storage is used; there is nothing to opt in to beyond that.
- Hosting: Vercel Inc., USA, delivers the website and processes technical server logs (IP address, request time, user agent) to run and defend the service (legitimate interest). Processing can take place in the EU and the US; transfers are covered by the EU standard contractual clauses and the Swiss transborder data flow rules.
- Fonts are loaded from Google Fonts and Fontshare; your browser contacts their servers to fetch the font files and transmits your IP address in doing so.
5 Website forms (contact and partnership)
If you use the contact or partnership form, we process the details you submit (name, email address, topic, company where given, and your message) to answer your request (performance of a contract or steps prior to entering one; legitimate interest for general enquiries). The messages are delivered to our mailboxes by Resend, Inc., USA, acting as our processor, and are kept as long as needed to handle the conversation and any follow-up. Form data is never used for advertising and never shared beyond this purpose.
6 App: account data
To create and secure your account we process your email address, a user identifier (your account ID), the authentication method and authentication timestamps, on every surface (web and mobile apps). Authentication is provided by Supabase, acting as our processor, with the project hosted in the EU (Zurich region). You can sign in with email and password, Google, Apple or a magic link; when you use a third-party sign-in, that provider confirms your identity to us and we store only your email address and account ID. If you sign in with Apple and choose Hide My Email, Apple gives us a private relay address instead of your real email; our transactional emails are sent to that relay and forwarded by Apple to you. Supabase stores no health data.
7 Health data stays on your device
Kata is local-first on every surface. All health logs (weight, food, water, training, sleep, supplements), your chat history, Kata’s memory of you, your photos and your decisions log are stored exclusively on your device: in the browser’s storage in the web app (localStorage for settings and structured logs, IndexedDB for larger content such as photos) and in the app’s local storage on iOS and Android. This data is never transmitted to or stored on our servers, and BSNS GmbH has no technical means to access it. If you delete the app or clear its site data, it is gone; the built-in export exists so you can back it up first.
Health data you import from Apple HealthKit or Google Health Connect is treated exactly the same way: it stays on your device like every other health entry and is never transmitted to our servers.
8 AI coach
When you talk to Kata, your message and the minimum context needed to answer it are transmitted over an encrypted connection to our AI provider (currently Anthropic PBC, USA) and processed there transiently to generate the reply. We do not store the content of these requests on our servers; we record only aggregate token counts per account for cost control. Voice input is transcribed and photos are analyzed the same way, only when you send them.
9 Abstracted product signals
To improve Kata, understand our audience and enforce fair use, we store a small set of abstracted, non-personal signals per account: app-open counts and last-active timestamps; aggregate AI usage numbers (token counts per account, never message content); an abstract persona summary that the app computes on your device (an archetype word plus coarse traits such as activity level, top sport types, eating consistency, sleep pattern, current phase, optional self-stated gender, country and timezone); invite and voucher attribution; and your subscription plan.
Explicitly not stored server-side: your chats and conversation history, your health logs, your photos, Kata’s memory of you and your decisions log. These exist only on your device (section 7). The abstracted signals cannot be used to reconstruct them. Legal basis: our legitimate interest in operating and improving the service (Art. 6 (1) (f) GDPR; Swiss FADP).
10 Consent records
When you accept the Terms of Service or give a consent in the app, we store the record of that acceptance: the document version, the timestamp, the surface (web, iOS or Android) and the language you accepted in. These records prove contract formation and the consents you gave. Legal basis: performance of a contract and compliance with legal obligations (Art. 6 (1) (b) and (c) GDPR; Swiss FADP). They are kept for as long as your account exists and thereafter for the applicable statutory limitation periods.
11 Mobile apps: permissions and push notifications
- Push notifications: if you enable them, a device push token tied to your account is processed to deliver notifications, via Google Firebase Cloud Messaging on both iOS and Android (on iOS it relies on the Apple Push Notification service underneath). The token is an identifier used solely to deliver the notifications Kata authors: it is never used for tracking or advertising, we run no Firebase Analytics, and no personal or health data is sent to Firebase, only the token and the notification text. Tokens are deleted when you disable notifications or delete your account.
- iCloud backup (iOS): you can back up your local Kata data to your own private iCloud (Apple CloudKit private database) and restore it on your devices. The backup goes to your personal iCloud account under your Apple ID, never to our servers, and is shared with no one; it stays entirely in your control. Apple provides your iCloud storage.
- Camera, microphone and photo library: accessed only when you actively take or attach a photo, or speak to Kata. The access happens locally on your device; content is transmitted only at the moment you send it to Kata (section 8) and is not stored by us.
- Apple HealthKit and Google Health Connect: health data you choose to import stays on your device like all health content (section 7). We do not receive, store or share it, and we never use it for advertising.
- The privacy labels shown in the Apple App Store and Google Play describe the same practices as this policy. Should a label and this policy ever appear to differ, this policy is the authoritative description of what we do.
12 WHOOP integration
Connecting WHOOP is optional. The OAuth tokens are stored on your device, unreadable to scripts where the platform allows it, and are used solely to fetch your recovery, HRV, sleep and strain data for display on your device; they are not stored in any server database. You can revoke the connection at any time in the app or in your WHOOP account settings.
13 Invite a friend
If you invite a friend, we process the invited email address and the state of the reward (Months given and earned) to run Invite a friend. Invited addresses are used for the invitation and reward matching only, never for marketing lists.
14 Recipients and transfers abroad
- Supabase (authentication): project hosted in the EU, Zurich region.
- Anthropic (AI processing): USA, transient processing only.
- Resend (transactional email): USA.
- Vercel (hosting): EU and USA.
- Google / Firebase Cloud Messaging (push notification token delivery on iOS and Android; no analytics): USA.
- Apple (Apple Push Notification service underlying iOS push, Sign in with Apple and its private email relay, and your own personal iCloud backup storage): USA.
Where data reaches providers in the USA, the transfer is safeguarded by the EU standard contractual clauses and, where certified, the Swiss-U.S. Data Privacy Framework. We do not sell or rent personal data, and no other recipients exist.
15 Retention
Account data is kept for as long as your account exists and deleted when you delete the account. Consent records are kept for the statutory limitation periods (section 10). Form correspondence is kept as long as needed to handle the request. Aggregate token counts are kept for cost accounting. Push tokens are deleted when notifications are disabled or the account is deleted. Health data on your device is retained solely by you; we hold no copy.
16 Security and data incidents
All transport is encrypted (TLS). The server holds the minimum data described above, protected by access controls and the security programs of our processors. The strongest measure is architectural: health data stored only on your device, never on our servers, cannot be breached on our side.
Should a security incident nevertheless affect personal data we hold, we will assess it without undue delay and notify the competent supervisory authority and, where required, the affected persons, in accordance with Art. 24 FADP and, where applicable, Art. 33 and 34 GDPR.
17 Your rights
You have the right to access, rectification, erasure and portability of your personal data, and the right to object to processing. Since almost all data lives on your device, most of these rights are in your own hands: export, correct or wipe your data directly in the app. For anything relating to your account or a form you submitted, write to contact@yourkata.com. You may also lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) or, where the GDPR applies, with your local supervisory authority.
18 Changes
We will update this policy when the service changes. The current version, with its date, is always published on this page. Material changes are announced in the app.
19 Governing law
This policy and any privacy dispute are governed by Swiss law. The engineering view of the same facts lives in the Your data docs.