Privacy
The short version
The myPotential app runs entirely on your iPhone — nothing about your sessions, heart rate, or anything else leaves the device. The myPotential website uses a self-hosted waitlist form (email only) and clinician accounts for healthcare providers managing their clinics. We use TelemetryDeck, a privacy-first analytics service, to count anonymous page views on this website — no cookies, no personal identifiers, no tracking across sites. There are no advertising trackers and no data brokering.
What the app collects about you
Nothing about you is sent off your phone by myPotential. A few things look like collection but aren't:
- HealthKit data. With your permission, myPotential reads heart rate during workouts and writes completed workouts back to HealthKit, the same way Apple's own Fitness app does. This data stays on your device under Apple's HealthKit privacy framework. myPotential never transmits it anywhere.
- Session history. Completed sessions, mood entries, weight logs, and your profile (age, sex, beta-blocker status) are stored locally on your device, encrypted by iOS. None of it leaves your phone.
What the website collects
If you submit your email address through the waitlist form, it's stored on myPotential's own server so we can reply to you about the beta. Your email won't be used for anything other than replying to you about myPotential. No newsletter, no marketing, no profiling, no selling.
The site is hosted by a third party that may keep server logs (IP addresses, request times) for security and operational reasons. myPotential's application itself does not log personal information (IP addresses, user agents) for visitors to public pages. A privacy-first analytics service (TelemetryDeck) counts anonymous page views on this website. It does not use cookies, does not collect personal data, and does not track you across sites. There are no advertising tags or behavioural trackers running on this site.
Clinician accounts
Healthcare providers who manage clinics can optionally create a passwordless account (using passkeys) to view patient activity shared from their clinic. These accounts are created by invitation only. No patient-identifiable data is visible to myPotential staff — clinics manage their own patient lists.
Patient data sharing
Patient-facing data sharing is not yet available in the current version of myPotential. When it becomes available, patients will be able to choose whether to share session summaries with their clinic. Sharing will be opt-in, revocable, and clearly indicated in the app. This privacy page will be updated before that feature launches.
What this isn't
- No advertising or behavioural tracking, anywhere.
- No selling, renting, or sharing of your data.
- No third-party analytics in the app. The website uses TelemetryDeck for anonymous page-view counting only (no cookies, no personal data).
- No patient data visible to anyone outside your clinic.
Your rights
Because the app stores everything locally, you control your data directly: deleting the app deletes all of it. There's nothing held remotely to access or correct.
For an email submitted through the waitlist form, you can ask for it to be deleted at any time — just write to the contact address below.
Children
POTS often first appears in teenagers, and myPotential is suitable for under-18s. Because the app collects nothing from anyone, no special arrangements apply to under-13s either. Parents and guardians can be confident that nothing leaves the device.
Changes
If this page changes, we'll update the date at the top. For material changes — anything that affects what's collected or how it's used — we'll make sure that's prominent.
Contact
Questions, requests, or anything else: hello@get-upright.app.
myPotential is a personal project by John Woffindin.