Privacy Policy

This Privacy Policy explains the type, scope, and purpose of personal data processing within the "Circadian" app. Protecting your data is our highest priority. Circadian was built on the principle of data minimization: all processing happens exclusively on your device.

1. Data Controller

Markus Sekulla
Ulbrichtstr. 6
09126 Chemnitz, Germany
Email: support@circadian-app.com

2. Types of Data Processed

Circadian reads health data exclusively from Apple Health (HealthKit). No raw data is permanently stored — only locally derived values:

3. Purpose of Processing

Providing health data is voluntary. Without HealthKit access, Circadian uses default values for the energy curve.

4. Legal Basis

5. On-Device Processing

All data processing happens exclusively on your device:

6. Storage and Retention

7. Apple Watch

Circadian transfers pre-computed curve points and unlock status to the Apple Watch via WatchConnectivity. No raw health data is transmitted between iPhone and Apple Watch. Communication uses Apple's encrypted WatchConnectivity framework.

8. Widgets

Widgets on the Home Screen, Lock Screen, and Apple Watch display the energy curve. They read exclusively pre-computed curve points from the shared App Group — not directly from HealthKit. The stored data contains only energy values and timestamps, not raw health data.

9. In-App Purchases

Circadian offers an optional one-time purchase through Apple's App Store. Payment processing is handled exclusively by Apple. Circadian does not receive any payment data (credit card number, bank details, etc.).

Circadian receives only the purchase confirmation (product ID, purchase date) from Apple for unlocking. This data is processed locally and not shared with third parties.

Apple Privacy Policy

10. Website Hosting

This website is hosted on Cloudflare Pages, a service provided by Cloudflare, Inc. (101 Townsend St, San Francisco, CA 94107, USA). When you visit this website, Cloudflare automatically processes the following data:

This processing is based on our legitimate interest in the secure and efficient delivery of the website (Art. 6(1)(f) GDPR). Cloudflare may set technically necessary cookies (e.g. __cf_bm for bot detection).

Cloudflare is certified under the EU-US Data Privacy Framework (DPF), which ensures an adequate level of data protection for the transfer of personal data to the United States.

Cloudflare Privacy Policy

Note: The app itself does not communicate with Cloudflare or any other external servers. This section applies exclusively to visits to this website.

11. Third-Party Sharing

Circadian does not transmit health data, curve points, or settings to servers or third parties. Technically required data transfers for in-app purchases are handled directly by Apple (see Section 9). The website is hosted via Cloudflare (see Section 10). Circadian does not use tracking, analytics, or advertising services. No profiling takes place. No automated decisions within the meaning of Art. 22 GDPR are made.

12. Technical Security Measures

13. Your Rights

Under the GDPR, you have the following rights:

14. Data Deletion

15. Contact

For privacy-related questions, please contact support@circadian-app.com

16. Changes to This Privacy Policy

This Privacy Policy may be updated to reflect changes to the app or legal requirements. The current version is always available in the app under Settings → Privacy and on this website.

Last updated: 2026-02-26