Privacy Policy
1. Who we are
TRT Companion is developed and operated by Made Form Ltd ("we", "us", "our"). We are the data controller for any personal data processed in connection with the App. Contact us at hello@trtcompanion.app.
2. Overview
TRT Companion is a personal health tracking app for men on Testosterone Replacement Therapy. Privacy is a core design principle: your health data belongs to you and, with limited exceptions described below, stays entirely on your device.
Your health data — medication doses, blood work, wellness scores — is sensitive personal information. We have designed the App to minimise data leaving your device to practically zero under normal use.
3. Data stored on your device
The App stores the following data locally using Apple's SwiftData framework. This data does not reach our servers:
- Medication protocols and dose history
- Injection site rotation records
- Daily wellness check-in scores (energy, mood, libido, sleep, gym)
- Blood work results (entered manually or via AI import)
- Appointment notes
- HealthKit data (sleep, heart rate, HRV, workouts, body composition) — read only with your explicit iOS permission
- App preferences and settings
4. Data that leaves your device
AI Blood Test Import: When you use the AI blood test import feature, images or PDFs of your lab reports are transmitted via HTTPS to a secure relay and then to Anthropic's Claude API for text extraction. Your explicit confirmation to use this feature constitutes your consent to this transfer. This data is:
- Transmitted over HTTPS (encrypted in transit)
- Not stored on the relay server after processing
- Processed by Anthropic solely to extract text values from your lab report
- Not used by Anthropic to train their models, in accordance with Anthropic's API usage policies
Anthropic, Inc. is based in the United States. Sending your lab report data to Anthropic constitutes an international transfer of sensitive personal data. This transfer is made on the basis of your explicit consent, and is protected by standard contractual clauses and other applicable international data transfer mechanisms. You may withdraw consent at any time simply by not using the AI import feature.
No other feature sends data off your device.
5. iCloud sync
If you have iCloud enabled, the App uses Apple's CloudKit to back up and sync your data across your devices. If you enable this:
- Your data is stored in your personal iCloud account and encrypted end-to-end by Apple
- It is not accessible to us as developers
- It is subject to Apple's Privacy Policy
iCloud sync is entirely optional — the App works fully offline. You can disable it in your device Settings at any time.
6. HealthKit
The App reads data from Apple HealthKit only with your explicit iOS permission. HealthKit data is never sent off your device. It is used solely to enrich your daily check-ins and correlate health metrics with your TRT protocol. You can revoke this permission at any time in Settings > Privacy & Security > Health.
7. Analytics, tracking, and advertising
The App contains no analytics SDKs, no tracking pixels, no advertising frameworks, and no third-party data collection of any kind. We do not track how you use the App.
8. No account required
The App does not require an account. We do not collect your name, email address, phone number, or any personal identifying information. You can use the App completely anonymously.
9. Legal basis for processing
Where applicable data protection law requires us to identify a legal basis for processing your personal data, we rely on:
- Explicit consent — for processing your sensitive health data via the AI blood test import feature
- Performance of a contract — for data necessary to provide the App's core functionality to you as a subscriber
For data that remains on your device and is used solely for your own personal purposes, applicable data protection law in many jurisdictions treats this as a personal activity that falls outside the scope of data protection regulation.
10. Data retention and deletion
All data is stored locally on your device. Deleting the App removes all locally stored data. If you use iCloud sync, you can manage and delete your iCloud data through Settings on your device. Data processed through the AI import relay is not retained after processing is complete.
11. Children's privacy
The App is not intended for anyone under the age of 18. We do not knowingly collect data from children.
12. Your privacy rights
Depending on where you are located, applicable data protection law may give you rights regarding your personal data, including:
- Access — request a copy of personal data we hold about you
- Rectification — correct inaccurate data (all data in the App is editable directly)
- Erasure — request deletion of your personal data; for on-device data, this is achieved by deleting the App
- Restriction — request that we restrict processing in certain circumstances
- Portability — request your data in a portable, machine-readable format
- Objection — object to processing based on legitimate interests
- Withdraw consent — where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing
Because we do not hold your personal data on our servers (with the narrow exception of the AI import relay), most of these rights are exercised directly within the App. To make a formal request, contact us at hello@trtcompanion.app.
You may also have the right to lodge a complaint with the data protection authority in your country or region. In the UK this is the Information Commissioner's Office (ico.org.uk); in the EU your national supervisory authority; in the US, your State Attorney General. A full list of EU supervisory authorities is available at edpb.europa.eu.
13. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be noted in the App. We will always indicate the date of the most recent revision at the top of this page.
14. Contact
Questions about this Privacy Policy: hello@trtcompanion.app.