Legal

Privacy Policy

Last updated: April 2026

Overview

Reyma is a consumer wellness application designed to help individuals monitor their well-being through biometric data from wearable devices and AI-powered conversation. Reyma is not a medical device and is not intended to diagnose, treat, cure, or prevent any disease.

This Privacy Policy explains what data we collect, how we use it, and how we protect it. By using Reyma, you agree to the practices described here.

Medical Disclaimer

Important

Reyma is not a medical device and is not approved or cleared by any regulatory agency. It is not a substitute for professional medical advice, diagnosis, or treatment. Always seek the advice of your physician or other qualified health provider with any questions you may have regarding a medical condition.

If you are in crisis or experiencing a medical emergency, call 911 immediately.

Crisis Resources

If you or someone you know is in crisis, please reach out to one of these resources immediately:

  • 988 Suicide & Crisis Lifeline - Call or text 988, available 24/7
  • Emergency Services - Call 911
  • Crisis Text Line - Text 741741

Data We Collect

Reyma collects the following categories of information:

  • Account information: Email address, display name, and user ID
  • Health metrics: Heart rate, heart rate variability (HRV), sleep duration and timing, step count, and activity data collected from Apple Watch via Apple HealthKit
  • Conversation data: Messages exchanged with the Reyma AI assistant
  • Check-in responses: Self-reported mood and context information

How Data Is Stored

Your data is stored in two locations:

  • On your device: Health metrics and conversation data are stored locally using SwiftData on your iPhone
  • In the cloud: Account data and synced summaries are stored in Firebase Firestore, encrypted at rest using AES-256 and in transit using TLS 1.2+

How Data Is Processed

Reyma uses AI to power conversations. When you interact with the Reyma assistant, your messages are processed by Reyma AI in real-time. Your data is not retained after processing under our zero-data-retention policy. No conversation data is used to train AI models.

Third-Party Services

Reyma uses the following third-party services:

  • Firebase Authentication - Account creation and sign-in
  • Firebase Firestore - Cloud data storage and synchronization
  • Firebase Cloud Messaging - Push notifications
  • Reyma AI - AI-powered conversation

Data Sharing

Reyma does not sell your data. We do not share your data with third parties for advertising or marketing purposes.

Provider sync is opt-in. If you choose to connect with a healthcare provider through Reyma, summarized data (not raw conversations) may be shared with your provider. This requires your explicit consent using a unique 8-character consent code provided by your provider. You can revoke this consent and disconnect at any time.

Data Retention & Deletion

Your data is retained as long as your account is active. You can delete all of your data at any time through the app by navigating to Settings → Danger Zone → Delete All Data. This action permanently removes all your data from both your device and our cloud servers. This action cannot be undone.

Your Rights

You have the right to:

  • Access your data at any time through the app
  • Delete all your data permanently
  • Control what data is shared with connected providers
  • Portability - request a copy of your data
  • Revoke consent for provider data sharing at any time

HIPAA Notice

Reyma is a consumer wellness application. It is not a covered entity under HIPAA. When you opt into sharing data with a healthcare provider, the data received by your provider may be considered Protected Health Information (PHI). Your healthcare provider is the covered entity and is responsible for their own HIPAA compliance obligations when receiving and handling your shared data.

For more information, see our HIPAA Information page.

Children's Privacy

Reyma is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at privacy@withreyma.com and we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes through the app or by email. Your continued use of Reyma after changes constitutes acceptance of the updated policy.

Contact

If you have questions about this Privacy Policy or your data, contact us at privacy@withreyma.com