Privacy & Data Policy

What data Omnio collects

Omnio collects health and fitness data from the wearable devices and apps you choose to connect. This includes:

Wearable data — Sleep metrics, heart rate, HRV, activity, workouts, readiness/recovery scores, body temperature, SpO2, respiratory rate, and other biometrics from Oura, Garmin, and Whoop.
Nutrition data — Calories, macronutrients, and micronutrients from MyFitnessPal, Cronometer, or CSV imports.
Strength training data — Exercise logs, sets, reps, weight, and RPE from LiftLog, Hevy, or CSV imports.
Manual check-ins — Subjective data you enter (mood, energy, soreness ratings).
Body composition — DEXA scan data and bloodwork results you upload.
Account data — Email address, password hash, health profile (age, sex, height, weight), and timezone.

Omnio does not collect:

Database — Account data, conversation history, training plans, and manual entries are stored in a PostgreSQL database hosted on Hetzner Cloud infrastructure in Europe.
Time-series metrics — All wearable and nutrition metrics are stored in VictoriaMetrics, a purpose-built time-series database. Each user’s data is isolated by a unique user ID label.
Credentials — OAuth tokens and API credentials for your connected accounts are encrypted at rest using AES-256 via a credential vault. Your Garmin password is never stored — only the session token.
AI chat history — Conversations with the AI health coach are stored for 30 days, then automatically deleted. You can export or delete conversations manually at any time.

Composite scores — Omnio computes personalised health scores (Sleep, Readiness, Activity, Nutrition, Metabolic Health, Overall Health) from your raw metrics using evidence-based weighting models. These are computed on our servers and stored in VictoriaMetrics.
Bayesian learning models — If you use the adaptive training features, Omnio trains per-user machine learning models (recovery curves, volume tolerance, schedule preferences, etc.) from your historical data. These models are stored as JSON in your user profile and are never shared with other users.
AI chat — When you use the AI health coach, your question and relevant health context are sent to OpenAI or Anthropic (depending on configuration) to generate a response. Only the minimum necessary context is included. AI providers are contractually prohibited from training on your data.

Every user’s data is isolated:

Time-series queries are scoped by user ID — you cannot query another user’s data.
Database records use row-level user ID filtering.
API endpoints verify authentication and authorisation on every request.
There is no shared data pool or anonymised aggregate data.

Export — You can export your AI chat history in Markdown, JSON, or plain text format from the chat interface.
Delete account — Contact [email protected] to request full account deletion. This removes your account, all stored metrics, training plans, chat history, and connected account credentials.
Disconnect devices — You can disconnect any data source at any time from Sources → Accounts. This stops future syncs but does not delete previously synced data. Contact support to request historical data deletion.
Revoke access — You can revoke Omnio’s access from within Oura, Garmin, or Whoop at any time. This prevents future token refreshes and effectively disconnects the source.

Service	Purpose	Data shared
Oura API	Wearable data sync	OAuth tokens
Garmin Connect	Wearable data sync	Session tokens
Whoop API	Wearable data sync	OAuth tokens
OpenAI / Anthropic	AI health coach responses	Conversation context (question + relevant metrics)
Hetzner Cloud	Infrastructure hosting	All data is hosted here
Plausible Analytics	Cookie-less, privacy-first web analytics on the blog	Page views only, no personal data

For privacy questions, data export requests, or account deletion: [email protected]