Privacy
OpenVitals is designed as a local-first Android app.
The local app:
- Does not ship app-level internet permission.
- Does not create OpenVitals cloud accounts.
- Does not upload health data to an OpenVitals server.
- Does not include ads.
- Does not include an analytics SDK.
- Reads supported records through Health Connect.
- Writes supported records only after an explicit save, import, record, edit, or delete action.
Local app preferences may include onboarding state, acknowledged permission prompts, unit settings, language, theme, widget order, goals, reminders, Body Energy calibration, timer settings, and display choices.
Health Records
Health Connect is the source of truth. OpenVitals reads Health Connect records to show dashboard summaries, detail screens, readiness, statistics, achievements, and insights.
Manual entries are saved back to Health Connect only when the user chooses to save them. Supported Apple Health export records and FIT imports are written to Health Connect only after the user starts an import from Settings, Data Importers, reviews supported details where needed, and saves. OpenVitals-created records can be edited later; records created by other apps remain read-only.
Sensitive Data
Cycle tracking uses sensitive Health Connect records and is shown only after cycle permissions are granted explicitly.
Workout route previews require manual Health Connect approval in some cases. GPS recording requires location permission because OpenVitals needs location points to build the route. Imported PMTiles or Mapsforge map packs stay local on the device.
Permission Details
See Permissions for the current permission list and why each group is requested.