Glimetry logo Glimetry
Privacy Policy

Your data, in plain English

What we collect, how we use it, and the rights you keep — without legalese.

Last updated April 25, 2026
·
Effective April 25, 2026
Overview

What Glimetry is, and what this policy covers

Glimetry is a wellness engagement platform. Employees track gym visits and health metrics to qualify for an employer-funded HRA (Health Reimbursement Arrangement) benefit.

This policy explains exactly what we collect and what we do with it. Your health data is never sold, never used for advertising, and never shared with anyone outside what's described here.

Apple HealthKit

Health data

With your explicit permission, the Glimetry app reads these metrics from Apple HealthKit:

  • Step count and walking + running distance
  • Resting and active heart rate
  • Sleep duration
  • Active energy burned and Apple Exercise Time
Your raw health data never leaves your device. We read these values only to compute your daily engagement score. Only the score and anonymized aggregates reach our servers.
What we collect

Data we collect

AccountName, email, employer code at sign-up.
Engagement scoreDaily 0–100 score derived from health and check-ins.
Gym check-insTimestamp, partner studio, policy number on QR scan.
DevicePlatform and app version — for support only.
How we use it

How we use your data

  • Calculate and display your daily engagement score
  • Verify gym check-ins and credit them to your policy
  • Confirm HRA eligibility to your employer (aggregate only)
  • Send transactional emails (sign-up, password reset)

We do not sell your data, run targeted advertising, or share it outside the uses listed above.

Employer view

What your employer sees

Your employer receives only what's needed to administer your HRA benefit:

  • Your policy number
  • Whether you met the monthly activity threshold
  • Aggregate activity days and score range

They never see raw step counts, heart rate, sleep records, or any individual health metric.

Security

How we protect it

All data is encrypted in transit (TLS 1.3) and at rest. Our backend runs on Supabase / AWS, which undergoes regular third-party security audits. Production database access is limited to authorized personnel.

Auth tokens are stored securely on-device and are never passed in URLs.

Retention

How long we keep it

Data is kept for as long as your account is active. Daily health records: up to 90 days on-device, up to 12 months on our servers (for benefit verification).

You can delete your account and all associated data at any time — see Contact below.

Your rights

Your rights

AccessRequest a copy of all data we hold about you.
CorrectionRequest correction of inaccurate data.
DeletionDelete your account and all data on request.
PortabilityExport your activity history as CSV in-app.
Revoke HealthKitiOS Settings → Privacy & Security → Health.
Withdraw consentDisconnect data sources at any time.
Cookies

Cookies & analytics

The marketing site (glimetry.com) uses only essential cookies for navigation. No advertising cookies, no cross-site tracking. The mobile app uses no cookies at all.

Children

Children's privacy

Glimetry is for adults (18+) only. We don't knowingly collect data from minors. If you believe a minor has used the service, contact us immediately.

Updates

Changes to this policy

We may update this policy. Material changes are emailed and reflected in the "Last updated" date above. Continued use after changes constitutes acceptance.

Contact

Questions or want to exercise your rights?

Reach the team directly — we aim to respond to all data requests within 30 days.

partners@glimetry.com Glimetry Inc.