Legal

Privacy Policy

Last updated:

Summary

Soma is designed so that your health and location data never reaches our servers. Data syncs through your personal iCloud account using CloudKit private database zones. Processing happens locally on your Mac. We operate no backend that stores or has access to your personal data.

What Soma collects

On your iPhone: Soma reads data you authorize from Apple Health (HealthKit) and Core Location. This includes health metrics, activity, sleep, workouts, body measurements, and location. You control which categories Soma can access through iOS permission prompts.

On your Mac: The Soma Companion app receives your data via iCloud and keeps it in a local database on your machine. It also runs a local MCP (Model Context Protocol) server on localhost that your AI agents can query.

What Soma does NOT do

  • We do not operate servers that store your health data.
  • We do not have accounts, logins, or user profiles. There is nothing to breach because we collect nothing.
  • We do not share, sell, or transmit your data to third parties.
  • We cannot read your iCloud-synced data. CloudKit private database zones are end-to-end encrypted and only accessible to your signed-in Apple account.

Data sovereignty

Your data lives in your iCloud and on your Mac. You can delete it at any time by deleting Soma, uninstalling the Mac Companion, or removing the Soma container from iCloud settings on your device. No request to us is required.

Subscription billing

Soma for iPhone is billed through Apple’s App Store. We do not process payments or store billing information. Apple provides us with anonymized purchase and renewal events required to run the subscription. See Apple’s privacy policy for details on App Store data.

Analytics

This marketing website uses privacy-respecting analytics that do not set tracking cookies or share data with third-party ad networks. The Soma apps themselves do not include analytics or telemetry SDKs.

Agents and third parties

Soma exposes your data to AI agents via a local MCP server on your Mac. When you send a query through an agent (Claude, ChatGPT, Cursor, OpenClaw, Hermes, or any other MCP-compatible client), the query and any data your agent chooses to include in its response are subject to that agent’s own privacy policy. Review your agent provider’s policy before exposing sensitive information.

Contact

Questions about this policy: contact us through the Support link on our website (coming soon). We will publish a dedicated support address before public launch.

Changes to this policy

Material changes will be announced on this page with an updated “Last updated” date. We recommend checking periodically.

← Back to home