Pulse handles sensitive health data locally. Security and privacy issues should be treated carefully even while the app is pre-release.
Until Pulse reaches a public 1.0 release, security fixes target the main branch.
Please do not open a public issue for vulnerabilities involving:
- Health data exposure.
- App group storage leaks.
- Incorrect HealthKit authorization behavior.
- Logs or screenshots that expose personal health data.
Instead, contact the repository owner privately through GitHub.
- HealthKit is the source of truth.
- Pulse does not upload health data to a server.
- Pulse does not use ads or third-party analytics for health data.
- Pulse stores only compact local snapshots and derived summaries needed for app and widget display.
- Any future sync or export feature must update the privacy documentation before implementation.