Privacy Policy

This Privacy Policy explains how the personal Health Dashboard application ("the App," "we," "our") operated by the owner of melanddar.com handles your information. The App is a private, single-user tool that turns your WHOOP data into daily training and sleep recommendations. By using the App you agree to this policy.

1. Information we collect

• WHOOP physiological data. With your explicit authorization through WHOOP's OAuth flow, the App accesses your WHOOP data — including recovery score, heart-rate variability (HRV), resting heart rate, sleep duration and performance, daily strain, and recent workouts.
• Settings you enter. Your default city, upcoming-location schedule, plan length, and preferred wake time.
• Authentication. A session cookie set after you enter the App password, used only to keep you signed in.

The App does not collect your name, email, advertising identifiers, precise geolocation, or browsing activity, and it contains no third-party analytics or advertising trackers.

2. How we use the information

Your data is used for one purpose: to generate and display your personalized training and sleep recommendations within the App. It is not used for advertising, profiling for third parties, or any unrelated purpose.

3. How your data is stored and retained

• WHOOP tokens. Your WHOOP access and refresh tokens are stored on the App's hosting server (Railway) so the App can retrieve your latest data. They are not displayed or shared.
• Health metrics. Retrieved on demand from WHOOP and held only transiently in server memory (a short cache, by default ~10 minutes) to build your plan. They are not written to a long-term database.
• Settings. Your location schedule and preferences are stored in a small settings file on the server.

4. How we share information

We do not sell, rent, or share your personal or health data with third parties. Data is processed only by:

• WHOOP, the source of your physiological data, under WHOOP's own Privacy Policy; and
• Railway, the cloud platform that hosts the App.

5. Security

Access to the dashboard is protected by a password, and all traffic is served over HTTPS. No system is perfectly secure, but we take reasonable measures to protect your data and never expose your WHOOP credentials in the interface.

6. Your choices and rights

• Revoke WHOOP access at any time from your WHOOP account settings; this immediately stops the App from retrieving new data.
• Delete your data by revoking access and contacting us to remove stored tokens and settings; decommissioning the App deletes all stored data.

7. Children

The App is intended for the account owner and is not directed to anyone under 18 years of age.

8. Not medical advice

The App's recommendations are informational only and are not medical advice. Consult a qualified professional before making health or training decisions.

9. Changes to this policy

We may update this policy from time to time. Material changes will be reflected by updating the effective date above.

10. Contact

For privacy questions or data-deletion requests, contact: [email protected].