Cold Mastery

Legal · App

App Privacy

This summary describes how the Cold Mastery app handles your data. It complements the full Privacy Policy, which applies equally to the website and the app.

This is a courtesy English translation. In case of any discrepancy, the German version prevails.

Controller

Fabian Weiß, Kolonnenstr. 8, 10827 Berlin, Germany
Email: privacy@coldmastery.com

What data the app processes — and how

  • Health data (Apple Health / HealthKit): heart rate and resting heart rate (read access) and your cold session saved as a workout (write access). Access takes place exclusively after your explicit consent via the HealthKit system dialog. Purpose: live display and evaluation of your cold response during a session, and saving the session as a workout.
  • Session data: date, duration, temperature, program progress and streak. Purpose: tracking, history and gamification of your cold exposure.
  • Evaluations derived from heart rate (e.g. average and peak values). Purpose: trend display in the app.

The app contains no advertising, no tracking and no third-party analytics SDKs. There is no user account and no server of ours that collects app content.

Where your data resides — and who it is shared with

  • Locally on your device: health data and all evaluations derived from it are processed and stored exclusively locally. We never transmit them to our own servers or to third parties.
  • Your private iCloud (Apple CloudKit): session metadata withouthealth data (date, duration, temperature) may be synchronised between your devices via your personal iCloud account. This data resides in your account; we have no access to it. Apple’s privacy provisions apply in addition.
  • Apple App Store:the app is obtained via the App Store; as the platform provider, Apple processes the related data (e.g. download, purchase). Apple’s privacy provisions apply to this.

Your data is not shared with third parties for their own purposes. Insofar as Apple is involved as a platform or cloud provider, Apple ensures a level of protection that corresponds to the state of the art.

Legal basis

The processing of health data (a special category under Art. 9 GDPR) is carried out on the basis of your explicit consent (Art. 9 (2) (a) in conjunction with Art. 6 (1) (a) GDPR). The remaining processing for providing the app’s functions is based on the performance of a contract (Art. 6 (1) (b) GDPR) or our legitimate interest (Art. 6 (1) (f) GDPR).

Storage and deletion

  • Delete app data: you can delete individual sessions in the app. If you uninstall the app, the locally stored data is removed from the device.
  • Delete iCloud data: session metadata stored in iCloud can be removed via the iOS settings of your iCloud account.
  • HealthKit data: remains in Apple Health and is managed there by you.

Withdrawing consent

You can withdraw HealthKit access at any time with effect for the future: iOS Settings → Privacy & Security → Health, or directly in the Health app. The app continues to work afterwards, just without heart-rate features.

Your rights & contact

You have the rights of access, rectification, erasure, restriction, data portability and objection (Art. 15–21 GDPR), as well as the right to lodge a complaint with a supervisory authority (Art. 77 GDPR). For requests or deletion, an informal message to privacy@coldmastery.com is sufficient.

Full Privacy Policy · Legal Notice · Contact

Last updated: 10 June 2026