Privacy Policy
Yearbeat turns your wearable recovery, sleep, and strain data into a shareable yearly recap. This explains what we access and, just as importantly, what we don't.
The short version: Yearbeat does not store your health data. When you connect your WHOOP account, we read your data, build your recap in real time, and discard it. There is no database of your biometrics.
What we access
With your permission, Yearbeat uses WHOOP's API (read-only) to access your recovery, sleep, workout, and cycle data, plus basic profile info. We only request read access — Yearbeat can never change anything in your WHOOP account.
How we use it
Your data is used for one thing: generating your recap during your session. The calculations happen on the fly and the results are shown to you. We don't use your data for advertising, profiling, or training models.
What we don't do
We don't store your health data on our servers. We don't sell, rent, or share it. We don't build a profile of you.
Cookies
We use a single secure, session-only cookie to hold your WHOOP access token while you use Yearbeat. It's removed when your session ends. No tracking or advertising cookies.
Third parties
Yearbeat is hosted on Vercel. If you support us via “Buy me a coffee,” that's handled by Ko-fi under their own policy — we never see your payment details. Sharing your recap uses your own device's share tools.
Your control
You can disconnect Yearbeat anytime from your WHOOP account's connected-apps settings. Because we don't store your health data, there's nothing for us to delete afterward.
Age
Yearbeat is intended for users who meet WHOOP's minimum age requirement and is not directed at children.
Affiliation
Yearbeat is an independent project, not affiliated with, endorsed by, or sponsored by WHOOP.
Changes
We may update this policy; the “last updated” date will change accordingly.