Where your data lives
Most health apps store your data on their servers and promise to protect it. Glipath is built the other way around: your health data never arrives at our servers in the first place. Here's the actual architecture, in plain language.
Your iPhone is the database
Every dose, weight entry, food log, food-noise rating, side effect, lab result and cost you record is written to a database file that lives inside the app on your iPhone — the same kind of on-device storage your Notes and Health apps use. Charts, streaks and the estimated medication-level curve are all computed on the device from that local data. Airplane mode changes nothing: the app works fully offline because there is nothing to fetch.
What our servers actually do
Three narrow jobs, none of which involve storing your health records:
- Food photo scanning (optional): a photo you choose to scan is analyzed to identify foods, then discarded. The result lands in your on-device log, not in a server database.
- Identity & purchases: an anonymous ID (no email or password required) and subscription receipt checks through Apple.
- Educational content: the reviewed, cited articles in the app are hosted server-side — they flow one way, to you.
The consequence is worth spelling out: a breach of our servers could not leak your health history, because it isn't there.
The AI assistant runs on the phone too
The in-app assistant answers using Apple's on-device foundation models — your questions about your own data are processed by the chip in your hand, not a cloud API. If you explicitly turn on Smarter answers, harder questions go to Apple's Private Cloud Compute: Apple-attested servers that process the request without storing it, with no third-party AI company involved. That switch is off until you flip it, and reversible anytime.
Sync and backup, on your terms
Optional iCloud sync copies your data between your own devices through your personal iCloud account (Apple's CloudKit) — encrypted in your private database, unreadable by us. Export is built in: JSON, CSV or a PDF report, generated on-device, yours to keep or hand to your provider.
The honest trade-offs
Local-first isn't free. Lose your phone without iCloud sync or an export, and the data is gone — we cannot recover what we never had. There's no web dashboard to log into from a laptop. We think those are the right trade-offs for health data this personal; you should know them before trusting any app that makes privacy claims.
Check it yourself
You don't have to take our word: the app works in airplane mode, iOS's App Privacy Report shows you exactly which domains the app talks to, and ourprivacy policy matches this page one for one.