Back to Home

Your data security is our priority

Bank-level encryption, minimal data retention, and full transparency about how we protect your information.

Encryption Everywhere

All data is encrypted both in transit and at rest:

  • In Transit: TLS 1.3 encryption for all connections
  • At Rest: AES-256 encryption for all stored data
  • Database: Encrypted at the storage layer

Minimal Data Retention

We follow the principle of data minimization:

  • Raw WHOOP Data: Processed and immediately discarded. Never stored.
  • Model Outputs: Only aggregated insights are retained.
  • No Third-Party Sharing: Your data is never sold or shared for advertising.

Access Controls

Strict controls limit who can access your data:

  • Role-based access control (RBAC)
  • Multi-factor authentication for all internal systems
  • Regular access reviews and audits
  • Principle of least privilege

Infrastructure Security

Our infrastructure is built on industry-leading security:

  • Hosted on SOC 2 Type II compliant infrastructure
  • Regular security patches and updates
  • DDoS protection
  • Web Application Firewall (WAF)
  • Intrusion detection and prevention

Secure Development Practices

Security is built into our development process:

  • Secure coding guidelines
  • Code reviews with security focus
  • Dependency vulnerability scanning
  • Regular penetration testing

Data Flow Overview

1

You export data from WHOOP app (CSV file on your device)

2

You upload CSV to our platform (encrypted in transit)

3

Our servers process the data and train your personal model

4

Raw data is immediately discarded after processing

5

Only model outputs (predictions, thresholds) are stored (encrypted)

6

You access insights via encrypted connection

Your Controls

You have full control over your data:

  • View: See all stored data in Account Settings
  • Export: Download your data at any time
  • Delete: Permanently delete all data with one click

Reporting Security Issues

If you discover a security vulnerability, please report it responsibly:

Email: contact@data-insights.cloud

We appreciate responsible disclosure and will acknowledge your report within 48 hours.

Questions?

Contact our security team at contact@data-insights.cloud