BodySynkOpen app
Privacy by design

Trust Center

How we protect your data — by design, not by promise.

Core Principle

At BodySynk, privacy is not a setting. It is the foundation of how the system is built.

We prioritize privacy over convenience. Always.

Never sold
Never shared
Never sent to AI in raw form

The problem

Most AI-powered health apps send your raw data directly to AI systems. That means your name, date of birth, and medical data may leave the platform.

We believe that's not acceptable.

Our Solution

Atomic Privacy Scrub

Before anything is analyzed, your data is automatically anonymized.
Nothing bypasses this system.

How it works

Six layers — every upload, every request, every time.

  1. Step 01

    Secure Upload

    Files travel over encrypted channels and are stored in your private, isolated workspace.

  2. Step 02

    Text Extraction (local only)

    Text is extracted within our trusted environment — never via external AI providers.

  3. Step 03

    Personal Data Detection

    Pattern-based and deterministic redaction locates names, IDs, dates, addresses, and other identifiers — no external AI is ever used to detect personal data.

  4. Step 04

    Automatic Redaction

    Detected identifiers are replaced with neutral tokens like [NAME] or [ID] before anything leaves the boundary.

  5. Step 05

    Double Verification

    A second pass re-scans the sanitized text. If anything personal remains, the request is blocked.

  6. Step 06

    AI Analysis (single enforced chokepoint)

    Every AI call in the system flows through one enforced gateway that requires a fresh proof of redaction. There are no bypass paths — the build itself fails if any code tries to call AI directly.

What we do not do

  • We do NOT send raw files to AI
  • We do NOT use external AI for OCR
  • We do NOT use AI to detect or redact personal data
  • We do NOT store personal data in logs
  • We do NOT allow any bypass of the privacy pipeline
  • We do NOT rely on “best effort” privacy

Scanned document policy

We currently do not support scanned PDFs or image uploads.

Why? Because most OCR solutions require sending your file to external AI systems.

We will only support these formats once fully private processing is available.

Fail-safe design

If the system cannot guarantee privacy, processing is blocked.

We never “try anyway”.

No trust required

Most platforms ask you to trust them.

We designed BodySynk so that trust is not required — privacy is enforced at the system level.

Minimal data use

We only process what is necessary.

Only anonymized data is used for analysis.

Your data is anonymized before it is ever analyzed — and your identity never leaves your control.

Open the appRead our Privacy Policy