Privacy Policy for Shot
Effective date: July 5, 2026
1. Who we are
Shot ("the app", "we", "us", "our") is an iOS application designed to help people who take GLP-1 medications keep track of their own doses, weight, protein intake, side effects, and daily notes.
Shot is built and maintained by Jakub Zitko, an independent solo developer. Shot is not operated by a company and does not maintain a physical office.
If you have any questions about this policy or how your data is handled, please contact us at jakub.zitko@icloud.com.
2. The short version
Shot was built with a simple privacy principle: your data stays on your device.
- No account is required to use Shot.
- No servers store your health information.
- No analytics or tracking SDKs are integrated.
- No third parties receive your data.
- No advertising identifiers are collected.
The rest of this policy explains that in more detail so you can verify it for yourself.
3. What data Shot processes
3.1 Data you enter into the app
When you use Shot, you may choose to enter the following types of information:
- Shot / injection logs (date, time, medication name, dose, site)
- Weight entries
- Food and protein entries
- Side effects and severity
- Day notes and mood
- Dose schedules and reminders
- A personal profile (for example, display name, unit preferences, starting weight, goal weight)
All of this information is stored in a local SwiftData database on your device. It is never uploaded to a server operated by us. It is not synchronized to iCloud by Shot (Shot does not currently integrate CloudKit sync).
3.2 Apple HealthKit
If you grant Shot permission to use Apple HealthKit, Shot will interact with the following HealthKit data types on your device:
Read (with your permission):
- Body mass (weight)
- Dietary protein
- Lean body mass
- Step count
Write (with your permission):
- Dietary protein
- Body mass (weight logs)
HealthKit data lives inside Apple's secure HealthKit store on your device. Shot reads it only to display it inside the app and writes to it only when you log a matching entry (for example, adding a weight in Shot can also write to HealthKit if you have enabled that).
Shot never transmits HealthKit data off of your device. In line with Apple's HealthKit terms, Shot does not use HealthKit data for advertising, marketing, or data mining, and does not disclose HealthKit data to any third party.
You may revoke HealthKit permissions at any time via the iOS Settings app under Privacy & Security > Health > Shot.
3.3 Local notifications
Shot can schedule local notifications on your device to remind you about upcoming shots or protein goals. These notifications are generated entirely on your device using Apple's UNUserNotificationCenter API. No push notification server is involved and no notification content is transmitted off your device.
3.4 In-app purchases (StoreKit 2)
Shot offers optional premium features via in-app purchase. All billing is handled directly by Apple through StoreKit 2. Shot receives an entitlement receipt on your device to know whether your subscription is active, but does not receive your name, email, billing address, or payment method. Refunds and subscription management are handled through your Apple ID.
3.5 App Groups (widget support)
Shot uses an App Group container (group.com.shothealth.shot) to share a small snapshot of your most recent shot with the Shot Home Screen widget on the same device. This data never leaves your device.
3.6 What Shot does NOT collect
To be explicit, Shot does not:
- Create user accounts
- Collect your name, email, phone number, or address (except your email if you email us for support)
- Track you across apps or websites
- Use advertising identifiers (IDFA)
- Integrate any analytics SDK (no Firebase, no Amplitude, no Mixpanel, no Sentry, no crash-reporting SDK)
- Sell or share your data with data brokers
- Fingerprint your device
If Apple's own operating system offers to send anonymized crash reports to developers and you have opted in system-wide, Apple may share aggregated crash traces with us via App Store Connect. These reports do not contain your health data.
4. How we use the data
Shot uses the data on your device only to power the features you have activated:
- Log entries you create are used to display your history, generate charts, calculate streaks and averages, and (if you enable them) trigger reminders.
- HealthKit data is used only to display and update your health metrics inside the app.
- StoreKit receipts are used only to unlock premium features on your device.
We do not use your data for advertising, profiling, or model training.
5. Storage and retention
Because your data lives on your device, you control retention.
- Your data persists as long as Shot is installed on your device.
- You can delete an individual entry from within the app at any time.
- You can wipe all app data using the "Erase all data" option in Settings inside Shot.
- Uninstalling Shot removes the SwiftData database, the App Group container, and all scheduled local notifications.
- HealthKit data belongs to Apple's HealthKit store, not to Shot. Removing Shot does not delete HealthKit data; you can manage that separately in the Health app.
6. Third parties
The only third party involved in operating Shot is Apple. Apple is responsible for:
- Distributing Shot through the App Store
- Processing in-app purchases and refunds
- Hosting the HealthKit framework on your device
- Delivering local notifications through iOS
Apple's handling of your information is governed by Apple's own privacy policy, which is available at apple.com/legal/privacy.
Shot does not integrate any other third-party service.
7. Your rights
Depending on where you live, you may have rights under laws like the GDPR (EU/UK), the CCPA/CPRA (California), or similar frameworks. Because Shot does not store your data on a server, most of these rights are exercised directly by you on your device:
- Right to access: All of your Shot data is visible inside the app. You can also inspect HealthKit contributions in the Health app.
- Right to delete: Use "Erase all data" in Settings, or uninstall Shot to remove everything.
- Right to correct: Every entry in Shot can be edited or deleted.
- Right to portability: Where available, Shot's Pro export produces a local file (for example, PDF or CSV) that you own and can share.
- Right to object / opt out of "sale" of personal information: Shot does not sell personal information and has no mechanism to do so.
If you would like additional help exercising any right, please email jakub.zitko@icloud.com.
8. Children
Shot is intended for adults who have been prescribed a GLP-1 medication by a licensed healthcare provider. Shot is not directed at children under 13. Shot is available on the App Store to users aged 12 and older when downloaded through a parent or guardian's App Store account with their supervision. If you believe a child under 13 has provided personal information via Shot, please contact jakub.zitko@icloud.com and we will help you erase that data.
9. Security
We rely on the security features built into iOS: sandboxing, keychain, HealthKit encryption at rest, and (when you enable it) device-level passcode / Face ID / Touch ID. Because no data leaves your device, there is no server for us to breach.
We recommend that you protect your device with a passcode and keep iOS up to date.
10. International users
Shot is available worldwide on the App Store. Because data is stored on your device, no cross-border transfer of personal data takes place through Shot itself. Any transfer that occurs is between you, Apple, and the country in which you use your device, and is governed by Apple's privacy policy.
11. Changes to this policy
We may update this Privacy Policy from time to time, for example to reflect new iOS capabilities or new features in Shot. When we do, we will:
- Update the effective date at the top of this document
- Publish the new version at the Privacy Policy URL linked from inside Shot and on the App Store listing
- For significant changes, present an in-app notice the next time you open Shot
Continued use of Shot after an update means you accept the revised policy. If you disagree, you can uninstall Shot at any time.
12. Contact
For any question, concern, or request related to your privacy, please contact:
Jakub Zitko Email: jakub.zitko@icloud.com
We will do our best to respond within a reasonable time.