Privacy Policy

Last updated: 2026-06-01

What We Collect

When you connect your Oura Ring, we store:

• Your Oura account email address
• Encrypted OAuth tokens for accessing the Oura API on your behalf
• A unique API key for your MCP/GPT connection

We do not store your Oura health data. All data is fetched in real-time from the Oura API when requested by your AI assistant and returned directly to it.

How We Use Your Data

Your encrypted OAuth tokens are used solely to authenticate requests to the Oura API when your AI assistant (Claude or ChatGPT) requests your data. We act as a secure bridge between your Oura account and your AI assistant.

Data Security

• OAuth tokens are encrypted at rest using AES-256-GCM
• All connections use HTTPS/TLS
• We never store your Oura account password
• API keys can be regenerated at any time

Third Parties

Your data is shared with:

• Oura Health Oy - via their API, to fetch your ring data
• Stripe - for payment processing
• Your AI assistant (Claude/ChatGPT) - when you actively request your data

We do not sell, rent, or share your data with any other parties.

Data Deletion

You can delete your account and all stored data at any time from your dashboard. You can also revoke Oura Connect's access from your Oura account settings.

Contact

For privacy questions, contact us at privacy@ouraconnect.ai