My Biometric Vault.
Your health data. Your vault. Your living consent.
MyVault.bio is the trust layer for personal health vaults. Your documents, labs and wearable data stay encrypted and locked in your vault — only consent-scoped, derived Context Bundles ever leave, and only to the people or systems you allow. The AI you choose sees a scoped Context Bundle, never your raw vault. Every access is role-based, time-bound, logged and revocable.
Raw stays locked. Context can travel.
Your raw documents — lab PDFs, scans, clinical letters, raw device exports — never leave the vault by default. They are encrypted, private, and reachable only by you.
What can travel is a Context Bundle: a derived, sanitized summary, scoped to a purpose, a role, a privacy level and a time window — and revocable the moment you change your mind.
Bring your wearable. Bring your documents. Bring your context.
MyVault.bio is wearable-agnostic by design. Whether your signals come from Apple Watch, Oura Ring, Withings, NOWATCH, Garmin, Polar, WHOOP, Fitbit, Suunto, Coros, coaching programs, blood panels, medical PDFs or your own voice notes — the vault is designed to help you bring that context together safely.
The goal is not to replace your devices. The goal is to make your health context understandable, permissioned and usable with the AI assistant you choose.
Health platforms
Wearables & recovery
Medical & lab context
- Manual uploads: PDFs, labs, imaging, annual panels
- Dexcom / Abbott Libre — future regulated medical-data category
- Health documents and clinician-prep dossiers
Human context
- Voice notes / check-ins
- Coach programs / B-One-style sheets
- Session goals and progression
Names shown indicate potential or planned source ecosystems where user-authorized access is available. They do not imply formal commercial partnerships unless explicitly announced. Connector availability depends on provider API access, export availability, approval flows, regional rules and user consent.
Connection priority, deduplication and provenance stay visible to you.
Founder-tested with real owner-consented data.
MyVault.bio is being validated first through a founder-led private vault: real owner-consented exports, documents and context from wearables, health apps, coaching and medical-document sources — including university-hospital, orthopedic-clinic and hospital-lab context. This is a private founder vault, not a public dataset.
This founder-led validation does not mean every connector is generally available today. It proves the architecture with real owner-consented exports, documents and Context Bundles while connectors arrive in waves. Raw medical documents remain private.
Your vault holds the context. The AI is a removable layer. You choose what is shared, with which assistant, for what purpose and for how long.
Four steps, one principle: you decide.
Connect your sources
Bring documents, lab results and wearable data — NOWATCH, Oura, Withings, Apple Health and more — into one private vault that you own.
Store raw data privately
Raw files are encrypted and locked in private storage. No public access, ever. They never leave the vault by default.
Generate a scoped Context Bundle
A derived, sanitized summary — scoped to a purpose, a role, a privacy level and a time window. Never the raw file.
Share by consent
Grant access to a person or system. Every access is logged, retention is explicit, and you can revoke at any time.
Bring everything you already use.
MyVault.bio is designed so you don’t switch devices — it is built for user-authorized connections to the ones you already use. Your vault is source-agnostic by design: many kinds of health signal, one permissioned home.
Wearables
NOWATCH, Oura, Withings, Apple Watch and more — designed to support user-authorized connections to the devices you already wear.
Health apps
Apple Health and the apps you already use to track your day, in one place.
Sleep & recovery
Sleep stages, HRV, readiness and recovery — read against your own baseline.
Body composition
Weight and body-composition trends from connected scales and devices.
Coaching programs
Training rhythm, program ladders and coach-recorded context.
Health documents
Lab results, scans, clinical letters and PXE documents — raw stays locked in the vault.
Check-ins & voice notes
Short subjective check-ins and voice notes, kept as tag-level context — never raw transcripts by default.
Some connectors arrive in waves. Connection priority, deduplication and provenance stay visible to you — you always see which source a value came from, and why it was chosen.
One ladder, from anonymized to raw-locked.
Each audience sees the right level of detail for its purpose — never more. The control is the level you choose, not the removal of context.
Anonymized, generalized signals. Public or research-style views; no individual identification.
Categorical, coach-safe summaries and attention flags. Never raw records.
Scoped personal context for your chosen AI assistant — one question or session at a time.
Consult-ready summaries for a clinician, released only with explicit higher-level consent.
Raw documents and full detail. Stays locked in the vault; released only with explicit, time-limited, logged consent.
MyVault.bio organizes and routes context. It is informational and preparatory only — not a medical device, and not a source of diagnosis or treatment.
Different people, different detail.
Every role sees a different slice, resolved from consent, purpose, retention and scope at the moment of access.
You. Full access to everything, including raw — under your control.
Coach-safe summaries and attention flags only (L2). Never medical records. Delivered through coach.myvault.center.
Doctor-prep summaries (L4). Raw detail only via an explicit, logged step-up grant.
Anonymized, aggregate trends only (L1). No individual identification.
A scoped Context Bundle only — never raw vault access. Every access explicit, logged and revocable.
Data rights are human rights.
Control is not a setting buried in a menu — it is the point. Sharing is always visible, the vault is closed by default, and you can change your mind in one tap.
Visible sharing
Every grant is visible: who can see what, for what purpose, for how long. Nothing is shared silently.
Protected by default
Your vault starts closed. Raw data stays private until you choose to share a scoped summary.
One-tap control
Change or revoke any grant in one tap. Retention windows are explicit and enforced.
Sensitive sharing — labs, medical documents, AI medical context — should require step-up confirmation such as Face ID, a passcode or a device confirmation before any scoped summary is released. This is the design principle MyVault.bio is built toward.
Security that defaults to no.
MyVault.bio is built so the safe path is the default path. External systems never touch the vault — they receive a scoped Context Bundle, or nothing.
Security controls shown here describe the production architecture direction and control set MyVault.bio is being built toward, not a claim of independently validated, completed production controls.
Encrypted everywhere
Designed for encrypted storage and transport — at rest and in transit, including service-to-service.
Default-deny access
Role-based for people, attribute-based for data. Detail level, grant and class are resolved per request.
Raw files locked
Raw objects live in private storage, designed with no public raw-vault access.
Short-lived signed access
Production raw-object access is designed around short-lived, server-issued signed URLs — single-object, time-bounded and logged.
Append-only audit log
The audit architecture is designed to be append-only: every grant, access and revoke recorded in a separate, stricter store.
Provenance & revoke
See what was shared, with whom and why. Revoke any grant; retention windows are explicit.
No ghost AI
Every AI access is explicit, scoped and logged. Each answer shows Data Used / Data Not Used.
Designed for AI choice.
The vault holds your data; the assistant is a layer on top that you choose — and can remove. The intelligence serves the vault, never the other way around.
The vault holds the data
Your data lives in your vault, not inside an AI provider. The assistant only ever sees a scoped Context Bundle.
The AI is a removable layer
Swap or remove the assistant without touching your vault. Intelligence is a layer, not the foundation.
Scope-aware & revocable
Every AI access is scope-aware, time-limited and revocable, with a visible Data Used / Data Not Used trail.
Assistant choice — including options such as Claude, OpenAI and Mistral — is an architectural direction. Provider integrations are part of our roadmap and private pilots; this is not a claim that every provider is live today.
Coach view.
Coaches see what they need. You see what they see.
A coach receives a consent-scoped, coach-safe bundle — never your raw medical records. Whatever they receive, you can see too, with the same scope and the same expiry on both sides.
Sixty-second session prep
Coaches open a session-ready, coach-safe summary — goals, recovery, training rhythm — in about a minute.
You see what they see
A subject-side mirror shows you exactly the bundle your coach receives. No hidden views.
Scope & expiry, both sides
The bundle's scope and expiry are visible to coach and user alike — and you can revoke at any time.
Coach view is delivered through coach.myvault.center and is currently in private pilot with selected coaching partners.
Designed to keep your health data in Europe.
MyVault.bio’s architecture is EU-first. Production deployment is intended to keep health-data storage and processing pinned to EU regions, with intended hosting on Scaleway, a European cloud provider — chosen for data sovereignty, not as an afterthought.
EU-region hosting and Scaleway deployment describe our intended production architecture direction. Final hosting, subprocessors and legal configuration are confirmed as the platform moves from prototype to production; EU-region pinning is subject to that configuration.
- EU-region storage and processing
- Scaleway — intended European cloud provider
- Designed against health-data replication outside the EU
- No public buckets, no public health endpoints
- Server-side keys only — never in the browser
Built toward the standards that matter — honestly stated.
MyVault.bio’s architecture is designed around GDPR principles and the control families behind ISO/IEC 27001 (information security management) and ISO/IEC 27701 (privacy information management).
One vault. Many trusted audiences.
Individuals
Hold your whole health picture in one private vault, and decide exactly what each audience sees.
Coaches & PT studios
Receive coach-safe context for better sessions — never medical records. Through coach.myvault.center.
Clinicians
Get consult-ready, doctor-prep summaries with explicit consent, so a visit starts informed.
Researchers
Work with anonymized, aggregate trends — never individual raw data.
AI assistants
Answer from a scoped Context Bundle, with a visible Data Used / Data Not Used trail.
The trust is in the architecture.
MyVault.bio turns scattered health data into permissioned, traceable context — without ever giving up the raw.
Provenance graph
Every value traces back to its source document or device.
Source priority
The best source is chosen per signal — the intelligence is in the routing.
Context Bundles
Scoped, sanitized, purpose-bound summaries — never the raw file.
Consent engine
Role, purpose, privacy level, retention and scope, resolved per request.
Privacy levels (L1–L5)
A clear ladder from anonymized aggregate to raw, locked detail.
Audit trail
Append-only record of every grant, access and revoke.
Data Used / Data Not Used
Transparency on exactly what informed an answer — and what did not.
Start with trust. Build from consent.
Open your personal vault, or talk to us about bringing consent-scoped context to your coaching practice or clinic.