Privacy Policy

COMPREHENSIVE DATA COLLECTION DISCLOSURE

Personal Information

• Name, email address, phone number, and contact information
• Account credentials, login history, and authentication data
• Profile information including age, gender, nationality, and preferences
• Physical statistics (height, weight, BMI calculations)
• Payment information and billing details (processed by third-party providers)
• Device identifiers, IP addresses, and location data

Health & Wellness Data

• Detailed meal logs, food preferences, and nutritional intake
• Exercise routines, activity levels, and fitness goals
• Sleep patterns, stress levels, and wellness metrics
• Allergy information, dietary restrictions, and health conditions
• Health report uploads and medical document analysis
• Progress tracking data and goal achievement metrics
• AI-generated insights and personalized recommendations

Technical & Usage Data

• App usage patterns, feature interactions, and session data
• Device information (model, OS version, screen size)
• Crash reports, error logs, and performance metrics
• Browser fingerprints and unique device identifiers
• Geolocation data (when location services are enabled)
• Cookies, local storage, and cached data
• Analytics data for service improvement and research

Third-Party Data Sources

• Payment processors (Stripe, PayPal) for billing information
• Analytics providers (Google Analytics, Mixpanel) for usage tracking
• Cloud storage providers (AWS, Firebase) for data hosting
• AI service providers for content analysis and recommendations
• Social media platforms (if you connect external accounts)
• Health device integrations (wearables, fitness trackers)

DATA USAGE & SHARING PRACTICES

Primary Uses

• Provide personalized health and nutrition recommendations
• Track your progress toward health goals and generate insights
• Send notifications, reminders, and wellness tips
• Improve our AI algorithms and service functionality
• Provide customer support and technical assistance
• Ensure platform security and prevent fraud
• Process payments and manage subscriptions
• Comply with legal obligations and regulatory requirements

Data Sharing & Disclosure

• Service Providers: We share data with third-party vendors who help operate our service
• Business Partners: Aggregated, anonymized data may be shared for research and improvement
• Legal Requirements: We may disclose data if required by law or to protect rights
• Business Transfers: Data may be transferred in mergers, acquisitions, or asset sales
• International Transfers: Your data may be processed in countries outside your residence
• AI Training: Anonymized data patterns may be used to train machine learning models

Data We Do NOT Share

We do not sell your personal information to third parties for marketing purposes. However, we may share aggregated, anonymized data that cannot be used to identify you.

Location Data & Services

We collect and process your precise geolocation data exclusively to power the 'Nearby Healthy Restaurants' feature. This data is used in real-time to identify dining options near you and is not stored on our servers after your search session is complete. You can enable or disable location permissions at any time through your device settings.

Third-Party Health Integrations

Glandor offers integration with Apple Health (HealthKit) and Google Fit. If you grant permission, we sync data such as steps, sleep duration, and heart rate to provide a holistic view of your wellness. We do not write data to these services without your consent, and we never share your synced health data with third-party advertisers or data brokers.

AI Data Processing (Pulse AI)

Our Pulse AI and AI Food Analysis features utilize advanced models (including Google Gemini and Microsoft Azure). When you submit food photos or chat queries, data is processed anonymously to provide insights. We do not use your personal health data to train these third-party models, and all AI processing is conducted over secure, encrypted channels.

DATA PROTECTION & SECURITY LIMITATIONS

Security Measures

• Industry-standard encryption for data transmission
• Secure cloud storage with access controls
• Regular security audits and vulnerability assessments
• Multi-factor authentication options available
• Employee access restrictions and training

Important Security Limitations

• NO GUARANTEES: Despite our efforts, no system is 100% secure
• THIRD-PARTY RISKS: Data shared with service providers may be subject to their security practices
• INTERNATIONAL TRANSFERS: Data may be stored in countries with varying privacy laws
• USER RESPONSIBILITY: You are responsible for maintaining your account security
• BREACH LIABILITY: We are not liable for damages from data breaches beyond our control

Data Retention

We retain your personal information only as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. You can request data deletion, but some data may be retained for legal compliance purposes.

Data Deletion

Upon account deletion, we will remove your personal data within 30 days, except for data we must retain for legal, regulatory, or legitimate business purposes. Deleted data may persist in backups for up to 90 days.

YOUR RIGHTS & LIMITATIONS

Your Rights (Subject to Limitations)

• Access: Request a copy of your personal data (subject to legal restrictions)
• Correction: Update or correct inaccurate information when possible
• Deletion: Request deletion of your personal data (some data may be retained for legal reasons)
• Portability: Export your data in a common format when technically feasible
• Opt-out: Disable certain data collection features (may limit service functionality)
• Communication: Unsubscribe from marketing emails and notifications

Important Limitations

• Rights may be limited by applicable laws and our technical capabilities
• Some data cannot be deleted due to legal retention requirements
• Exercising certain rights may result in reduced service functionality
• Data portability may not include all data types or third-party data
• Response times for requests may vary based on complexity
• We may require verification of your identity before processing requests

How to Exercise Your Rights

To exercise any of these rights, please contact us using the information provided below. We will respond to your request within 30 days, though complex requests may take longer.

International Data Transfers

Your personal information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that are different from the laws of your country. By using our services, you consent to the transfer, storage, and processing of your information in these countries.

GOVERNING LAW & DISPUTE RESOLUTION

Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to its conflict of law provisions.

Dispute Resolution

Any disputes arising out of or relating to this Privacy Policy or our data practices shall be resolved through binding arbitration administered by the American Arbitration Association.

• You waive your right to participate in class action lawsuits
• You waive your right to a jury trial
• Arbitration shall be conducted in Delaware, United States
• The arbitrator's decision shall be final and binding

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.