Privacy Policy

Effective Date: July 3, 2025  ·  Last Updated: July 3, 2025

Important Notice:GlowLoop is a personal wellness self-tracking tool. It is not a medical device and does not provide medical advice, diagnosis, or treatment. The AI-generated insights are for general informational purposes only. Always consult a qualified healthcare professional for medical decisions.

1. Who We Are

GlowLoop ("we," "our," or "us") operates the GlowLoop mobile application (available on Android and iOS) and related services. This Privacy Policy explains how we collect, use, store, and share information when you use GlowLoop.

For privacy inquiries, contact us at: support@iglowloop.com

2. What Data We Collect

2.1 Account Information

  • Email address — collected when you create an account via email OTP, Google Sign-In, or Apple Sign-In. Apple Sign-In may provide a relay (anonymised) email address.
  • Anonymous session ID — if you use the app without signing in, we assign a temporary anonymous identifier so your local data can be saved. This ID is not linked to your identity.

We do not collect your name, phone number, address, or any government-issued ID.

2.2 Wellness Data You Enter

  • Food/meal photos — photos you take or select from your gallery are sent to our AI analysis server as encrypted data in transit. Photos are processed in memory for AI analysis and are not permanently stored on our servers after analysis completes.
  • Self-reported wellness scores — subjective ratings you log for energy, skin clarity, bloating, and sleep quality (scale values only, not free-text descriptions).
  • Daily check-in data — check-in date, wellness dimension scores, sleep status, and optional context tags (e.g., "caffeinated," "stressed").
  • Next-day feedback — whether you felt better or worse than expected (a boolean flag and outcome category), submitted voluntarily the following day.
  • AI coaching experiments — structured wellness experiments you create and log (e.g., tracking a specific dietary change for 7 days).

2.3 Usage and Analytics Data

  • In-app event data — we record events such as "scan completed," "report viewed," "subscription purchased," and similar actions. Event payloads are filtered to exclude sensitive fields (email, photo data, raw scores, URLs, and personal notes) before transmission.
  • Anonymous identifiers — a user ID or anonymous device identifier is associated with analytics events to count unique users and sessions.

We do not collect precise GPS location, contacts, browsing history outside the app, or data from other apps on your device.

2.4 Push Notification Tokens

If you enable journey reminders, your device's push notification token is stored to deliver scheduled wellness reminders. You can disable reminders at any time in app settings or your device notification settings.

2.5 Share Links

When you create a shareable wellness card (e.g., a 7-day milestone card or challenge invite), we generate a public link. Share cards display only aggregate wellness reflections — they never include your email address, raw numerical scores, personal notes, or photos. You can revoke any share link at any time in the app.

3. How We Use Your Data

  • Provide the service — to run the app, perform AI wellness analysis, sync your data across devices, and display your wellness history.
  • AI analysis — your food photos are transmitted to our AI provider (DeepSeek) via our secure server-side edge function. The AI returns a wellness impact assessment. Photos are not retained after this process.
  • Cloud backup — if you create an account, your wellness logs are stored in our Supabase database so you can restore them on a new device.
  • Reminders — to send opt-in push notifications for your wellness check-in routine.
  • Product improvement — aggregated, anonymised analytics help us understand which features are most useful and identify errors.
  • Subscription management — to verify your subscription status and unlock premium features.
  • Legal compliance — to comply with applicable laws and respond to lawful requests.

We do not use your health or wellness data for advertising, sell your data to third parties, or share your individual wellness records with other users.

4. Third-Party Services

GlowLoop uses the following third-party service providers. Each operates under its own privacy policy:

ServicePurposeData Shared
SupabaseDatabase, authentication, server-side functionsEmail, wellness logs, analytics events
PostHogProduct analyticsAnonymous user ID, filtered event names and properties
RevenueCatSubscription and in-app purchase managementAnonymous app user ID, purchase transaction data
Google (Gemini)AI analysis of food photos via server functions; OAuth authenticationPhoto image data (processed in real time, not retained); OAuth token, email
AppleApple Sign-In authenticationOAuth token, relay email
App StoresApp distribution and payment processingPurchase receipts

5. Data Retention

  • Account data — retained until you delete your account. Upon deletion, your scans, check-ins, feedback, profile, and subscription records are permanently removed from our database.
  • Food photos — processed in real time and not retained on our servers. They exist only in transit during analysis.
  • Analytics events — retained in aggregated form for up to 24 months to support product improvement analysis.
  • Anonymous sessions — local data on an anonymous session is deleted when you clear app data or uninstall the app. Anonymous sessions that remain inactive may be purged from our servers after 90 days.

6. Your Rights and Controls

You have the following controls directly within the GlowLoop app:

  • Delete your account — permanently removes your account and all associated wellness data from our servers. Available in Settings → Advanced → Delete Account.
  • Export your data — download all your wellness records in JSON, CSV, or Markdown format. Available in Settings → Export Data.
  • Revoke share links — deactivate any public share link you have generated. Available in Settings → Share Privacy.
  • Disable reminders — turn off push notifications in app settings or your device notification settings.

Depending on your location, you may also have rights under applicable law (such as GDPR or CCPA) to access, correct, or request deletion of your personal data. To exercise these rights, contact us at support@iglowloop.com.

7. Children's Privacy

GlowLoop is not intended for children under the age of 13 (or 16 in the European Union). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

8. Wellness Data and Health Disclaimer

The wellness scores, food analysis results, and AI insights provided by GlowLoop are based on your self-reported data and AI pattern recognition. They are not medical diagnoses, clinical assessments, or healthcare recommendations. GlowLoop does not integrate with Apple Health, Google Fit, or any electronic health record system.

We treat your wellness data with heightened care. We do not sell it, share it with advertisers, or use it to make automated decisions that have legal or similarly significant effects on you.

9. Security

We use industry-standard measures to protect your data, including TLS encryption in transit, access controls on our database, and row-level security policies so your records are only accessible by your authenticated account. However, no system is completely secure. We encourage you to use a strong, unique email password and to keep your device secure.

10. International Data Transfers

Our infrastructure providers (Supabase, PostHog, RevenueCat) are primarily based in the United States. If you are located outside the United States, your data may be transferred to and processed in the United States. By using GlowLoop, you consent to this transfer. We take steps to ensure your data receives adequate protection regardless of where it is processed.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last Updated" date at the top of this page and, where appropriate, notify you within the app. Your continued use of GlowLoop after such changes constitutes your acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

GlowLoop SupportEmail: support@iglowloop.com