Privacy Policy

Last updated: March 2026

1. Who We Are

GlucoseIQ is operated by Asa Silver, based in the United States. In this policy, “we,” “us,” and “GlucoseIQ” refer to that operator. “You” refers to anyone who creates an account or uses the app.

This policy explains what personal information we collect, why we collect it, how we use it, and what rights you have over it. We wrote it in plain English because you deserve to understand it.

2. Information We Collect

2.1 Account Information

  • Email address
  • Full name
  • Password (stored as an irreversible hash — we never see your actual password)

2.2 Profile Information (Optional)

During onboarding or in Settings you may choose to provide:

  • Date of birth
  • Height and weight
  • Diabetes type (Type 1, Type 2, Prediabetes, Gestational, Other, or Prefer Not to Say)
  • Insight goals (e.g., “Reduce spikes,” “Understand meal response”)

All profile fields are optional. You can leave them blank or clear them at any time.

2.3 Health & Wellness Data

You may log any of the following:

  • Glucose readings — value in mg/dL, reading type, timestamp, and optional notes
  • CGM imports — glucose readings imported from CSV files exported by your continuous glucose monitor
  • Meal logs — meal name, macros, ingredients, serving info, and optional notes
  • Meal photos — photos you choose to scan for nutritional estimation (see Section 5)
  • Exercise, sleep, step, and insulin logs
  • Health notes — free-text notes with a title

All health data is entered or imported by you. We do not collect health information from any source without your action.

2.4 Generated Data

Our analytics engine computes insights from the data you log — averages, trends, patterns, correlations, and an estimated A1c. These insights are derived entirely from your own data using deterministic algorithms (not AI-generated speculation). The estimated A1c is a mathematical estimate, not a lab test.

2.5 What We Do Not Collect

  • We do not use third-party analytics or tracking SDKs
  • We do not collect device identifiers or advertising IDs
  • We do not collect your location
  • We do not use cookies for tracking (only standard authentication session cookies)
  • We do not collect usage analytics or behavioral data

3. How We Use Your Information

  • Provide the service: Store your logs, display your data, and generate insights based on your entries
  • Personalize insights: Tailor observations to your glucose targets, goals, and logged activity
  • Account management: Authenticate you, manage your session, and process account changes
  • Meal photo analysis: When you use the photo scan feature, send your meal photo to a third-party recognition service to estimate nutritional content (see Section 5)

We Do Not:

  • Sell your data to anyone
  • Use your health data for advertising or marketing
  • Share your data with data brokers
  • Use your data to train AI or machine learning models
  • Mine your data for purposes unrelated to providing GlucoseIQ to you

4. How We Store and Protect Your Data

  • Your data is stored in a Supabase (PostgreSQL) database with row-level security — each user can only access their own records
  • All data is transmitted over HTTPS (TLS encryption in transit)
  • Passwords are hashed and never stored in plaintext
  • Meal photos are stored in private cloud storage with time-limited signed URLs
  • Content Security Policy headers restrict which external services the app can connect to
  • API endpoints are rate-limited to prevent abuse

5. Third-Party Services

We use a small number of third-party services to operate GlucoseIQ:

5.1 Supabase (Database & Authentication)

All account and health data is stored in Supabase. Supabase processes your data solely to provide database and authentication services to us.

5.2 Meal Photo Recognition (Optional Feature)

When you use the meal photo scan feature, your photo is sent to a third-party service to estimate nutritional content. Only the meal photo you choose to scan is sent. No other personal or health data is included.

5.3 No Other Third Parties

We do not use analytics platforms, advertising networks, tracking pixels, or data brokers. We do not embed any third-party scripts that collect your information.

6. Data Retention

  • Account data: Retained until you delete your account
  • Health logs and photos: Retained until you delete individual entries or your account
  • Generated insights: Retained until you delete your account
  • After deletion: All data is permanently removed from our database. See our Data Deletion Policy for details.

7. Your Rights

You can exercise these rights at any time through the app or by contacting us:

  • Access: View all your data within the app
  • Export: Download your glucose logs as a CSV file
  • Delete entries: Delete any individual log entry
  • Delete all data: Clear all your logged data
  • Delete your account: Permanently delete your account and all associated data
  • Correct: Edit your profile and log entries at any time
  • Withdraw consent: Stop using the app and request deletion of your account

8. Children's Privacy

GlucoseIQ is intended for users aged 18 and older. We do not knowingly collect personal information from anyone under that age. If we learn that a user under 18 has created an account, we will promptly delete the account and all associated data.

9. Changes to This Policy

We may update this policy to reflect changes in our practices or legal requirements. If we make material changes, we will notify you by email or through a notice in the app before the changes take effect.

10. Contact Us

For privacy questions, data requests, or concerns: