BioTrace Privacy Policy

This Privacy Policy explains how BioTrace ("BioTrace," "we," "our," or "us") collects, uses, discloses, and protects personal information when you use BioTrace products and services, including the BioTrace mobile app and website (collectively, the "Service").

1. Data We Collect

Depending on how you use the Service, we may collect: account data (such as email and authentication identifiers), app profile settings, biomarker and lab-related entries, recovery logs, questionnaire responses, wearable and Apple Health data you choose to connect (such as HRV, sleep, resting heart rate, workouts, and steps), subscription status, app events, and device/network metadata needed for security and reliability.

2. How We Use Data

We use personal information to provide and improve the Service, authenticate users, sync and display trends, generate educational reports and scores, operate subscriptions, prevent abuse, troubleshoot errors, communicate service updates, and comply with legal obligations.

3. Health-Related Data and Apple Health

Health-related information is used only to provide educational insights and app functionality requested by you. BioTrace does not use Apple Health data or other health-related data for advertising, marketing profiling, or data broker activity, and does not sell such data. BioTrace does not provide medical diagnosis or treatment.

4. Legal Bases and Consent

Where required by law, we process personal information based on your consent, contract performance, legitimate interests (such as security and product reliability), and legal obligations. You may withdraw optional consents by changing in-app or device permissions, though some features may stop functioning.

5. Sharing and Service Providers

We do not sell personal information. We share information only as needed to run the Service, such as with hosting/backend providers, authentication providers (for example, Apple or Google sign-in), subscription infrastructure (for example, RevenueCat and app store billing systems), analytics/crash providers, customer support tooling, and legal/compliance partners. Service providers are contractually restricted to authorized purposes.

6. Data Retention

We retain personal information for as long as needed to provide the Service, maintain account continuity, resolve disputes, enforce agreements, and meet legal obligations. When no longer needed, data is deleted, de-identified, or aggregated.

7. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information. No internet or storage system can be guaranteed 100% secure.

8. Your Privacy Rights and Choices

Subject to applicable law, you may request access to, correction of, deletion of, or export of your personal information, and you may request that we limit certain processing. You can also disconnect health permissions in iOS Settings and manage subscription settings through your app store account.

9. U.S. State Privacy Notice

If you are a resident of a U.S. state with privacy rights (such as California), you may have rights to know, access, delete, and correct personal information, and to appeal certain decisions. BioTrace does not sell personal information or share personal information for cross-context behavioral advertising as those terms are defined by applicable law.

10. International Transfers

Your information may be processed in countries other than your own. Where required, we use appropriate safeguards for international transfers in accordance with applicable law.

11. Children

The Service is not directed to children under 13 years of age (or older minimum age required by local law). If we learn we collected personal information from a child in violation of applicable law, we will take steps to delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the revised version with an updated date.

13. Contact

For privacy questions or data requests, contact: biotracehq@gmail.com