Your privacy matters deeply to us. Novubloome is a health and nutrition app that may collect sensitive personal data including health information and pregnancy status. Please read this policy carefully. By using the app you agree to the practices described below.
1. Who We Are
Novubloome ("we", "us", "our") is a Canadian-based mobile application providing nutrition tracking, AI-powered dietary guidance, and wellness tools. Our app is available on iOS and Android.
Contact: novubloome@novubloome.com
Website: novubloome.com
2. Information We Collect
2.1 Account Information
- Email address and password (used for account creation and login)
- Display name (optional)
2.2 Health & Nutrition Data
- Food logs, meal entries, and nutritional intake records
- Barcode scans and food product searches
- Nutrient tracking data (vitamins, minerals, macronutrients)
- Pregnancy status and trimester information (if voluntarily provided)
- Postpartum status (if voluntarily provided)
- Body weight, height, and dietary goals (if voluntarily provided)
- Supplement and medication reminders (if set)
- Custom food entries created by you
2.3 AI Chat Data
- Messages and questions submitted to our AI nutrition assistant
- Conversation history stored locally on your device and on our servers
2.4 Technical Data
- Device type, operating system, and app version
- App usage data and feature interactions
- Crash reports and error logs
- IP address and approximate location (country/region level)
2.5 Data We Do Not Collect
- We do not collect precise GPS location
- We do not access your camera beyond barcode scanning when you initiate it
- We do not collect payment information directly (processed by Apple/Google)
- We do not collect data from children under 13
3. How We Use Your Information
- To provide, operate, and improve the Novubloome app and services
- To personalise your nutrition tracking and recommendations
- To power the AI nutrition assistant with context relevant to your queries
- To send you reminders and notifications you have configured
- To respond to your support requests and communications
- To detect and prevent fraud, abuse, or security incidents
- To comply with applicable legal obligations
- To analyse aggregated, anonymised trends to improve the app (never individual-level data sold)
4. Sensitive Health Information
We treat health and pregnancy data as sensitive personal information. We apply heightened protections to this data and will never sell, rent, or share it with advertisers or third parties for marketing purposes.
Health data you provide is used solely to deliver the features you request within the app. Pregnancy status, trimester, and postpartum data are used exclusively to tailor nutrient targets and guidance within your personal account.
5. Third-Party Services
5.1 Supabase
We use Supabase (a PostgreSQL-based backend platform) to securely store your account and health data. Supabase is SOC 2 compliant and stores data in encrypted databases. For more information, see Supabase's Privacy Policy.
5.2 Anthropic (Claude AI)
Our in-app AI nutrition assistant is powered by Anthropic's Claude API. When you use the chat feature, your messages are sent to Anthropic's servers to generate responses. Anthropic may retain API call data in accordance with their data retention policies. We do not send identifying personal information (like your name or email) to Anthropic. See Anthropic's Privacy Policy.
5.3 Apple App Store / Google Play
App downloads and in-app purchases are processed by Apple or Google under their respective privacy policies. We receive only basic transaction confirmation — not your payment details.
5.4 No Advertising Networks
We do not integrate any advertising SDKs or share data with ad networks.
6. Data Storage & Security
Your data is stored on servers located in Canada and/or the United States via Supabase's infrastructure. We implement industry-standard security measures including:
- TLS/SSL encryption for all data in transit
- AES-256 encryption for data at rest
- Secure authentication with password hashing
- Role-based access controls limiting who can access production data
While we take reasonable steps to protect your data, no system is completely secure. We encourage you to use a strong, unique password and to contact us immediately if you suspect unauthorised access to your account.
7. Data Retention
We retain your data for as long as your account is active. If you delete your account:
- Your personal and health data is deleted within 30 days
- Anonymised, aggregated data (not linked to you) may be retained for analytics
- Backup copies may persist for up to 90 days before permanent deletion
8. Your Rights
8.1 Canadian Users (PIPEDA)
Under Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), you have the right to:
- Access the personal information we hold about you
- Request correction of inaccurate information
- Withdraw consent for non-essential uses of your data
- Lodge a complaint with the Office of the Privacy Commissioner of Canada
8.2 US Users (CCPA – California)
California residents have the right to:
- Know what personal information is collected, used, shared, or sold
- Request deletion of personal information
- Opt out of the sale of personal information (we do not sell your data)
- Non-discrimination for exercising your rights
8.3 International / EU Users (GDPR)
If you are located in the European Economic Area, you have the right to:
- Access, rectify, or erase your personal data
- Restrict or object to processing
- Data portability
- Lodge a complaint with your local data protection authority
Our legal basis for processing health data is your explicit consent. You may withdraw consent at any time by deleting your account.
8.4 How to Exercise Your Rights
Email us at novubloome@novubloome.com with the subject line "Privacy Request". We will respond within 30 days.
9. Children's Privacy
Novubloome is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us immediately and we will delete it.
Users aged 13–17 should use the app only with parental or guardian consent.
10. International Data Transfers
Your data may be processed in countries outside your country of residence (including the United States and Canada). When transferring data internationally, we rely on appropriate safeguards such as standard contractual clauses to ensure your data receives equivalent protection.
11. Cookies & Analytics
The Novubloome mobile app does not use browser cookies. Our website (novubloome.com) may use essential cookies for functionality. We do not use tracking or advertising cookies on our website.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you via in-app notification or email at least 14 days before the changes take effect. Continued use of the app after that date constitutes acceptance of the updated policy.
13. Contact Us
For any privacy-related questions, requests, or concerns: