Privacy Policy

Last updated: 2025-11-14

Introduction

This Privacy Policy describes how Sustainabel ("we," "our," or "us") collects, uses, and protects your personal information when you use the Dosio mobile application ("App") and our website ("Website"). We are committed to protecting your privacy and ensuring transparency about how we handle your data, especially sensitive health information.

By using our App and Website, you agree to the collection and use of information in accordance with this policy.

Important Information

Company Information

  • Company Name: Sustainabel
  • Legal Entity: Sustainabel
  • Registered Address: Polderstraat 35, Nijmegen, The Netherlands
  • Contact Email: info@sustainabel.com

Applicable Laws

This Privacy Policy complies with:

  • General Data Protection Regulation (GDPR) - For users in the European Economic Area (EEA) and United Kingdom
  • California Consumer Privacy Act (CCPA) - For users in California, USA
  • Health Insurance Portability and Accountability Act (HIPAA) - NOTE: This app is NOT a HIPAA-covered entity as it is a consumer tracking app, not a medical device. However, we handle health data with similar care.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Email address (provided through Apple Sign-In or Google Sign-In)
  • Authentication tokens from your chosen provider (Apple or Google)
  • User ID (generated by our authentication system)

Note: We only collect the minimum information necessary for authentication. We do NOT have access to your Apple or Google account passwords.

1.2 Health and Medication Data

To provide our tracking services, we collect:

Medication Tracking

  • Injection records (date, time, medication type, dosage)
  • Injection site (abdomen, thigh, arm)
  • Pain level (1-10 scale, optional)
  • Custom notes (optional)

Side Effects

  • Symptom descriptions
  • Severity level (1-10 scale)
  • Date and time of occurrence
  • Notes (optional)

Health Metrics

  • Weight (manual entry)
  • Height (manual entry)
  • Blood glucose levels (manual entry)
  • Blood pressure (manual entry)
  • Calories consumed (manual entry)
  • Protein intake (manual entry)
  • Water intake (manual entry)
  • Measurement units (metric or imperial)
  • Date and time of measurements

Important:

  • All health data is manually entered by you. We do NOT automatically collect health data.
  • If you choose to connect Apple Health (iOS) or Health Connect (Android), we read your health data to display it alongside your manually entered data, but we do NOT store this platform health data in our database. Platform health data (Apple Health/Health Connect) remains on your device and is controlled by the platform's privacy settings.
  • Health data imported from Apple Health or Health Connect is displayed with a clear indicator showing the data source.

1.3 Medication Schedule and Preferences

  • Medication schedules (dosage, frequency, injection intervals)
  • Reminder preferences (enabled/disabled, time, days before)
  • Unit preferences (metric or imperial)
  • Timezone settings

1.4 Subscription and Billing Information

When you subscribe to Pro features, we collect:

  • Subscription status (trial, active, cancelled, expired)
  • Subscription type (monthly or yearly)
  • Subscription start and end dates
  • Transaction ID (from Apple App Store or Google Play Store)
  • Receipt data (for subscription validation)

Note: We do NOT collect or store your credit card information. All payment processing is handled by Apple App Store and Google Play Store, which are governed by their own privacy policies.

1.5 Technical Information

To improve app performance and diagnose issues, we collect:

  • Device information (device type, operating system, app version)
  • Usage analytics (app features used, session duration - anonymized)
  • Crash reports (error logs, stack traces - anonymized, no personal data)
  • Performance metrics (app responsiveness, load times)

1.6 User Preferences

  • Onboarding completion status
  • App settings and preferences
  • Language preferences
  • Display preferences

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Core App Functionality

  • Provide tracking services - Store and display your medication and health data
  • Send reminders - Notify you about upcoming medication doses (if enabled)
  • Generate insights - Show you trends and patterns in your health data
  • Export data - Allow you to export your data as PDF or CSV files
  • Synchronize data - Keep your data synchronized across your devices

2.2 Account Management

  • Authenticate users - Verify your identity when you sign in
  • Manage subscriptions - Process subscription payments and renewals
  • Provide customer support - Respond to your inquiries and requests

2.3 Service Improvement

  • Fix bugs - Use crash reports to identify and fix technical issues
  • Improve features - Analyze usage patterns (anonymized) to enhance app functionality
  • Ensure security - Monitor for fraudulent activity and security threats

2.4 Legal Compliance

  • Comply with laws - Meet legal obligations and respond to legal requests
  • Enforce terms - Protect our rights and enforce our Terms of Service

3. How We Share Your Information

3.1 We DO NOT Sell Your Data

We never sell your personal information or health data to third parties.

3.2 Service Providers

We share information with trusted service providers who help us operate our App and Website:

Supabase (Database and Authentication)

  • Purpose: Host our database, handle authentication, and process data
  • Data Shared: All account and health data
  • Privacy Policy: https://supabase.com/privacy
  • Location: United States

RevenueCat (Subscription Management)

  • Purpose: Manage subscriptions and billing
  • Data Shared: Subscription status, transaction IDs, user ID
  • Privacy Policy: https://www.revenuecat.com/privacy
  • Location: United States

Sentry (Crash Reporting)

  • Purpose: Monitor app crashes and errors
  • Data Shared: Crash logs, error reports (anonymized, no personal health data)
  • Privacy Policy: https://sentry.io/privacy/
  • Location: United States

Apple App Store / Google Play Store (Payment Processing)

  • Purpose: Process subscription payments
  • Data Shared: Subscription purchases, receipt validation
  • Privacy Policies:
    • Apple: https://www.apple.com/privacy/
    • Google: https://policies.google.com/privacy
  • Location: United States

Apple Health (iOS Only - Read-Only Integration)

  • Purpose: Display your Apple Health data alongside manually entered data
  • Data Shared: None - we only READ your health data, we do NOT send data back to Apple Health
  • Privacy Policy: https://www.apple.com/privacy/
  • Location: United States

Health Connect (Android Only - Read-Only Integration)

  • Purpose: Display your Health Connect data alongside manually entered data
  • Data Shared: None - we only READ your health data, we do NOT send data back to Health Connect
  • Privacy Policy: https://health.google/health-connect/privacy/
  • Location: United States

Note: All service providers are contractually obligated to protect your data and use it only for the purposes we specify.

3.3 Legal Disclosures

We may disclose your information if required by law or in response to:

  • Legal requests - Court orders, subpoenas, or other legal processes
  • Government requests - Requests from law enforcement or government agencies
  • Protection of rights - To protect our rights, property, or safety, or that of our users

3.4 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our App and Website if such a transfer occurs.

4. Data Storage and Security

4.1 Data Storage

  • Location: Your data is stored in Supabase Cloud Database, region US region us-east.
  • Retention: We retain your data for as long as your account is active. After account deletion (see Section 7), all personal data is permanently deleted immediately.

4.2 Security Measures

We implement industry-standard security measures to protect your data:

  • Encryption in transit - All data transmitted between your device and our servers is encrypted using HTTPS/TLS
  • Encryption at rest - All data stored in our database is encrypted
  • Row Level Security (RLS) - Database-level security ensures users can only access their own data
  • Access controls - Limited access to personal data on a need-to-know basis
  • Regular security audits - We conduct regular security assessments
  • Secure authentication - Use of secure authentication tokens (JWT) that expire regularly

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

4.3 Third-Party Security

Our service providers (Supabase, RevenueCat, etc.) maintain their own security measures. Please refer to their privacy policies for details on their security practices.

5. Your Rights and Choices

5.1 Access Your Data

You can access all your data at any time through the App. You can also export your data as:

  • PDF report - Formatted report suitable for healthcare providers (Premium feature)
  • CSV files - Raw data files for your records (Free feature)

To export your data:

  1. Open the App
  2. Go to Settings → Export My Data
  3. Choose PDF or CSV format
  4. Follow the on-screen instructions

5.2 Correct Your Data

You can update or correct your data at any time through the App. Simply navigate to the relevant screen and edit the information.

5.3 Delete Your Data

You have the right to request deletion of your account and all associated data:

Through the App:

  1. Open the App
  2. Go to Settings → Delete Account
  3. Follow the on-screen instructions
  4. Confirm your decision

What gets deleted:

  • All medication records (shots)
  • All side effect records
  • All health metrics
  • All medication schedules
  • All user preferences
  • Your account and authentication data

What happens after deletion:

  • All personal data is permanently deleted from our database
  • Your account cannot be recovered
  • You will need to create a new account if you wish to use the App again
  • Anonymized, aggregated analytics data (which cannot identify you) may be retained for business analytics

Important Notes:

  • If you have an active subscription, you must cancel it first before deleting your account. Please cancel through the App Store or Google Play Store settings.
  • Account deletion is permanent and cannot be undone.
  • Some data may remain in backups for up for maximum of 30 days before being permanently deleted. Note: In normal situations data is deleted instantly.

5.4 Rights Under GDPR (EU/UK Users)

If you are in the European Economic Area (EEA) or United Kingdom, you have additional rights:

  • Right to access - Request a copy of your personal data
  • Right to rectification - Request correction of inaccurate data
  • Right to erasure ("right to be forgotten") - Request deletion of your data
  • Right to restrict processing - Request limitation of how we use your data
  • Right to data portability - Request your data in a machine-readable format
  • Right to object - Object to processing of your data
  • Right to withdraw consent - Withdraw consent for data processing at any time

To exercise these rights, contact us at info@sustainabel.com.

5.5 Rights Under CCPA (California Users)

If you are a California resident, you have the right to:

  • Know what personal information is collected - This Privacy Policy provides this information
  • Know what personal information is sold or disclosed - We do not sell your personal information
  • Opt-out of sale - We do not sell your personal information
  • Delete personal information - See Section 5.3 above
  • Non-discrimination - We will not discriminate against you for exercising your privacy rights

To exercise these rights, contact us at info@sustainabel.com.

6. Children's Privacy

Our App and Website are not intended for children under the age of 13 (or the age of majority in your jurisdiction, whichever is higher).

We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at info@sustainabel.com, and we will delete such information.

If you are under 13 (or the age of majority in your jurisdiction), please do not use our App or Website.

7. Cookies and Tracking Technologies

Our Website may use cookies and similar tracking technologies to:

  • See where our traffic comes from
  • Analyze which pages are most visited by our visitors

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our Website.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes:

  1. We will update the "Last Updated" date at the top of this policy
  2. We will force you to accept the health disclaimer again in the Mobile App

Your continued use of the App or Website after the changes become effective constitutes your acceptance of the updated Privacy Policy.

If you do not agree with the changes, you may:

  • Stop using the App and Website
  • Delete your account (see Section 5.3)

9. Health Information Disclaimer

Important: This App is a personal health tracking tool and is NOT a medical device.

  • This App does NOT provide medical advice, diagnosis, or treatment
  • Always consult with a qualified healthcare provider before making medical decisions
  • Do not use this App as a substitute for professional medical advice
  • If you have a medical emergency, contact emergency services immediately

10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: info@sustainabel.com

Thank you for trusting us with your health information. We are committed to protecting your privacy.