Dr.O: Privacy Policy

Privacy Policy

Last Updated: 2025-10-10

1. Information Collection We collect minimal personally identifiable information, including but not limited to:

Name, email, and account credentials

Health-related data you voluntarily provide to receive personalized recommendations

Purchase transaction details

Health Data from Wearables (Optional)

If you choose to connect third-party wearable or health services (e.g., Apple Health, Google Fit, Fitbit, Garmin), we may receive the following categories of data, depending on your permissions: steps/activity, heart rate, sleep duration/stages, SpO₂ (if available), body metrics (e.g., weight, body fat), and related timestamps.

Connections are opt-in and permission-scoped. You can disconnect at any time (see “Your Rights and Controls”). We do not collect any wearable data without your explicit authorization.

2. Information Use Collected information is used to:

Provide personalized nutrition and health recommendations

Process and fulfill retail orders

Improve app functionality and user experience

Communicate important account updates

Use wearable health data to personalize in-app insights and recommendations (e.g., sleep-aware reminders, activity-adjusted suggestions), improve trend analytics, and enable user-requested features.

3. Data Sharing and Disclosure We do not sell, rent, or trade your personal data. Information may be shared with third-party vendors solely to perform services (e.g., payment processing, shipping) necessary for App functionality.

When you connect a wearable service, data flows only as needed to enable that integration. We do not sell wearable data. We share it with processors solely to operate the integration (e.g., SDKs or APIs from Apple/Google/Fitbit/Garmin), subject to data-processing terms. We do not allow third parties to use wearable data for advertising.

4. Data Security We adhere to industry-standard security measures to protect user data against unauthorized access, disclosure, alteration, or destruction.

Wearable data is transmitted via encrypted channels and stored using industry-standard encryption at rest. Access is role-based and limited to least privilege. We periodically review integrations and revoke unused tokens.

5. Data Retention Your personal data is stored securely only for as long as needed to provide services or comply with legal obligations.

Wearable health data is retained only as long as necessary to provide connected features or as required by law. If you disconnect a service, we stop new data flows. You may request deletion of previously stored wearable data (see “Your Rights and Controls”).

6. Your Rights and Controls You have the right to:

Access, update, or delete personal data via app settings or contacting support

Opt-out of communications at any time

You may review, export, or request deletion of your data as permitted by applicable privacy laws. Requests can be submitted through the in-app support or the contact information listed below.

If you have connected wearable or health-tracking services (e.g., Apple Health, Google Health Connect, Fitbit, Garmin), please note that our App itself does not provide a disconnect or permission-revocation function. To stop sharing wearable health data, you must revoke access directly within the corresponding platform (for example, in your iOS Health app or Android Health Connect settings). Once permissions are withdrawn there, the connection will automatically cease sending data to our service.

After the wearable connection is revoked through those external settings, we will no longer receive new data from that service. You may separately request deletion of any previously stored wearable data by contacting us as described in this policy.

7. Children's Privacy Dr.O is not directed at individuals under the age of 13. We do not knowingly collect personal data from minors.

8. Policy Changes We may update this policy periodically. We will notify you of material changes by updating the "Last Updated" date above or via in-app notification.

Compliance Notes

Dr.O is not a medical provider or a HIPAA “covered entity.” Wearable data is handled under this Privacy Policy and applicable privacy laws (e.g., GDPR/CCPA, where relevant). We do not use wearable health data for marketing without your consent.

9. Contact Information For any questions regarding Terms or Policy, please contact: Oblossom LLC Email: info@oblossom.com

By continuing to use Dr.O, you acknowledge you have read, understood, and agree to comply with these Terms of Service and Privacy Policy.