Privacy Policy
Effective date: March 31, 2025
At Lotus Labs Inc., a federal Canadian company (together with its affiliates, “Lotus Labs,” “we,” or “us”), we take your privacy seriously. Please read this Privacy Policy to learn how we treat Health Data accessed in connection with the performance of the Services.
Your Consent
By using or accessing our products or services (collectively, “Services”) in any manner, you acknowledge that you accept the practices and policies outlined below, and you hereby consent that we will access, use, and share your information as described in this Privacy Policy.
BY MAKING YOUR HEALTH DATA AVAILABLE TO US, YOU AGREE TO OUR ACCESSING YOUR HEALTH DATA. IN DOING SO, YOU CONSENT TO OUR USE OF YOUR HEALTH DATA TO PROVIDE THE SERVICE IN ACCORDANCE WITH THIS PRIVACY POLICY.
For purposes of this Privacy Policy:
• The capitalized terms “You,” “User,” and “User Data” have the respective meanings attributed thereto in our Terms of Service relating to the provision of the Services set forth here: **, as such Terms of Service may be amended from time to time (the “Terms of Service”).
• “Personal Data” means your Health Data and any other information that identifies or relates to a particular individual and also includes information referred to as “personally identifiable information” or “personal information” under applicable law.
What Information We Use
Nutrition and Health Data
We will access and use Apple’s APIs to read and/or write certain health-related data (your “Health Data”) from applications running on your mobile device. Such information may include, among other things:
• (i) personal information including sex, date of birth, etc.
• (ii) exercise or workout routines or data relating thereto (including durations, distance, and outputs).
• (iii) heart rate and other health-related diagnostics or data.
• (iv) sleep data.
We may also collect and store photos of your food items/packaging in connection with your use of the Services.
We will use your Health Data solely to provide the Service and for the other permitted purposes contemplated by our Terms of Service. We will not use your Health Data for marketing or advertising purposes. Your Health Data will be accessed locally through Apple’s APIs (including Apple Health) and will not be stored or cached by the app. Your Health Data is processed locally and will not be sent to any server without your explicit consent.
This app cannot read from or write to Apple Health without your consent.
Anonymized Health Data Processing via APIs
With your explicit opt-in consent, we may process a subset of your Health Data via OpenAI’s to generate personalized responses and insights. This processing occurs under the following conditions:
• Anonymization: The data shared with OpenAI is not linked to personally identifiable information (PII). It only includes age, sex, and height along with relevant health metrics.
• Purpose: The data is used solely to generate personalized health-related responses via OpenAI’s models.
• No Storage: The data is not stored on our servers. It is sent to OpenAI’s API in real time, processed, and discarded after generating a response.
• User Control: This feature is opt-in, and users have full control over what data is shared. You may enable or disable this functionality at any time in the app settings.
We ensure that OpenAI handle this data in compliance with their privacy policies and applicable regulations. This is a link to Open AI’s privacy policy.
Location Data
We will use your Location Data to show you the route map of your workout and the weather at your location.
• We will not use your Location Data for marketing or advertising purposes.
• Your Location Data will be accessed locally through your device and will not be stored or cached by the App.
• Your Location Data is processed locally and will not be sent to any server.
• This app cannot read your Location Data from your device without your consent.
Personal Data
We may also collect certain limited Personal Data directly from you, including your email, usernames, authorizations, and/or responses to text boxes through the Services or responses to surveys or questionnaires.
Our payment processing partner(s) may collect your voluntarily provided payment card information necessary to process your payment. Please see our payment processors’ terms of service and privacy policies for information on their respective use and storage of Personal Data.
Analytics Data
• TelemetryDeck SDK – To collect anonymized statistical data on app usage. TelemetryDeck’s privacy policy can be found here.
• BugSnag SDK – To collect anonymized crash data. More details can be found in BugSnag’s Data Processing Addendum.
Our Use
We will only use your Personal Data for providing, customizing, and improving the Services. This may include our correspondence with you and our meeting our legal obligations under the Terms of Service. We will not use the Personal Data we collect for materially different, unrelated, or incompatible purposes.
We may disclose Personal Data to service providers (including hosting, analytics, technology, communication, security and fraud, support, customer service, and Services fulfillment partners) required to provide the Services.
Personal Data that we collect may be transferred to a third party if we undergo a merger, acquisition, bankruptcy, or other transaction in which that third party assumes control of our business (in whole or in part). Should one of these events occur, we will make reasonable efforts to notify you before your information becomes subject to different privacy and security policies and practices.
Security
We seek to protect Personal Data from unauthorized access, use, and disclosure using appropriate physical, technical, organizational, and administrative security measures based on the type of Personal Data and how we are processing that data. You should also help protect your data by appropriately selecting and protecting your password and/or other sign-on mechanism, limiting access to your computer or device and browser, and signing off after you have finished accessing your account. Although we work to protect the security of your account and other data that we hold in our records, please be aware that no method of transmitting data over the Internet or storing data is completely secure.
We retain Personal Data in accordance with the terms and conditions of the Terms of Service.
State Law Privacy Rights
California Resident Rights
The California Consumer Privacy Act (CCPA) allows you to make certain requests about your personal information, including the right to:
• Request details on the categories of personal information we collect or disclose about you.
• Access and receive a copy of your personal information.• Request deletion of certain personal information.
• Opt out of the sale of personal information (we do not sell personal information).
If you wish to exercise your rights, please contact us using the information below.
Nevada Resident Rights
If you are a resident of Nevada, you have the right to opt out of the sale of certain Personal Data. We do not sell Personal Data to third parties.
Contact Information
If you have any questions or comments about this Privacy Policy, the ways in which we access, collect, and use Personal Data, or your choices and rights regarding such access, collection, and use, please do not hesitate to contact us at:
Website: www.trybloom.app
Email: hello@trybloom.app
Changes to this Policy
If we decide to change our privacy policy, we will post those changes on this page. Summary of
changes so far:
Jan 13, 2025: First published.
Mar 31, 2025: Added details about how user approved health data is shared with APIs.