Privacy Policy

How Nutae processes your data — health data under GDPR Art 9.

Dernière mise à jour :

1. GDPR commitment

This Policy describes how SmartZonesIndicators collects, uses, retains and protects personal data of Nutae users, in accordance with Regulation (EU) 2016/679 (GDPR) and the French Data Protection Act.

2. Data controller

The personal data controller is:

  • Name: SmartZonesIndicators, a French company
  • General contact: support@smart-zones-indicators.com
  • Data Protection Officer (DPO): dpo@smart-zones-indicators.com
  • Supervisory authority: Commission Nationale de l'Informatique et des Libertés (CNIL), www.cnil.fr

3. Data collected

3.1 Account data

  • Email address
  • Password (bcrypt hashed, never stored in plain text)
  • Display name chosen by the User
  • Account creation date

3.2 Health data (Art. 9 GDPR)

  • Meals entered (name, time, input method)
  • Digestive symptoms (type, intensity, time)
  • Meal photos (Premium only, deleted immediately after AI analysis)
  • Calculated statistical correlations (Fisher + BH-FDR)
  • Optional health markers (sleep, stress, hydration, menstrual cycle)

3.3 Technical data

  • Anonymous App Check token (Firebase anti-fraud)
  • Anonymized error logs (Sentry)
  • Aggregated usage metrics (PostHog, granular opt-in)

4. Processing purposes

  • Provide the food diary and digestive trigger analysis service
  • Compute personal statistical correlations (Fisher + BH-FDR)
  • Enable medical PDF export to share with a healthcare professional
  • Secure the account (authentication, anti-fraud)
  • Improve the product (only if analytics consent given, granular opt-in)

5. Legal basis

"Processing of health data is based exclusively on the User's explicit consent (Article 9.2.a GDPR)." This consent is collected at signup via a granular consent dialog "per purpose", separate from acceptance of the Terms of Use.

The User may "withdraw consent at any time" from Profile > Settings > Privacy, without this withdrawal affecting the lawfulness of processing carried out previously.

6. Hosting and location

"All User data is hosted within the European Union", on Google Cloud Firebase, region europe-west1 (Belgium). No long-term storage of health data outside the EU.

For AI photo analysis "Ask Nutae", images are sent to Google Vertex AI region europe-west1 and deleted immediately after inference, with no long-term storage and no use for model training.

7. Processors

SmartZonesIndicators relies on the following processors, with whom a Data Processing Agreement (Art. 28 GDPR) has been signed:

  • Google Cloud Firebase (Firestore, Authentication, Cloud Functions, App Check, Cloud Messaging) — primary hosting europe-west1
  • Google Vertex AI Gemini — AI photo analysis, europe-west1, deletion immediately after inference
  • RevenueCat — Premium subscription management
  • Resend — transactional email delivery (OTP, account notifications)
  • Sentry — anonymized application error logging
  • PostHog — aggregated usage metrics (opt-in)

8. Transfers outside the European Union

Transfers outside the EU are rare and limited to the following processors: RevenueCat (United States), Resend (United States), Apple and Google (federated identities). They are governed by the European Commission's "Standard Contractual Clauses 2021/914" and, where applicable, processors' adherence to the EU-US Data Privacy Framework.

No transfer of raw health data (meals, symptoms, photos) outside the EU is performed. Statistical correlations are computed locally on the User's device.

9. Security

  • TLS 1.3 encryption in transit
  • AES-256 encryption at rest (Firebase managed)
  • Token authentication (Firebase Auth + App Check)
  • Passwords bcrypt-hashed, never stored in plain text
  • No human access to individual data without explicit consent
  • Regular security audits

10. Data breach notification

In the event of a personal data breach likely to result in a risk to the rights and freedoms of the User, the Publisher notifies the CNIL "within 72 hours" of becoming aware of it, pursuant to Article 33 GDPR. If the breach presents a high risk, the User concerned is informed "as soon as possible", pursuant to Article 34 GDPR.

For Users residing in the United States, in case of a breach affecting "identifiable health information", the Publisher will carry out notification under the FTC Health Breach Notification Rule (16 CFR Part 318): notice to affected Users, notification to the Federal Trade Commission, and, if the breach concerns more than 500 residents of a same State or territory, notice to prominent media outlets.

11. Your rights

Pursuant to Articles 15 to 22 GDPR, the User has the following rights: access, rectification, erasure, portability, objection, restriction of processing, "withdrawal of consent at any time" and "right to human intervention and to contest AI results".

To exercise these rights:

  • From the app: Profile > Settings > My data (JSON export / cascade deletion in 1 tap)
  • By email: dpo@smart-zones-indicators.com
  • Response time: 30 days maximum
  • Complaint to the CNIL: www.cnil.fr (free online complaint)

12. Retention period

User data is retained as long as the account is active. Upon account deletion, "all data is wiped within 30 days" (Firestore cascade deletion). Anonymized technical logs are retained for 90 days for security reasons.

13. Cookies, trackers and advertising

The nutae.app website uses no advertising tracking cookies. Only strictly necessary technical cookies are used (language preference). The mobile app embeds no third-party advertising SDK.

"No advertising, no commercial profiling, no transfer of data for marketing purposes."

14. Minors

The App is strictly reserved for individuals "aged at least 16". No data concerning a minor under 16 is intentionally collected. If SmartZonesIndicators becomes aware of an account created in violation of this rule, the account is deleted without delay and the data wiped.

15. California and United States residents (CCPA / CPRA)

This section addresses Users residing in the United States and, more specifically, in California within the meaning of the California Consumer Privacy Act as amended by the California Privacy Rights Act ("CCPA/CPRA"). It supplements, without replacing, the other provisions of this Policy.

Health data processed by Nutae qualifies as "sensitive personal information" under the CPRA. As such, the Californian User has the following rights:

  • Right to Know: know the categories of data collected, sources, purposes and recipients
  • Right to Delete: request deletion of personal information
  • Right to Correct: request correction of inaccurate data
  • Right to Opt-Out of Sale / Sharing: "Nutae does not sell or share personal information for behavioral advertising purposes"
  • Right to Limit Use of Sensitive Personal Information: limit the use of health data to the strict purposes of providing the service
  • Right to Non-Discrimination: no adverse treatment for exercising these rights

To exercise these rights, the User may write to dpo@smart-zones-indicators.com or use the in-app functions (Profile > Settings > My data). Response time: 45 days, extendable by an additional 45 days if necessary, in accordance with CCPA/CPRA.

Users residing in other US states with comparable legislation (notably Virginia, Colorado, Connecticut, Utah, Texas, Oregon) benefit from equivalent rights and may exercise them through the same channels.

16. Modification, authority and contact

Any substantial change to this Policy is notified to the User via the App or by email at least 30 days before entry into force. The last update date appears at the top of this document.

The User may file a complaint with the Commission Nationale de l'Informatique et des Libertés (CNIL), the French supervisory authority, at www.cnil.fr.

  • General contact: support@smart-zones-indicators.com
  • Data Protection Officer (DPO): dpo@smart-zones-indicators.com
  • Response time: 30 days maximum