InsulynInsulynBack to Home

Privacy Policy

Last updated: March 31, 2026

This Privacy Policy describes how Vocata Studio (“Company,” “We,” “Us,” or “Our”) collects, uses, processes, shares, and protects Your information when You use the insulyn mobile application, website, and related services (collectively, the “Service”). By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.

1. Interpretation and Definitions

1.1 Interpretation

Capitalized terms have the meanings assigned to them in this Policy.

1.2 Definitions

  • Account: The unique profile created for You to access the Service.
  • Application:The mobile application titled “insulyn.”
  • Company, We, Us, or Our: Vocata Studio.
  • Device: Any device used to access the Service.
  • Personal Data: Information that identifies or can reasonably be linked to an individual. Personal Data includes identifiable health information.
  • Health Data: Information You provide or that the Service generates relating to Your physical health, nutrition, blood sugar management, food analysis results, glucose impact predictions, traffic light scores, and scan history.
  • Usage Data: Data collected automatically through use of the Service, including device information, activity logs, and analytics data.
  • User Content: Photos, images, text, food entries, chat messages, metadata, or other inputs You upload or submit through the Service.
  • You: The individual using the Service or the organization on whose behalf the Service is used.

2. Types of Data We Collect

We collect the categories of data described below. Certain categories may qualify as health information or sensitive personal information under various privacy laws.

2.1 Personal Data You Provide

We may collect the following Personal Data when You create an Account or use the Service:

  • Name and email address (via Apple Sign In or Google OAuth)
  • Authentication credentials managed by our auth provider
  • Optional profile details You provide

2.2 Health and Nutrition Data

To provide food analysis and glucose impact prediction features, We collect:

  • Food scan results including traffic light scores, nutritional breakdowns, key factors, and glucose impact predictions
  • Scan history and food analysis records
  • Chat messages sent to the AI health assistant, including questions about diet, insulin resistance, and food choices
  • Any other health-related information You choose to provide through the Application

You decide which health information to provide. The Service cannot function properly without basic food scan data.

2.3 User Content (Including Photos)

User Content includes:

  • Photos of food uploaded for AI analysis
  • Chat messages and text entries

We may use anonymized or aggregated food images to improve Our models, algorithms, and product features. We do not associate such images with Your identity when used for internal development.

2.4 Usage Data

We automatically collect:

  • Device type, operating system, and app version
  • IP address
  • Time stamps and activity logs
  • Crash data and error reports
  • Feature usage analytics
  • Performance data
  • Language and locale preferences

This data helps Us secure, improve, and optimize the Service.

2.5 Cookies and Tracking Technologies

The website uses cookies, tags, and similar technologies for analytics, functionality, and security. The Application may use mobile identifiers for analytics. We use PostHog for product analytics and Sentry for error tracking and performance monitoring.

3. How We Use Your Data

3.1 To Provide and Improve the Service

  • Food identification, scoring, and nutritional analysis
  • Glucose impact prediction and blood sugar spike estimation
  • Traffic light scoring and dietary guidance
  • AI health assistant chat responses
  • Scan history and tracking
  • Account management
  • Service stability, debugging, and performance monitoring

3.2 To Improve AI Models

We use food images and related User Content to:

  • Train and improve AI models
  • Enhance accuracy of food scoring and glucose impact predictions
  • Improve overall product performance

Such use is strictly anonymized or aggregated and not linked to Your identity.

3.3 Communications

We may contact You about:

  • Updates and new features
  • Service-related notifications
  • Customer support responses

3.4 Marketing (Optional)

We may send You promotional emails unless You opt out.

3.5 Legal and Compliance

We may use Your data to:

  • Detect or prevent fraud
  • Comply with law enforcement obligations
  • Protect Our rights

3.6 Business Transfers

If We engage in a merger, acquisition, financing, or asset sale, Your information may be transferred as permitted by law.

4. Legal Bases for Processing (GDPR)

Where applicable, We rely on:

  • Consent — for processing Health Data, User Content, and marketing communications
  • Contract performance — to provide the Service as agreed
  • Legitimate interests — for service improvement, security, and analytics
  • Legal obligations — where required by law

5. How We Share Personal Data

5.1 Service Providers

With vendors who support the Service, such as:

  • Cloud hosting and database providers (Convex)
  • Authentication providers (Clerk)
  • AI processing providers (for food analysis)
  • Analytics providers (PostHog)
  • Crash reporting and monitoring (Sentry)
  • Payment and subscription processing

5.2 Business Transfers

As part of corporate transactions.

5.3 Legal Compliance

With law enforcement or regulators when legally required.

5.4 With Your Consent

Where You direct Us to share information.

5.5 Aggregated or Anonymized Data

We may share aggregated or non-identifiable data for analytics, research, or business purposes. We do not sell Your Personal Data.

6. User Content and License Rights

By submitting User Content, You grant the Company a worldwide, royalty-free, sublicensable license to use, store, process, reproduce, modify, and create derivative works from Your User Content solely to operate, maintain, and improve the Service, including internal AI model training.

We do not publicly display Your photos or content without Your express consent.

7. Health Information Disclaimer

insulyn is not a medical device and does not provide medical advice, diagnosis, or treatment.

All scores, glucose impact predictions, nutritional analyses, traffic light ratings, and AI-generated content are estimates based on general nutritional data and artificial intelligence models. They should not be used as a substitute for professional medical advice, diagnosis, or treatment.

Individual responses to foods vary significantly based on factors including but not limited to: current medication (including insulin and oral hypoglycemics), physical activity, overall health status, metabolic conditions, portion sizes, food combinations, and individual physiology.

Always consult Your doctor, endocrinologist, dietitian, or other qualified healthcare provider before making changes to Your diet, medication, or treatment plan. Do not disregard professional medical advice or delay seeking it because of information provided by the Service.

In case of a medical emergency, contact Your local emergency services immediately.

Health Data collected through the Service is treated with heightened security and care:

  • We do not sell or share Health Data with advertisers or data brokers
  • We do not use Health Data to build advertising profiles
  • Food scan images are processed for analysis and are not permanently retained on our servers after processing
  • Scan results are stored securely in Your Account and can be deleted by You at any time
  • AI chat messages related to health are not shared with third parties for marketing purposes

8. AI and Third-Party Processing

The Service uses third-party artificial intelligence services to process food images and generate analyses. When You scan a food item:

  • The image is sent to our AI provider for processing and analysis
  • The AI provider may temporarily process the image but does not retain it for their own purposes
  • We select AI providers that maintain appropriate data protection standards

While We strive for accuracy, AI outputs may contain errors or inaccuracies. We do not guarantee the accuracy, completeness, or reliability of any AI-generated content, including food identification, scoring, glucose impact predictions, or chat responses.

9. Retention of Data

We retain:

  • Personal Data for as long as Your Account is active or necessary for the purposes described
  • Health Data and scan history until You delete it or delete Your Account
  • Chat history until You delete it or delete Your Account
  • Usage Data for a shorter period unless needed for security
  • Backups for limited periods as part of standard retention practices

We delete or anonymize data when no longer needed unless legally required to retain it.

10. Data Transfers

Your information may be transferred to and processed on servers outside Your jurisdiction, including countries where our service providers operate. We implement safeguards as required by law, including standard contractual clauses for international transfers in accordance with the EU General Data Protection Regulation (GDPR).

11. Your Privacy Rights

Depending on Your jurisdiction, You may have rights to:

  • Access Your Personal Data
  • Correct inaccurate data
  • Delete Personal Data
  • Export Your data in a structured, commonly used format
  • Withdraw consent
  • Object to processing
  • Request restriction of processing

You may exercise rights through in-app settings or by contacting Us at the address below.

12. Deleting Your Personal Data

You may request deletion of:

  • Your Account
  • Individual scan results (via in-app swipe to delete)
  • Chat history
  • Profile data

Upon Account deletion, We will remove Your Personal Data within 30 days, except where retention is required by law. Some data may persist in anonymized or aggregated form.

13. Security

We use administrative, technical, and physical safeguards to protect Your data, including:

  • Encryption of data in transit and at rest
  • Secure authentication via Clerk (Apple Sign In, Google OAuth)
  • Regular security assessments of our infrastructure
  • Access controls limiting who within our organization can access user data

However, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

14. Children’s Privacy

The Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If We become aware that We have collected data from a child under 13, We will take steps to delete it promptly.

15. Third-Party Links

The Service may contain links to third-party websites or services. Their privacy practices are their own, and We do not control or endorse them.

16. Changes to This Privacy Policy

We may update this Policy from time to time. Updates become effective when posted. We may notify You by email or through the Application for material changes. We encourage You to review this policy periodically.

17. Contact Us

If You have questions or requests related to this Privacy Policy, You may contact Us:

Vocata Studio
Email: hello@vocata.app