Privacy & Security

Effective date: March 11, 2026

1. Your Data Belongs to You

At Visualife, we believe your calendar and personal notes are yours. We never sell your data. All information you enter is stored securely and is only accessible by you.

2. What We Collect

• Account Information: Your name and email address (for login and communication)
• Health Data: Blood pressure, heart rate, blood glucose, and other vital measurements you choose to track
• Nutrition Data: Meal records, food photos, and nutritional information from your meal logging
• Activity Data: Calendar entries, events, and daily activities you record
• Mood Tracking: Your mood check-ins and emotional well-being notes throughout the day
• Goals & Habits: Your personal goals, habit tracking data, progress notes, and completion records
• Tasks: Your to-do lists, task descriptions, and completion status
• Time Tracking: Project time entries, work sessions, and productivity data
• Voice Data: Voice recordings from Vizy (our AI assistant), transcripts, and AI-generated responses
• Location Data: City-level location for weather context (we use "When In Use" permission with kilometer-level accuracy, not exact GPS coordinates)
• Weather Data: Historical weather information associated with your daily activities
• AI Reports: Generated insights and personalized analysis of your life patterns
• Payment Information: If you subscribe to the Plus plan (handled securely via our payment processor, never stored on our servers)

All personal data listed above is encrypted at rest in our database and only accessible by you.

3. How We Use Your Data

• To provide your personalized life tracking and visualization experience
• To generate AI-powered insights and reports about your health, nutrition, habits, and life patterns
• To analyze meal photos and provide nutritional information
• To process voice commands through Vizy (our AI assistant)
• To show weather context for your activities and calendar
• To track your goals, habits, tasks, and time entries
• To respond to support requests and improve our service
• To send optional updates and account-related notifications

We never use your data for advertising, and we never sell your data to third parties.

4. How We Protect Your Data

Your health data, personal information, and activity records are protected using multiple layers of enterprise-grade security:

• Comprehensive Encryption at Rest: All sensitive personal data is encrypted in our database using industry-standard AES encryption algorithms. This includes:
  • Personal information (name, email, health conditions, blood type)
  • Health measurements and device information
  • All meal titles, descriptions, and nutritional data
  • Mood check-ins and emotional well-being notes
  • Goals, goal notes, habits, and habit notes
  • Tasks and task descriptions
  • Time tracking entries (project names, descriptions, session metadata)
  • Voice recordings, transcripts, and AI conversations
  • AI report content and structured analysis data
  • Support request details and notes

  Even if our database were compromised, your data would be completely unreadable without the encryption keys.

• Encryption in Transit: All data transmitted between your device and our servers is encrypted using HTTPS/TLS 1.3 protocols, preventing interception or eavesdropping.
• Secure File Storage: Photos, voice recordings, and file attachments are stored on enterprise cloud storage (AWS S3) with server-side encryption and strict access controls.
• Account Protection: Your account is protected with:
  • Strong password requirements (uppercase, lowercase, numbers, special characters)
  • Automatic account lockout after failed login attempts
  • Cryptographically secure JWT authentication tokens
  • Email verification for new accounts
  • Secure password reset via time-limited codes
• Attack Prevention: We employ rate limiting, automated threat detection, and security monitoring to prevent brute-force attacks, credential stuffing, SQL injection, XSS attacks, and other malicious activities.
• Audit Logging: All access to sensitive data is logged with complete audit trails for security monitoring, compliance, and incident response.
• Privacy by Design: Location data is stored at city level only (not exact GPS coordinates), ensuring your precise location remains private while still providing weather context.
• Regular Security Reviews: We continuously monitor and update our security measures, apply security patches promptly, and follow industry best practices to protect against emerging threats.

Our security measures are designed to meet healthcare data protection standards and comply with regulations like HIPAA and GDPR. We take data protection seriously because we know you're trusting us with your most personal information.

5. Third-Party Services

We use carefully selected, trusted third-party services to provide certain features. All service providers are GDPR-compliant and bound by strict data processing agreements:

• OpenAI & Anthropic (Claude): For AI meal photo analysis, AI report generation, AI chat, AI voice calls, and Vizy voice assistant responses. Your data is sent to these services only for processing your requests. Neither provider uses your data for training their AI models per their API terms of service.
• Apple WeatherKit: For weather data based on city-level location (not exact GPS coordinates).
• AWS S3: For encrypted storage of photos, voice recordings, and file attachments with server-side encryption.
• Payment Processors: For handling Plus plan subscriptions (payment information is never stored on our servers).
• Email Service (Mailjet): For sending account-related emails, password resets, and optional notifications.
• Apple HealthKit: If you choose to sync health data, this is handled entirely on your device; we only receive data you explicitly choose to share.

These services do not have access to your encrypted personal data unless specifically required for the feature they provide (e.g., AI analysis). We never sell or share your data for advertising purposes.

6. AI Feature Consent & Data Sharing

Visualife offers optional AI-powered features that enhance your experience. These features require sending your data to third-party AI service providers. The app includes five AI features, each requiring separate consent:

• AI Reports: Generates personalized health insights and summaries from your tracked data
• AI Chat: Conversational AI assistant that can answer questions about your tracked data
• Vizy Voice Assistant: Log activities, meals, and health data using voice commands
• AI Voice Calls: Real-time voice conversations with Vizy for wellness coaching
• AI Nutrition Analysis: Estimates calories and nutrients from meal photos or descriptions

6.1. Third-Party AI Service Providers

Your data is sent to the following third-party AI service providers when you enable AI features:

• OpenAI (San Francisco, CA, USA) — Provides voice transcription (Whisper), text analysis and generation (GPT-4o), and real-time voice conversations (GPT-4o Realtime)
• Anthropic (San Francisco, CA, USA) — Provides text analysis and generation (Claude) for reports, chat, and nutrition analysis

Neither provider uses your data to train their AI models per their API terms of service.

6.2. How We Collect and Use AI Data

When you use an AI feature, the app collects data you have already entered into Visualife (health measurements, activities, meals, etc.) and sends it to the AI providers listed above. The data is used solely to process your specific request — for example, generating a report, answering a question, transcribing a voice recording, or analyzing a meal photo. The AI providers process the data and return results to Visualife, which are then displayed to you in the app.

6.3. Your Consent is Required

Before using any AI feature for the first time, the app will clearly disclose what data is sent, identify who it is sent to (OpenAI and/or Anthropic), and ask for your explicit permission. You can:

• Enable AI features: Grant consent to send your data to OpenAI and Anthropic for analysis and insights
• Disable AI features: Decline consent and continue using manual tracking without AI assistance
• Change your mind anytime: Enable or disable individual AI features at any time in Settings → Privacy & AI

6.4. What Data is Shared

Data sent to OpenAI and Anthropic when you consent (varies by feature):

• Health measurements (blood pressure, heart rate, glucose values)
• Meal information (titles, descriptions, photos, calories, nutrients)
• Activity names and positivity scores
• Habits, goals, tasks (names and descriptions)
• Mood scores and notes
• Financial summaries (totals only, not individual transaction details)
• Voice recordings (for Vizy Voice and Voice Calls features only)
• Real-time voice audio (for Voice Calls feature only)

Data that is NEVER shared with AI providers:

• Your name, email address, or other direct personal identifiers
• Your account ID or credentials
• Your exact location (only city-level weather context is used)
• Payment or billing information
• Individual financial transaction details

6.5. How AI Providers Handle Your Data

• OpenAI and Anthropic process your data only to fulfill your specific request
• All data is encrypted in transit using HTTPS/TLS
• Neither provider uses your data for training their AI models per their API terms of service

Not medical advice: AI-generated insights and reports are for informational purposes only and should not be considered medical advice, diagnosis, or treatment. Do not rely on AI features for medical conditions. Always consult a qualified healthcare professional for personalized medical guidance.

Manual tracking without AI: All core tracking features work perfectly without AI. You can track health measurements, meals, activities, habits, goals, and tasks manually without ever enabling AI features. The choice is entirely yours.

7. Your Rights

You may request a copy of your data or delete your account at any time by contacting us. We will honor all requests within 30 days.

8. Cookies

We use essential cookies to keep you signed in. We do not use advertising or tracking cookies.

9. Updates

We may update this Privacy Policy. If we do, we'll notify you via email or in-app notification.

10. Contact Us

If you have any questions or concerns, please email us at hi@visualife.ai.