Privacy Policy

Last updated: 29 June 2026

This Privacy Policy explains how Novum ("we", "us", "our") collects, uses, and protects your personal data when you use our app and website (the "Service"). We are the data controller.

1. Data we collect

• Account data — email address, first name, date of birth, gender.
• Transformation data — progress photos, weight, body fat, body measurements, goals, and notes you choose to add.
• Health data (optional) — if you enable Apple Health, we read activity metrics (weight, steps, active energy, workouts, sleep) on your device to enrich your AI analysis. This is processed only with your permission.
• Waitlist data — if you join our early-access list, your email, the source you came from, and your language.
• Usage and device data — basic technical information needed to operate and secure the Service.

2. How we use your data

• to provide the Service — store your entries, compute progress, and render before/after and timelapse artifacts;
• to generate AI analysis and weekly recaps (see "AI processing" below);
• to send you launch updates and Service-related messages you have consented to;
• to maintain security and comply with legal obligations.

3. Legal basis

We process your data on the basis of your consent (waitlist emails, health data, photos), performance of our contract with you (running the app), and our legitimate interest in keeping the Service secure.

4. AI processing

To generate your analysis, relevant photos and metrics are sent to our AI provider (Anthropic) for processing. This data is used only to return your result and is not used to train their models. AI output is informational and not medical advice.

5. Storage and security

Your data is stored with our infrastructure provider (Supabase). Progress photos are kept in a private storage bucket and are accessible only through short-lived signed links scoped to your account — they are never public. Data is encrypted in transit.

6. Sharing

We do not sell your personal data. We share it only with processors who help us run the Service (hosting, AI processing, payment via the App Store), under contracts that require them to protect it.

7. Retention

We keep your data for as long as your account is active. When you delete your account, we remove your photos and personal records. You can export all of your data as a ZIP file from within the app at any time.

8. Your rights

Depending on your location (including under the GDPR), you have the right to access, correct, delete, restrict, or port your data, and to withdraw consent at any time. You can exercise most of these directly in the app (export, delete account) or by contacting us. You may also lodge a complaint with your local data protection authority.

9. Marketing emails

If you join the waitlist or opt in to updates, we will email you about the launch and product news. Every email includes an unsubscribe link, and you can opt out at any time.

10. Children

The Service is not intended for children under 16, and we do not knowingly collect their data.

11. Changes

We may update this policy; material changes will be communicated in the app or by email.

12. Contact

For privacy requests or questions, contact privacy@bynovum.app.