Privacy Policy

Our approach

Dia is designed so that your most sensitive health data never has to leave your device. Raw glucose and health readings are processed on your device, and only a derived, non-numeric "state" context is synced to our servers to power your experience across the app. We do not sell your data, we do not run ads, and we do not allow third-party ad tracking.

Information we collect

Account information

When you create an account, we collect basic account information such as your name and email address, depending on how you sign in (Sign in with Apple, Google, or email). This is used to create and secure your account.

Your derived glucose state

Dia syncs your derived glucose state(for example, plain-language states like "Steady" or "Running High" and related context). We do not upload or store your raw glucose readings or raw health data on our servers.

Events you log

If you log events in the app (such as meals, activity, or notes), we store those so Dia can connect them to your state context over time.

App-usage data

We collect limited information about how the app is used (such as features opened and basic diagnostic data) to keep Dia working reliably and to improve it. We do not use this for advertising.

What stays on your device

Your raw glucose readings and health data read from Apple Health are processed on your device and are not uploaded to our servers. Only the derived state context — never your raw numbers — leaves the device.

Apple Health (HealthKit)

With your permission, Dia reads health data from Apple Health (HealthKit) on a read-only basis. This data is used solely to explain your state and provide your context within the app. We do not use HealthKit data for advertising or marketing, and we do notsell it or share it with third parties. You can review and revoke Dia's Health permissions at any time in your device's Settings.

Third-party services

We work with a small number of trusted service providers to operate Dia. They process only what is needed to provide their service:

• Supabase — data storage and authentication for your account and your derived state context.
• RevenueCat and Apple — processing and management of subscriptions and in-app purchases.
• Anthropic — generation of AI-powered insights. Anthropic receives only your derived state context. It does not receive your raw glucose numbers or identifying health data.

What we don't do

• We do not sell your personal data.
• We do not show ads in Dia.
• We do not allow third-party advertising trackers.
• We do not use your health data for marketing.

Your rights and choices

You can export your data and delete your data from within the app. Deleting your account will wipe your associated server-side data. Depending on where you live, you may have additional rights over your personal information; contact us to exercise them.

Data retention

We retain your account information and derived state context for as long as your account is active. When you delete your account, we delete the associated server-side data, except where we are required to retain certain records to comply with legal obligations.

Children

Dia is intended for adults aged 18 and older. It is not directed to children, and we do not knowingly collect personal information from anyone under 18.

Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above. Your continued use of Dia after changes take effect means you accept the updated policy.

Contact us

If you have questions about this Privacy Policy or your data, contact us at [contact email].

This Privacy Policy should be read together with our Terms of Service and Medical Disclaimer. Dia is a wellness and education app and is not a medical device.