Skip to main content
Your Privacy Matters

Privacy Policy

We take your privacy seriously. This policy explains how we collect, use, and protect your personal health information.

Last Updated: January 2, 2025

HIPAA Compliant

GDPR Compliant

Transparent

Your Control

Noosh AI ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services. Please read this policy carefully.

1. Information We Collect

Personal Information

  • Account information (name, email address, password)
  • Profile information (age, health goals, preferences)
  • Supplement tracking data (names, dosages, schedules, completion records)
  • AI chat conversations and health-related questions
  • Usage analytics and app interaction data

Automatically Collected Information

  • Device information (type, operating system, unique identifiers)
  • Log data (IP address, access times, app features used)
  • Push notification tokens for reminders

2. How We Use Your Information

  • Provide Services: Track supplements, send reminders, generate analytics
  • AI Features: Process conversations with GPT-4 to provide health insights
  • Personalization: Customize recommendations and optimize your experience
  • Communication: Send service updates, support responses, and account notifications
  • Security: Detect fraud, abuse, and protect against security threats
  • Improvement: Analyze usage patterns to enhance app functionality
  • Legal Compliance: Fulfill legal obligations and enforce our terms

3. Data Sharing and Disclosure

We do not sell your personal health information. We may share your information only in the following circumstances:

  • Service Providers: Third-party vendors who perform services on our behalf (hosting, analytics, AI processing via OpenAI)
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with mergers, acquisitions, or asset sales (you will be notified)
  • Consent: With your explicit permission for any other purpose

OpenAI Processing: AI chat uses OpenAI's GPT-4 API. Conversations are processed according to OpenAI's data policies, which prohibit use of your data for training models.

4. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: Data encrypted in transit (TLS/SSL) and at rest (AES-256)
  • Access Controls: Strict authentication and role-based access limitations
  • Secure Storage: Data stored on HIPAA-compliant cloud infrastructure
  • Regular Audits: Ongoing security assessments and penetration testing
  • Incident Response: Procedures to detect, respond to, and notify of breaches

While we strive to protect your data, no method of transmission or storage is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

5. Your Rights and Choices

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate or incomplete information
  • Deletion: Request deletion of your account and associated data
  • Export: Download your data in machine-readable format (CSV)
  • Opt-Out: Disable push notifications or email communications
  • Withdraw Consent: Revoke permissions previously granted

To exercise these rights, contact us at privacy@noosh.ai or through the app settings.

6. Data Retention

We retain your personal information for as long as necessary to provide services and comply with legal obligations. When you delete your account:

  • Active data is deleted within 30 days
  • Backups are purged within 90 days
  • Anonymized analytics may be retained indefinitely
  • Legal or security-related data may be retained longer as required

7. Children's Privacy

Noosh AI is not intended for children under 18. We do not knowingly collect personal information from minors. If you believe we have collected data from a child, contact us immediately at privacy@noosh.ai.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure adequate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable laws, including GDPR for EU residents.

9. Third-Party Services

We integrate with the following third-party services:

  • OpenAI: AI chat processing (GPT-4 API)
  • AWS: Cloud hosting and storage
  • Apple Push Notification Service: iOS push notifications
  • RevenueCat: Subscription management

These services have their own privacy policies. We encourage you to review them.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification. Continued use of our services after changes constitutes acceptance of the updated policy. The "Last Updated" date at the top reflects the most recent revision.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

HIPAA Compliance Notice

Noosh AI is designed to be HIPAA compliant for handling Protected Health Information (PHI). We maintain administrative, physical, and technical safeguards that meet or exceed HIPAA requirements. For enterprise customers requiring a Business Associate Agreement (BAA), please contact legal@noosh.ai.

Questions About Privacy?

We're here to help. Contact our privacy team anytime.

Contact Us