This Privacy Policy explains how Yesil Health collects, uses, stores, and shares information when you use our app and related services. By using the app, you consent to the practices described here.
Information we collect. We collect information you provide directly during onboarding (age, gender, height, weight, health history, lifestyle preferences, goals), data you log over time (programs, daily entries, challenges, mood logs, lab results, photos you upload), conversations you have with the AI assistant, and account identifiers from your sign-in provider (Apple, Google, or email). When you grant permission, we read selected categories from Apple Health (steps, sleep, heart rate, workouts, water, mindfulness, body measurements) so the assistant can give context-aware answers.
How we use your information. We use your data to (a) personalize insights, programs, and challenges, (b) generate AI responses to your questions, (c) measure progress and surface relevant suggestions, (d) operate, secure, and improve the service, (e) communicate updates and respond to support requests, and (f) comply with legal obligations.
AI processing. Your messages, profile, recent logs, and selected health context may be sent to our AI providers to generate responses. We do not use your content to train third-party foundation models. Conversations are stored in your account so the assistant can maintain useful context across sessions; you can review and erase what the assistant remembers from the Memory screen.
Sharing. We do not sell personal information. We share data only with vetted processors who help us operate the app — including authentication and database (Supabase), AI inference, error monitoring, payment and subscription management (App Store, Google Play, RevenueCat), and analytics where enabled. These processors are bound by contract to use your data only for the agreed service.
Storage and security. Data is stored on managed cloud infrastructure with role-based access controls, encrypted at rest, and transmitted over TLS. Health data is treated as a sensitive category and is logically separated from non-health metadata. Access by our team is limited and audited.
Retention. We keep your data while your account is active. When you delete your account from Settings → Session → Delete account, your active profile, health logs, conversations, and memories are removed within a reasonable processing window. Limited operational logs (audit trails, abuse-prevention records) may be retained in anonymized or pseudonymized form for the period required by law or by our legitimate interests.
Your rights. Depending on where you live, you may have the right to access, correct, export, or delete your personal data, to restrict or object to processing, and to lodge a complaint with a supervisory authority. You can exercise most of these rights directly in the app; for anything else, contact us using the channel listed below.
Children. The app is not directed to children under the age permitted by your local law for processing health data. Do not use the app or provide information if you do not meet that age.
International transfers. Data may be processed in countries other than your own. Where required, we use appropriate safeguards such as standard contractual clauses.
Updates. We may update this policy. Material changes will be communicated in the app. Continued use after an update means you accept the revised policy.
Contact. For privacy questions or to exercise your rights, contact us at privacy@yesilhealth.app.