Privacy Policy

Nuvari Life ('Nuvari', 'we', 'our', or 'us') provides digital wellness tools to help users track nutrition, recovery, habits, and related health metrics.

This Privacy Policy explains how we collect, use, store, share, and protect personal information when users access our website, mobile experiences, integrations, and related services.

We may collect account information such as name, email address, authentication identifiers, and subscription status.

We may collect profile and wellness information such as age, biological sex, height, weight, goals, dietary preferences, allergies, and calorie or macro targets.

We may collect user-generated content such as food logs, journal entries, uploaded food photos, uploaded metabolic reports, DEXA scans, InBody scans, avatars, and messages sent to Nuvari's AI assistant.

We may collect device, usage, and analytics information such as IP address, browser type, app interactions, and diagnostic events.

We use personal information to create and manage accounts, authenticate users, and provide access to the service.

We use wellness and health-related information to calculate resting metabolic rate, calorie targets, macro guidance, personalized meal planning, recovery insights, journaling prompts, and other product features requested by the user.

We may use uploaded files and images to analyze nutrition, extract metabolic report values, and generate AI-assisted summaries or recommendations.

We use information to maintain security, prevent abuse, troubleshoot issues, improve the product, and comply with legal obligations.

Nuvari may send user prompts, uploaded images, and relevant health context to AI service providers to generate meal plans, analyze food images, summarize reports, or power coaching conversations.

We configure AI features to support the Nuvari experience, but AI-generated outputs may be inaccurate, incomplete, or inappropriate for medical decision-making.

Nuvari's AI features are not a substitute for professional medical advice, diagnosis, or treatment.

Depending on where a user lives, health-related information may be considered sensitive personal information. We process that information to provide the services the user requests, based on user consent, contract performance, legitimate interests, or other legal bases permitted by applicable law.

Users should not upload information they are not comfortable storing in a digital wellness service.

We may share information with service providers that help us operate Nuvari, such as hosting, authentication, payments, analytics, customer support, email delivery, AI processing, and nutrition APIs.

We may disclose information if required by law, legal process, or to protect the rights, safety, and security of Nuvari, our users, or others.

We do not sell personal information for money. If applicable law treats certain analytics or advertising disclosures as a 'sale' or 'sharing,' we will provide the rights and notices required by that law.

Nuvari may rely on providers such as Supabase for authentication, database, and storage; OpenAI for AI-powered features; Stripe for billing; Resend for transactional email; PostHog for analytics; and nutrition or grocery APIs for connected features.

Those providers may process information on our behalf subject to their own terms and data handling practices.

We retain information for as long as reasonably necessary to provide the service, maintain records, resolve disputes, enforce agreements, and meet legal obligations.

If a user disconnects a provider or deletes their account, we may delete or anonymize associated information, except where retention is required by law or needed for security, fraud prevention, or legitimate business recordkeeping.

Users may access, update, export, or delete certain information through their Nuvari settings or by contacting us.

Users may stop using optional AI features or request account deletion.

Depending on the user's location, they may have additional rights such as the right to know, correct, delete, restrict processing, object, or withdraw consent.

We use administrative, technical, and organizational measures designed to protect personal information, but no method of transmission or storage is completely secure.

Users are responsible for maintaining the confidentiality of their login credentials and for notifying us if they believe their account has been compromised.

Nuvari is not intended for children under the age required by applicable law to provide valid consent. If we learn that we collected personal information from a child in violation of applicable law, we will take steps to delete it.

Nuvari and its service providers may process information in countries other than the user's own. Where required, we will use appropriate safeguards for cross-border transfers.

We may update this Privacy Policy from time to time. If we make material changes, we may provide notice through the product, by email, or by updating the effective date above.

For privacy questions or requests, Nuvari should provide a monitored privacy contact email before launch. Until then, update this section with the correct business contact details and jurisdiction-specific notice language before going live.