Privacy Policy for Guto

1. Our Commitment to Your Privacy

Welcome to Guto: Gut Health & IBS (the "App"), operated by Guto ("we," "us," "our"). Your privacy and the security of your data are at the core of our mission. This Privacy Policy provides a detailed explanation of how we collect, use, process, and protect your information.

Our App is designed to provide a highly personalized experience. To achieve this, we need to collect sensitive personal and health data. This policy aims to be completely transparent about why this data is necessary and how we use it to power your personal gut guide, Gibby.

2. The Data Controller

The party responsible for the processing of your personal data is:

Guto
Contact Email: strawhatapps@gmail.com

3. What Information We Collect and Why

We collect information in several ways: information you provide directly, information from third-party services you connect, and information collected automatically. The legal basis for processing this data is your explicit consent, which you provide upon agreeing to this policy and using the App, and the necessity of this data to fulfill our service contract with you.

3.1. Data You Provide Directly

• Account Data: To create and secure your account, we collect your name and email address.
• Onboarding Profile Data: To build your initial, personalized AI profile, we collect foundational data during our "Clinical Deep Dive" onboarding, including:
  • Demographics: Date of birth, biological sex.
  • Anthropometrics: Height, weight.
  • Health History (Sensitive Data): Diagnosed conditions (e.g., IBS, IBD, GERD), family medical history, surgical history, known food allergies and intolerances, and information on medications and supplements.
  • Lifestyle & Diet Baseline: Information about your typical diet, stress levels, sleep patterns, physical activity, smoking habits, and alcohol consumption.
• Daily Log Data (Sensitive Data): This is the data you actively provide to train your personal AI model:
  • Meal Data: Photos of meals and the corresponding food items you confirm.
  • Symptom Data: Details about your symptoms, such as bloating, pain, gas, and bowel movement characteristics (including Bristol Stool Chart data).
  • Other Logs: Information on hydration, mood, stress, and other relevant factors.

3.2. Data From Third-Party Services

• HealthKit & Google Fit Data: With your explicit consent, we may access data from Apple's HealthKit or Google Fit. This may include data on physical activity, sleep, and menstrual cycles. We only process this data to find correlations with your digestive health and display it within the App. You can revoke this permission at any time in your device settings.

3.3. Data We Collect Automatically

• Technical & Usage Data: We automatically collect data about your device (model, OS version) and your interaction with the App (features used, session times) to improve performance, fix bugs, and enhance user experience. This data is often aggregated and anonymized.

4. How We Use Your Information (The Purpose of Processing)

Our primary goal is to provide a valuable and trustworthy service. We use your data to:

• Power the Core App Experience: Your data is used by our AI engine to calculate your daily Gut Score, generate the visual state of your Gibby character, provide predictive alerts about potential symptoms, and deliver personalized "Discovery" insights.
• Manage Your Account: To create and maintain your account, process your subscription payments through third-party payment processors, and provide customer support.
• Communicate With You: To send you important notifications, service updates, and marketing communications (which you can opt-out of).
• Improve Our Service: We use anonymized and aggregated data to conduct research and development, improve the accuracy of our AI models, and understand user trends to build better features. We will never use your personally identifiable health data for marketing or research without obtaining separate, explicit consent.

5. Data Sharing and Third Parties

We are not in the business of selling your data. We only share your data with trusted partners who are essential for providing our service, and we ensure they adhere to strict data protection standards.

• Cloud & AI Providers: Your data is securely stored and processed using reputable cloud service providers (e.g., Google Cloud, AWS). Our AI features are powered by third-party APIs (e.g., Google Gemini), and we send only the necessary data for analysis under strict security protocols.
• Payment Processors: Your subscription payments are handled by secure, PCI-compliant payment processors (e.g., Stripe, Apple Pay, Google Pay). We do not store your full credit card information.
• Analytics Services: We use services like Google Analytics for Firebase to understand app usage. These services collect anonymized data to help us improve the App.
• Legal Compliance: We may disclose information if required by law or if we believe in good faith that such action is necessary to comply with a legal obligation or protect the safety of our users.

6. Your Rights Over Your Data (GDPR & Other Regulations)

We believe in empowering you with control over your personal information. You have the following rights:

• The Right to Access: You can request a copy of the personal data we hold about you.
• The Right to Rectification: You can modify most of your personal data directly within the App's settings. For other corrections, you can contact us.
• The Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your account and all associated personal data.
• The Right to Restrict Processing: You can request that we limit the way we use your personal data.
• The Right to Data Portability: You can request a copy of your data in a machine-readable format.
• The Right to Object: You can object to our processing of your personal data.
• The Right to Withdraw Consent: You can withdraw your consent at any time. The easiest way to do this is by deleting your account and discontinuing use of the App.

To exercise any of these rights, please contact our support team at the email address provided below.

7. Data Security and Retention

Security: We implement robust technical and organizational measures, including end-to-end encryption for data in transit and encryption for data at rest, to protect your information from unauthorized access, loss, or misuse.

Retention: We retain your personal data for as long as your account is active. If you choose to delete your account, your personally identifiable data will be permanently deleted from our primary servers in accordance with our data deletion policies and applicable law, typically within 30 days.

8. Children's Privacy

Guto is not intended for individuals under the age of 18. We do not knowingly collect data from children. If you believe we have inadvertently collected such information, please contact us so we can promptly obtain parental consent or remove the information.

9. Changes to This Privacy Policy

We may update this policy to reflect changes in our practices or for other operational, legal, or regulatory reasons. If we make material changes, we will notify you through the App or by email and update the "Effective Date" at the top of this policy.

10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please do not hesitate to contact us:

Guto Support
Email: strawhatapps@gmail.com