Privacy Policy
Last Updated: June 24, 2026
Welcome to the DoseDay GLP-1 Tracker mobile application (the "App"), operated by Fitura AI, LLC ("Fitura AI," "we," "us," or "our"), a Delaware limited liability company. We respect your privacy and are committed to protecting your information.
Overview
This Privacy Policy explains what information we collect, how we use it, and the choices you have. It applies to information collected when you use the App, related websites, and services (collectively, the "Services").
Please review this Policy carefully. Your use of the Services is also governed by our Terms of Use.
Information We Collect
Account and Identifiers
- Firebase Authentication identifiers, including UID and login provider, such as Sign in with Apple or anonymous session. Firebase Authentication identifiers are created or used when you start active tracking, sign in, restore an account, or use a cloud-connected feature. Readiness / Starting Plan can be used before a Firebase account is created.
- Sign in with Apple may provide a name and Apple relay email address, depending on the information you choose to share with Apple and the App.
- Locally stored preferences and identifiers used to operate the App, such as onboarding status, first-launch journey stage, selected region, notification settings, and analytics preferences.
- Privacy-preserving analytics identifiers, such as a pseudonymous Mixpanel distinct ID, used only when analytics is enabled.
Usage and Device Data
- Push device token, platform, bundle identifier, and derived region.
- Device type, OS version, App version, and locale.
- Crash diagnostics, such as crash traces, device type, OS version, and App version, where enabled. We do not attach health values, medication details, notes, report contents, or Apple Health data to crash reports.
- Country/region inferred from device settings and network headers. We do not intentionally store raw IP addresses in App user records or analytics events, though service providers may process IP addresses transiently for security, routing, and abuse prevention.
- Region assignment and migration history stored locally on your device.
Health and Fitness Data
- Information you enter into the App, such as medication schedule, dose history, inventory, reminders, weight, symptoms or side effects, notes, protein, hydration, exercise, and related daily records.
- Health and fitness data entered during Readiness / Starting Plan before active tracking is stored locally on your device only. Active tracking health data is stored in cloud-backed account records. See the Readiness Mode / Starting Plan section for details.
- If you choose to connect Apple Health, the App may read selected health and fitness data you authorize, such as activity, sleep, weight, body measurements, vitals, blood glucose, nutrition, hydration, mindfulness, and related trends.
- Apple Health access is optional and controlled by you through iOS permissions and iOS Settings.
- Health and fitness data is used to provide App features, display trends, support reports you generate, and, where enabled, provide AI-powered wellness tips.
- We do not send raw Apple Health records, dose values, body weight values, notes, or symptom details to analytics providers.
App Events and Analytics
- If analytics is enabled, we collect limited product interaction events, such as screens viewed, onboarding steps, subscription/paywall interactions, report export actions, and feature usage.
- Analytics is OFF by default for EU-region users and can be enabled or disabled at any time in Settings → Privacy & Data.
- Analytics events use pseudonymous identifiers and are processed through Mixpanel's EU API host.
- We do not send health measurement data, medication dose values, body weight values, notes, side-effect details, report contents, names, email addresses, or Firebase UIDs to analytics providers.
- When analytics is disabled, we stop analytics collection and request deletion of the associated analytics profile where supported.
Website Events and Analytics
- We collect limited pseudonymous analytics on the public website (dosedayglp1.com) to understand which pages and features drive App Store downloads.
- Website events include page views, section visibility, CTA click interactions, FAQ opens, and App Store outbound clicks. They are attributed to an anonymous session ID stored in session storage and not linked to a persistent user identifier.
- Website analytics do not include health data, form inputs, free-text content, personal identifiers, full referrer URLs, or app-specific data.
- Website analytics events are processed through Mixpanel's EU API host with IP tracking disabled.
Subscription and Billing
- RevenueCat customer identifiers and subscription status.
- Payment details are processed by Apple or Google. We do not store financial information.
Readiness Mode / Starting Plan
Readiness Mode and Starting Plan can be used before creating a DoseDay tracking account. No Firebase account is required to use Readiness / Starting Plan.
Readiness / Starting Plan data is stored locally on your device and encrypted at rest. It is not uploaded to DoseDay servers unless you choose to use a cloud-connected feature, share or export information, contact support with details, or begin active tracking.
Readiness data stored on your device may include:
- Journey stage — which path you selected (considering GLP-1, or prescribed but not yet started). Stored locally and not uploaded to DoseDay servers before active tracking.
- Selected discussion topics — the IDs of clinician questions and coverage/access checklist items you selected. Topic text is not stored; only selection IDs are saved locally.
- Coverage and access planning status — your selected coverage or access status (e.g., “Prior authorization may be required”). We do not collect insurance member IDs, group numbers, insurance card images, employer information, diagnosis codes, medication history, or provider details.
- Summary metadata — whether you previewed or exported a Readiness Summary PDF, and an export count. The PDF is generated on your device and not sent to any server. See the Reports and Exports section.
- Baseline snapshot values — if you enter values such as weight, steps, sleep, protein, or hydration, or import them from Apple Health, these are stored locally on your device before active tracking begins. If you start active tracking and choose to copy your local snapshot into active tracking, those copied values are stored in Firestore-backed daily history. If you skip that step, the values are not copied and remain local only until deleted.
- Apple Health source usage — if you choose to import baseline metrics from Apple Health, the App reads the specific data types you authorize and records a source label (“Apple Health”) alongside the value. Apple Health access for Readiness is optional and user-initiated.
Because Readiness / Starting Plan data is stored only on your device, DoseDay cannot view, export, or recover it. If you delete the app or delete your local Readiness Plan, that data may be permanently lost.
DoseDay may collect limited, non-content analytics about Readiness feature usage, such as whether a module was opened or whether an external resource link was tapped. DoseDay does not use analytics to record the specific Readiness topics, checklist items, baseline values, coverage/access statuses, or specific external health resources selected by the user. See the App Events and Analytics section.
AI-Generated Wellness Tips
- When you use the Tips feature, we send a minimized summary of recent App data to our AI service provider through server-side Cloud Functions.
- This summary may include recent protein, hydration, weight, activity, sleep, exercise, blood glucose, active energy, dose adherence, side-effect severity, medication name, inventory-low status, measurement system, and feedback on prior tips.
- We do not send your name, email address, Firebase UID, device identifier, free-text notes, or full daily records to the AI provider.
- Weight and other numeric values may be rounded, clamped, or otherwise minimized before processing.
- Processing occurs server-side only through our Cloud Functions. The App does not communicate directly with the AI provider.
- Our AI provider processes these requests according to its commercial/API terms. We do not permit the AI provider to use your data to train models.
- Tip requests are rate-limited to prevent abuse and may be logged in your Firestore account for audit, feedback, and product functionality purposes.
- AI-powered wellness tips are available with limited free daily generations. Pro subscribers receive a higher daily limit.
Support Communications
- Messages and information you send through in-app chat, email, support forms, help articles, automated tools, AI-assisted tools, or other support channels.
- Support metadata used to troubleshoot issues, such as account UID, region, platform, OS version, device model, app version, support session ID, correlation ID, and support interaction timestamps.
- Support communications may be processed by our support providers and service providers to help us respond to requests, troubleshoot issues, maintain records, improve support quality, and send support-related notifications.
- Support communications are retained up to 12 months after your last interaction and deleted within 30 days of account deletion or earlier upon verified request, where technically available through our support providers.
Reports and Exports
- If you choose to generate reports or exports, the App may create files containing your medication schedule, dose history, notes, symptoms or side effects, health trends, Apple Health-derived data, and daily records.
- If you use Readiness Mode and export a Readiness Summary PDF, the PDF is generated entirely on your device and contains only patient-entered information: your journey stage, selected clinician questions, coverage and access status labels, and baseline metrics you recorded. The PDF is not sent to any server; it is shared only through the iOS share sheet at your direction.
- Reports and exports are generated at your request and shared only through the sharing options you choose.
- We do not automatically send generated reports to healthcare providers, insurers, analytics providers, or other third parties.
- You are responsible for reviewing reports and exports before sharing them.
How We Use Information
We use data to:
- Provide and improve the App's core functionality.
- Manage accounts, subscriptions, and entitlements.
- Provide customer support, respond to requests, troubleshoot issues, and send support-related communications.
- Deliver reminders, notifications, and region routing.
- Generate AI-powered wellness tips based on recent App data and, where enabled, Apple Health-derived data (free tier includes a limited daily allowance; Pro subscribers receive a higher daily limit).
- Perform analytics for feature improvement (if enabled).
- Prevent abuse, fraud, and maintain security.
- Comply with legal and contractual obligations.
We do not sell your information.
No Sale or Advertising Tracking
We do not sell your personal information. We do not use your health data, Apple Health data, medication records, notes, reports, or AI tip data for advertising, marketing profiling, or data broker purposes.
Lawful Bases (GDPR/UK GDPR)
We process data under the following lawful bases:
- Contract: to provide the App and services you request.
- Legitimate Interest: to maintain and secure the App, diagnose crashes, detect fraud, and improve performance, while minimizing the data used for those purposes.
- Consent: for optional analytics and notifications. You can withdraw consent in Settings → Privacy & Data.
Data Sharing and Processors
We share data only with service providers under contractual obligations:
| Provider |
Purpose |
| Firebase (Google) |
Authentication, database storage, Cloud Functions, push notifications, Remote Config, and Crashlytics diagnostics where enabled. EU-region data is routed to EU infrastructure where supported by the App's regional configuration. |
| Mixpanel |
Privacy-preserving product analytics using pseudonymous identifiers. Analytics is off by default for EU-region users and can be disabled in Settings → Privacy & Data. |
| RevenueCat |
Subscription management |
| Crisp and support service providers |
In-app support chat, email or other support communications, support session metadata, troubleshooting, support notifications, and related support operations. |
| Apple / Google |
App store payments and sign‑in |
| Anthropic |
AI-generated wellness tips. Receives minimized health summaries without direct identifiers through server-side Cloud Functions only. We do not send name, email address, Firebase UID, device identifier, free-text notes, or full daily records to Anthropic. |
Crash diagnostics may be collected through Firebase Crashlytics in supported builds. We use crash diagnostics to maintain app reliability and security. We do not attach names, email addresses, health values, medication details, notes, report contents, or Apple Health data to crash reports. Crash diagnostics collection may vary by region and build configuration.
International Transfers and Safeguards
We may process information in the United States, the European Economic Area, and other locations where we or our service providers operate. Where personal data is transferred internationally, we rely on appropriate safeguards such as Standard Contractual Clauses, Data Processing Addenda, provider-specific regional processing commitments, or other lawful transfer mechanisms made available by our processors, including Google/Firebase, Mixpanel, RevenueCat, Crisp and support service providers, Anthropic, Apple, and Google.
Data Retention
| Data Type |
Retention |
| User data (Firestore) |
Retained while your account is active; deleted when you use "Delete My Data" or "Delete My Account," subject to limited operational logs and legal obligations. |
| Locally stored App data |
Stored on your device to operate the App, including preferences, cache, onboarding state, selected region, and AI tip cache. Cleared when you use deletion controls where applicable. |
| Push device records |
Updated with new registrations; deleted upon account deletion, token invalidation, or when no longer needed for notification delivery. |
| Support communications |
Retained up to 12 months after last interaction; deleted within 30 days after account deletion or upon verified request, where technically available through our support providers. |
| Analytics |
Analytics profiles are deleted when you disable analytics or delete your account, where supported by the analytics provider. |
| Region migration metadata |
Stored in your Firestore account and on your device as needed to route your data and prevent migration loss; deleted when you delete your account or data, except where needed for legal or operational records. |
| AI tip audit logs |
Stored in your Firestore account for App functionality, rate limiting, feedback, and audit purposes; deleted when you delete your account or data. |
| Local Readiness / Starting Plan data |
Stored locally on your device in encrypted form. Deleted when you delete your local Readiness Plan from the Readiness Privacy screen, delete the app, or when the app removes the local store after an active tracking transition where applicable. DoseDay cannot view, export, or recover local-only Readiness data; the encrypted data and Keychain root key are deleted together, making the data irrecoverable. |
| Active tracking data (Firestore) |
Stored while your account is active. Deleted when you use “Delete My Data” or “Delete My Account,” subject to limited operational logs and legal obligations. If you copied a local Readiness baseline snapshot into active tracking, those copied values are stored in Firestore and subject to this policy. |
| Reports and exports |
Generated on your device or through App functionality at your request. We do not automatically send generated reports to third parties. Copies you share are controlled by the destination you choose. |
User Controls and Rights
You may have rights under GDPR and other laws, including:
- Access, correction, deletion ("right to be forgotten")
- Restriction or objection to processing
- Data portability
- Withdrawal of consent (analytics, notifications)
To exercise these rights, contact privacy@fitura.ai with "Data Subject Request" in the subject line. Verification may be required.
You may also use in-app controls to delete your App data, delete your account, manage analytics, manage notifications, and control Apple Health permissions through iOS Settings.
If you use Readiness / Starting Plan before active tracking, you can delete your local Readiness Plan from the Readiness Privacy screen (accessible from the Readiness dashboard). Because this data is stored only on your device, DoseDay cannot view, export, or recover it for you unless you have chosen to share it or copy it into active tracking.
International Data Routing and Regional Data Residency
How Your Region is Determined
The App uses a single global build that routes your data to either EU or US infrastructure at runtime based on:
- Initial Assignment: When you first use the App, your region is automatically determined based on your device's country code and stored locally on your device.
- Persistent Storage: Your region preference is saved in iOS Keychain and persists across app updates and device restarts.
- Account Binding: When you sign in with Apple, your region becomes associated with your account and remains consistent across devices.
Data Storage Locations
- EU Region Users: App data is routed to EU regional infrastructure where supported, including Firebase Firestore in the EU multi-region and Cloud Functions in an EU region.
- US Region Users: App data is routed to US regional infrastructure where supported, including Firebase Firestore in the US multi-region and Cloud Functions in a US region.
- Some service providers, such as subscription, analytics, support, AI, app store, or diagnostic providers, may process data in other regions subject to their contractual safeguards and regional processing options.
- Local Readiness / Starting Plan data remains on your device and is not routed to regional cloud storage unless you start active tracking or use a cloud-connected feature. The regional data residency settings above apply to cloud-backed active tracking data.
Region Switching and Migration
- Your assigned region is sticky and does not change automatically. We do not move your data based on travel or location changes.
- If you need to change your data region, you must contact support at privacy@fitura.ai.
- Region switches involve a one-time data migration that copies your data from one regional infrastructure to another. This process is logged with metadata including source region, destination region, and migration timestamp.
- After migration, the original data may be flagged for deletion in the source region.
EU Region Privacy Enhancements
- Crashlytics (Diagnostic Service): Crash diagnostics may be collected in supported builds to maintain reliability and security. We do not attach names, email addresses, health values, medication details, notes, report contents, or Apple Health data to crash reports. Crash diagnostics collection may vary by region and build configuration.
- Analytics Default: Analytics is OFF by default for EU region users and can only be enabled through explicit opt-in in Settings → Privacy & Data.
- Data Processing: EU users' analytics data is processed through Mixpanel's EU API endpoint.
Migration Metadata
If you switch regions, we store limited metadata to ensure data integrity:
- A
region_eu document in your Firestore account containing: pinned status, migration timestamp, source/destination regions, and source/destination user IDs.
- Local identifiers on your device to track migration history and prevent data loss during account upgrades.
- This metadata is deleted when you delete your account or data.
Security
We use encryption in transit, Firebase security rules, and access controls. While we take reasonable precautions, no security system is infallible.
Local Readiness / Starting Plan data is encrypted at rest using an app-managed encryption key stored in the device Keychain. Deletion of the local Readiness Plan removes both the encrypted data and the Keychain key. No security measure is perfect, and users should protect access to their device.
Children's Privacy
The App is not directed to children under 13 in the U.S. or under 16 in the EEA. We do not knowingly collect data from children below these ages.
Changes to this Policy
We may update this Policy periodically. Material changes will be communicated via in‑app notice or email. The "Last Updated" date reflects the latest revision.
Contact
Questions or privacy inquiries:
Email: privacy@fitura.ai
See our Terms of Use.
© 2026 Fitura AI, LLC. All rights reserved.