ES EN FR PT DE IT

GlucoScan AI Privacy Policy

Last Updated: April 22, 2026

1. Introduction

Welcome to GlucoScan AI ("we", "our" or "the Application"). We take your privacy and the security of your health data very seriously. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our mobile application.

By using GlucoScan AI, you accept the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Health Information

Blood glucose readings and measurements
Carbohydrate counting and food records
Insulin doses and therapy type
Medical profile data (gender, birth date, therapy)
Carbohydrate calculation results
Saved favorite meals (name, ingredients, nutritional values)
Aggregated daily summaries (carbohydrates, insulin, meals, average glucose)
Glucose data entered manually or imported from JSON file

2.2 Account Information

Email address (via Google Sign-In or Apple ID)
Name and profile information
User preferences and settings

2.3 Technical Information

Device type and operating system
App version and usage data
Device identifiers and analytics

2.4 Glucose Data (Local Storage)

If you enable the Glucose Charts feature (Pro feature), you can record glucose readings manually or import them from a JSON file.

🔒 LOCAL STORAGE ONLY: Glucose data is stored exclusively on the user's local device, in an internal SQLite database. This data:

Is NEVER sent to our servers or Firebase.
Is NEVER shared with third parties.
Is NEVER used for advertising or analytics.
Is automatically deleted after 90 days.
Is completely deleted when the app is uninstalled or the account is deleted.

Export/Import: You can export your glucose data as a JSON file from the app to migrate to another device. This file is generated locally and shared through your device's native sharing system (AirDrop, Drive, email, etc.). It never passes through our servers.

⚠️ IMPORTANT DISCLAIMER: GlucoScan AI is not a medical device. It should NOT be used as a substitute for professional medical advice. Always consult with your healthcare provider before making any changes to your treatment plan or insulin dosage. The app is for informational purposes only.

3. How We Use Your Information

Service Provision: To provide carbohydrate counting and glucose calculation features
Personalization: To customize the app experience based on your profile
Local Insulin Calculation: The insulin dose is calculated exclusively on your device by applying the ratios (Carb, ISF, Target) you have configured following your doctor's guidance. The AI does not take part in this calculation.
Data Synchronization: To sync your data across devices
Service Improvement: To enhance app features and functionality
Security: To protect your account and prevent fraud

4. Data Storage and Security

Your data is transmitted encrypted (SSL/TLS) and stored encrypted at rest with Google-managed keys. We do NOT offer end-to-end encryption (E2E) because our servers must process the images to provide the service. We implement:

Firebase Authentication for secure login
Firestore Database with security rules
Firebase Storage for encrypted food images with access control
Local device storage for offline availability
Exclusive local storage for glucose data (SQLite on device — never in the cloud)
SSL/TLS encryption in transit
Regular security audits and updates

4.1. Single Session Security

To protect your account from unauthorized access on multiple devices simultaneously, we implement a single session security system:

Session ID: Each time you log in, we generate a unique identifier (UUID) and store it in your profile on Firestore.
Real-Time Monitoring: Your device monitors changes to this identifier. If we detect that you've logged in from another device, your current session will be automatically closed for security.
Silent Notification: When your session is closed due to detection of another access, the app will redirect you to the login screen.
Data Stored: We only store the current session UUID and timestamp of the last login. This data is overwritten with each new login.

Purpose: This measure ensures your account cannot be accessed from multiple devices simultaneously, protecting your sensitive health data.

5. Third-Party Services

Our app uses the following third-party services:

Google Firebase: For authentication, database, storage, and analytics (Privacy Policy)
Google Sign-In: For account authentication
Apple ID: For authentication on iOS (required by App Store)
Google Cloud Vertex AI: For enterprise AI-powered nutritional analysis. Images are routed through our secure European servers (europe-west1) via Firebase Cloud Functions protected by App Check. Under Google Cloud's Enterprise privacy policies, your images are NOT stored and are NOT used to train public AI models.
Google AdMob: For advertising in the free version. AdMob may collect device identifiers (IDFA) to personalize ads (Google Privacy Policy)
RevenueCat: For subscription and in-app purchase management. RevenueCat processes transaction data securely (Privacy Policy)
Nightscout (Optional): If you choose to connect your personal Nightscout instance, the app fetches data directly from your URL. We do not control or host your Nightscout data.
Open Food Facts (Nutritional Database — ODbL): To provide nutritional estimates when scanning barcodes, GlucoScan uses the open database Open Food Facts, distributed under the ODbL (Open Database License). In line with our Unbreakable Privacy and Zero-Identity Firewall principle, GlucoScan only sends the barcode number to Open Food Facts servers. No personal, medical, or user identifier data is ever transmitted. (Terms of Use & License)

Each service has its own privacy policy. We recommend reviewing them.

6. Data Retention

Your data is retained as long as your account is active. After account deletion, your data is permanently deleted from our servers within 30 days.

All personal health data is permanently deleted from our servers
Your Firebase profile is removed
Your account cannot be recovered
Local glucose data: Automatically deleted after 90 days. Also deleted when the app is uninstalled or the account is deleted. You can manually delete it from the Glucose Charts screen.

⏳ Inactive accounts: If you do not access your account for a continuous period of 12 months and do not have an active Pro subscription, we may delete your account and associated data. Before deletion, you will receive an email notification 30 days in advance so you can recover your account simply by logging in again.

6.1 Data Export

You can export your meal analysis history as a JSON backup file from the app. This file is generated locally on your device and shared through the native sharing system (AirDrop, Drive, email, etc.). Exported data is automatically sanitized (internal identifiers and image URLs are removed). It never passes through our servers.

7. Educational and Nutritional Tool

IMPORTANT: GlucoScan AI is an educational and nutritional tool, NOT a medical device.

The application is designed as an educational support tool for personal diabetes management.
The AI (Google Vertex AI) only estimates carbohydrates. The insulin amount is the result of a local mathematical calculation based entirely on the medical ratios you have configured.
You are responsible for always verifying calculations and consulting with your healthcare professional before administering insulin.
Do not use this application as the sole criterion for critical medical decisions.
Maintain regular contact with your endocrinologist or specialist physician.

8. Access Model, Advertising and Tracking (Consent or Pay)

GlucoScan AI operates under a dual funding model, in line with EDPB Opinion 08/2024 and the policies of Apple App Store and Google Play. Access to the application is granted under one of the two following options:

A. Free Version with personalized advertising: The user voluntarily grants consent, through Google's UMP / IAB TCF v2.2 form, for Google AdMob and its advertising partners (TCF vendors) to process device identifiers (IDFA on iOS, AAID on Android) and usage data to display personalized ads.
B. Pro Subscription "GlucoScan Pro": The user purchases a paid subscription via Apple App Store or Google Play (managed by RevenueCat). Pro users do NOT see ads and therefore no data is collected or shared for advertising purposes. The advertising SDK is not initialized for these users.

Functional equivalence (GDPR Art. 7.4): The core medical and nutritional features (insulin calculator, food recognition, history, carb factors) are identical in both versions. The choice does not condition or degrade the medical-educational service.

Withdrawal of consent (GDPR Art. 7.3): You may withdraw your advertising consent at any time from Settings → Privacy preferences. If you withdraw it and do not have an active Pro subscription, the application will display the "Consent Gate" again, requiring you to choose one of the two options to continue using the service.

8.1 App Tracking Transparency (ATT) — iOS

On iOS devices, we request your permission through Apple's App Tracking Transparency (ATT) framework only after you have accepted advertising consent in Google's UMP form. If you rejected personalized advertising in the UMP, the ATT prompt will not be shown, since we will not process tracking identifiers.

8.2 Advertising SDKs and TCF vendors

The following SDKs only process data for Free Version users who have granted advertising consent:

Google AdMob — Advertising identifier, impression and click data. See Google's Privacy Policy for more information.
IAB TCF v2.2 vendors — The complete list of authorized advertising partners is shown in Google's consent form and can be reviewed from Settings → Privacy preferences.

9. Analytics and Usage Data

The mobile application records basic usage events (errors, features used) to improve user experience. We do not collect personal identifiers in these events. Analytics are processed locally or through Firebase Analytics, which complies with privacy regulations.

10. Responsible Use of the Application

⚠️ CRITICAL DISCLAIMER:

GlucoScan AI is NOT a medical device nor a substitute for professional medical care
The carbohydrate estimates provided by the AI are approximations that may contain significant errors. The insulin dose is calculated locally by the app using your own ratios.
Always verify with your doctor before making any changes to your treatment or insulin dosage
This app is for informational and educational use only
Maintain regular contact with your endocrinologist or specialist
In case of medical emergency, contact emergency services immediately

11. Your Rights (GDPR)

If you reside in the European Union or another jurisdiction with similar data protection regulations, you have the following rights:

Right to access your personal data
Right to rectify inaccurate information
Right to delete your data (right to be forgotten)
Right to restrict processing
Right to data portability

12. Children's Privacy

GlucoScan AI is not intended for children under 13. We do not knowingly collect information from children under 13. If we become aware that we have collected personal information from a child under 13, we will immediately delete such information.

13. Changes to This Policy

We may update this privacy policy from time to time. We will notify users of significant changes by posting the new policy on this page and updating the "Last Updated" date.

14. Contact Us

If you have questions about this privacy policy or our practices, please contact us at:

📧 hello.glucoscanai@outlook.es