TipoZero App

Last updated: June 2026

Privacy Policy

Data subject

ETIE CONSULTING & TECHNOLOGY S.L.
ID/Tax ID: B56232580
Address: 30009 Murcia, Spain
Email: tipozerodiabetes@gmail.com

This Privacy Policy applies to the TipoZero mobile application and related services (the “App”),
Available on Android, iOS, and web. We comply with Regulation (EU) 2016/679 (GDPR) and Organic Law 3/2018.
of Personal Data Protection and guarantee of digital rights (LOPDGDD) and other applicable regulations.

What data do we collect?

To use the app, you need to create an account. Depending on your usage, we can treat you as follows:

Account and identification details

  • Email and password (registration by email), or authentication data when logging in with Google or Apple.
  • Username and identifier (UID) assigned by our authentication provider.
  • Device identifier, used to link your subscription and sync data on the same device.
  • App version and platform (Android, iOS or web) when you contact support.

Profile and health-related data (provided voluntarily by you)

  • Insulin usage settings, insulin ratios, and meal timing ranges.
  • Nutritional goals and food allergies or intolerances.
  • Food diary entries: foods, quantities, meals, dates and associated nutritional calculations.
  • Favorite foods and personalized preferences saved in your profile.

This information may be related to your health or the dietary management of diabetes. You provide it.
You voluntarily provide this information to use the app's features. We treat it as health-related data in accordance with the
Article 9 of the GDPR, based on your explicit consent when entering it into the App.

Data obtained through device permissions (only if you grant them)

  • Camera and photo gallery: to scan barcodes and analyze food from photographs.
  • Microphone: to record audio at the voice-activated food checkout and in the AI-powered nutrition assistant.
  • Health data (Health Connect on Android / HealthKit on iOS): Blood glucose and calories burned are only accessed if you authorize it. This data is read locally from your device's health platform and is not sent to our servers unless you use a feature that requires it.

Subscription and payment details

  • Subscription status, product identifier, purchase receipts, and transaction history.
  • Payments are processed entirely by Google Play (Android) or the Apple App Store (iOS). We do not receive or store bank card data.

Usage data and analytics

  • Screens visited, events in the app (e.g. food added manually, by barcode, photo or audio), language and subscription status.
  • Collected using Firebase Analytics, associated with your user ID when you are logged in.

Contact and support information

  • When using the contact form: name, email, subject, message, user ID, device ID and technical information to manage your request.

AI Assistant (Premium feature)

  • Your messages, optional images or audio, and relevant context (e.g., recent journal entries, goals, and allergies) are sent to our backend and processed by an AI service (OpenAI) to generate responses about nutrition and diabetes. Please do not include unnecessary personal or medical information in your messages.

How we use your data

  • Create and manage your account and authenticate yourself.
  • Offering the main functions: carbohydrate and insulin calculation, food search, diary, recipes and profile settings.
  • Offer Premium features: advanced food entry (photo, barcode, audio), AI-powered nutrition assistant, and expanded diary synchronization.
  • Manage and validate subscriptions purchased on Google Play or the App Store.
  • Sync your data between the App and our cloud services (Firebase Firestore and our API).
  • Respond to support requests submitted through the contact form.
  • Measure and improve the app through aggregated usage analytics.
  • To fulfill legal obligations and protect our rights.

Legal basis (GDPR)

  • Contract execution: to provide you with the App and your subscription.
  • Explicit consent: for health-related profile and diary data, optional access to health platforms, and use of the AI ​​assistant.
  • Legitimate interest: analytics, security, fraud prevention and service improvement, balanced with your rights.
  • Legal obligation: when required by applicable law.

Where is the data stored?

  • Firebase (Google): authentication, Firestore database (profile, journal, subscriptions) and Firebase Analytics.
  • Our backend API: food search, contact messages, AI requests and related processing.
  • Your device: Local preferences and cached data using secure storage (Capacitor Preferences / localStorage).
  • Google Play / Apple App Store: subscription payment and billing records.

ETIE CONSULTING & TECHNOLOGY S.L. acts as the data controller. Part of the processing
This is done by agents acting on our instructions (see Third Parties below).

Transfer of data to third parties

We do not sell your personal data. We may share data with:

  • Google (Firebase, Google Sign In, Google Play): authentication, cloud database, analytics, and billing on Android.
    Google Privacy Policy
  • Apple (Sign in with Apple, App Store): authentication and billing in iOS.
    Apple Privacy Policy
  • OpenAI: Processing AI assistant requests through our backend, in accordance with our contractual terms with OpenAI.
    OpenAI Privacy Policy
  • Food data providers (e.g., Edamam): accessed through our backend to obtain nutritional information; we do not send your account identity in regular food searches.
  • Service providers: accommodation and infrastructure needed to operate the App.
  • Authorities: when required by law or to protect legal rights.

International transfers

Some providers (e.g. Google, OpenAI) may process data outside the European Economic Area.
Where appropriate, we rely on suitable safeguards such as Standard Contractual Clauses or others
mechanisms recognized by the GDPR.

Data retention

  • Account and profile data: while your account is active.
  • Journal and favorites: While your account is active, you can delete individual entries in the App.
  • Subscription records: the time required for billing, legal, and accounting purposes.
  • Analytics: according to Firebase Analytics' predefined timeframes.
  • Contact messages: the time needed to process your request and any follow-up.

Security

We implement standard industry measures, including encrypted connections (HTTPS), Firebase Authentication
and access controls on our backend. No transmission or storage method is 100% secure;
We recommend using a strong password and keeping your device updated.

Your rights

In accordance with the GDPR, you can request:

  • Access to your personal data.
  • Correction of inaccurate data (editable in Profile and Diary).
  • Deletion of your data (right to be forgotten).
  • Limitation or opposition to certain treatments.
  • Data portability, where applicable.
  • Withdraw consent at any time, without affecting previous lawful treatments.

You can update most of your data directly in the app (Profile, Journal, Account). To delete
To access your account, use the option in Account Settings or write to us at
tipozerodiabetes@gmail.com.
Removal can take up to 90 days; if you resubscribe from the same device before then
During that period, your data stored on our servers (favorites, meal ranges, ratios of
insulin and diary) can be stored as indicated in the App.

You can also file a complaint with the Spanish Data Protection Agency (AEPD):
www.aepd.es.

Minors

The app is not intended for children under 14. If you believe a child has provided us with data without their consent, please report it.
If you have the appropriate consent, please contact us to proceed with its removal.

Changes to the Privacy Policy

We may update this Privacy Policy. Relevant changes will be communicated through the App
or other appropriate means. Continued use after notification constitutes acceptance of the policy.
updated.

Contact

Para cualquier consulta sobre esta Política de Privacidad o tus datos personales:
tipozerodiabetes@gmail.com