Privacy Policy for Mode Wellness

Effective Date: September 29, 2025

Last Updated: October 3, 2025

Whiteboard Labs ("we," "our," or "us") operates the Mode Wellness mobile application (the "App"). This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our App.

1. Information We Collect

Personal Information

We collect information that identifies you personally when you create an account:

• Name and Email Address: Collected when you sign in with Apple or Google
• User ID: Internal identifier created for your account
• Profile Information: Age, gender, health goals and fitness objectives

Health and Fitness Data

With your permission, we collect and process:

• Apple Health Data: Steps, active energy burned, workouts, water intake, heart rate, and body mass (from standard HealthKit only)
• Nutrition Logs: Meals, foods consumed, calorie intake, and macro nutrients
• Workout Data: Exercise activities, sets, reps, weights, and workout duration
• Progress Metrics: Weight changes, strength gains, and fitness achievements

Important: We do NOT collect:

• Medical records, lab results, or prescriptions from healthcare providers
• Clinical Health Records from healthcare systems
• Health data interpreted or analyzed by medical professionals
• Any regulated medical or health information beyond standard fitness tracking

User-Generated Content

• Food Photos: Images you capture for AI-powered food analysis
• Voice Recordings for Meal Logging: Temporary audio data for speech-to-text meal logging (processed and deleted immediately)
• Visit Transcriptions: Audio recorded during appointments is transcribed in real-time to generate visit summaries, then immediately discarded. We do not store the recordings themselves.
• Workout Notes: Personal notes and observations about exercises
• Health Reminders: Custom reminders you set (e.g., medication times, check-up dates) stored as simple notifications without medical context

Usage and Analytics Data

• App Interactions: Features used, session duration, and user preferences
• Performance Data: App crashes, errors, and technical diagnostics
• Notification Engagement: Response patterns to meal and workout reminders

2. How We Use Your Information

Core App Functionality

• Provide nutrition tracking and meal analysis services
• Generate personalized workout recommendations
• Sync data with Apple Health for comprehensive health tracking
• Deliver AI-powered coaching and insights

Personalization

• Customize calorie and macro targets based on your goals
• Provide tailored fitness and nutrition recommendations
• Generate progress reports and achievement tracking

AI Services

• Analyze food photos to identify nutrition information using OpenAI GPT-4 Vision
• Process voice input to convert speech to meal entries
• Transcribe visit audio in real-time to generate summaries (audio not stored)
• Generate contextual coaching advice based on your history

Communication

• Send app notifications for meal reminders and workout prompts
• Provide customer support and respond to inquiries
• Share important updates about app features or policies

Analytics and Improvement

• Monitor app performance and identify technical issues
• Understand feature usage to improve user experience
• Develop new features based on user needs and behavior

3. Information Sharing and Disclosure

Service Providers

We share limited data with trusted third-party service providers who help us operate the App:

• OpenAI: Food photos and visit transcriptions for AI-powered analysis
• Google Gemini: Alternative AI provider for food analysis
• DigitalOcean: Cloud hosting and managed database services
• Apple: HealthKit data synchronization and In-App Purchase processing

All service providers are bound by confidentiality agreements and process data only as instructed.

No Third-Party Advertising

We do not sell, rent, or share your personal information with advertisers or marketing companies for their promotional purposes.

Legal Requirements

We may disclose your information if required by law, court order, or to protect our legal rights, prevent fraud, or ensure user safety.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner with continued privacy protection.

4. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: All data transmitted between your device and our servers uses HTTPS/TLS encryption
• Secure Storage: Personal information is encrypted at rest using AES-256 encryption (DigitalOcean Managed Databases)
• Database Security: TLS/SSL enforced for all database connections
• Access Controls: No employee access to personal data; automated systems only
• Regular Audits: Ongoing security assessments and vulnerability testing

5. Your Rights and Choices

Account Management

• Access: View your personal data through the app settings
• Correction: Update your profile information, goals, and preferences at any time
• Deletion: Permanently delete your account and associated data through the app settings

Apple Health Integration

• Permission Control: Grant or revoke Apple Health permissions through iOS Settings
• Data Ownership: Health data remains in your Apple Health app; we only access what you explicitly share

Notifications

• Opt-out: Disable meal reminders, workout notifications, or other alerts through app settings
• Customization: Adjust notification frequency and timing preferences

Data Export

• Support Request: Contact us for data export options ([email protected])

6. Data Retention

Active Accounts

We retain your personal information while your account is active and you continue using the App.

Account Deletion

When you delete your account:

• Personal data is permanently removed immediately
• Health reminders and visit summaries are deleted
• Anonymized usage statistics may be retained for service improvement
• Apple Health data remains in your Health app under your control

Legal Obligations

Some data may be retained longer if required by law or for legitimate business purposes (e.g., transaction records for tax compliance).

7. International Data Transfers

Your information may be processed and stored in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place to protect your data in accordance with applicable privacy laws.

8. Children's Privacy

Mode Wellness is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information.

9. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request information about the personal information we collect and how it's used
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of the sale of personal information (Note: We do not sell personal information)
• Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, contact us at [email protected].

10. European Privacy Rights

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Lawful Basis: We process your data based on consent, contract performance, and legitimate interests
• Data Portability: Request your data in a machine-readable format
• Rectification: Correct inaccurate personal information
• Erasure: Request deletion of your personal information
• Objection: Object to processing based on legitimate interests

Contact our Data Protection Officer at [email protected] for GDPR-related requests.

11. Third-Party Services

Apple Health Integration

Our App integrates with Apple Health to sync fitness and health data. Apple's Privacy Policy governs how Apple handles your Health data. We only access the specific health data types you explicitly authorize.

Important Clarifications:

• We use standard HealthKit APIs only (steps, calories, workouts, heart rate, weight)
• We do NOT use Clinical Health Records API
• We do NOT access medical records from healthcare providers
• Health reminders you set are stored as simple notifications without processing or interpretation
• Any health metrics you manually enter for reminders remain unprocessed and unanalyzed

Sign-In Services

When you use Sign in with Apple or Google, their respective privacy policies apply to the authentication process. We receive only the information necessary to create your account (name and email).

12. Analytics and Tracking

No Cross-App Tracking

We do not track you across other companies' apps or websites for advertising purposes.

Internal Analytics

We use internal analytics to understand app usage and improve features. This data is aggregated and does not identify individual users outside of our service.

No Advertising Networks

We do not use third-party advertising networks or share data with data brokers.

13. Policy Updates

We may update this Privacy Policy from time to time. When we make changes:

• Notification: We will notify you through the App or by email
• Effective Date: The updated policy will include a new effective date
• Continued Use: Your continued use of the App after changes constitute acceptance of the updated policy

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Email: [email protected]

Website: https://www.whiteboard-labs.com/

Mailing Address:

Whiteboard Labs

5659 Myrtlewood Dr

Nashville TN 37211

15. Dispute Resolution

Informal Resolution

We encourage you to contact us first to resolve any privacy concerns informally.

Binding Arbitration

Any disputes arising from this Privacy Policy will be resolved through binding arbitration in accordance with the rules of the American Arbitration Association.

Class Action Waiver

You agree to resolve disputes individually and waive any right to participate in class action lawsuits.

This Privacy Policy is designed to be transparent about our data practices while protecting your privacy and complying with applicable laws. By using Mode Wellness, you acknowledge that you have read and understood this Privacy Policy.

Last updated: October 3, 2025