Privacy Policy

Last updated: February 18, 2026

GLYDE is not a medical device and does not provide medical advice, diagnosis, or treatment recommendations. GLYDE is a wellness tool that helps you observe patterns in your glucose data.

1. Who We Are

GLYDE ("we", "us", "our") is a wellness-focused glucose pattern insights app. This policy explains how we collect, use, and protect your data when you use the GLYDE mobile application.

2. Data We Collect

We collect the following categories of data:

Account information: Your Apple ID identifier (anonymized), used for authentication via Sign in with Apple. We do not receive your actual Apple ID email unless you choose to share it.
Glucose readings: Blood glucose data synced from Apple Health with your explicit permission. We only read glucose data — we never write to Apple Health.
Meal logs: Photos and notes you voluntarily add when logging meals. Photos are stored securely on our servers.
Chat messages: Conversations you have with the GLYDE AI assistant about your glucose patterns.
App preferences: Your chosen glucose unit (mg/dL or mmol/L), selected range, language preference, theme, and notification settings.
Usage analytics: Anonymous engagement events (screens viewed, features used) via PostHog. We never track glucose values, health data, or chat content in analytics.

3. How We Use Your Data

Pattern detection: Your glucose readings are analyzed to identify patterns, correlations, and trends in your data.
AI insights: Your glucose data and meal logs provide context for the AI assistant to offer observational wellness insights. The AI uses cautious, non-medical language.
Reports: Your data is used to generate PDF wellness reports that you can export and share with your healthcare provider.
Product improvement: Anonymous usage analytics help us understand which features are most useful.

4. How We Protect Your Data

We take data security seriously:

Encryption at rest: All glucose readings and chat messages are encrypted using AES-256-GCM before being stored in our database. Each record uses a unique initialization vector.
Encryption in transit: All data transmitted between the app and our servers uses TLS 1.3.
Secure infrastructure: Our servers are hosted on Railway with managed PostgreSQL and Redis instances in European data centers.
Access control: All API endpoints are protected with JWT authentication. Access tokens expire after 15 minutes.
Audit logging: Every data access, export, and deletion is logged for security purposes.

5. Data Sharing

We do not sell your data. We do not share your health data with advertisers, data brokers, or any third party for marketing purposes.

Your data may be shared with:

Anthropic (Claude AI): Your glucose data context and chat messages are sent to Anthropic's Claude API to generate AI responses. Anthropic does not retain this data for training. See Anthropic's privacy policy.
PostHog: Anonymous usage analytics only — no health data or personal information. See PostHog's privacy policy.
Sentry: Error reports that help us fix bugs. These may contain device information but never health data.

6. Your Rights

You have full control over your data:

Access: Export all your data as a PDF report from the Summary or Settings screen at any time.
Correction: Update your preferences and settings at any time within the app.
Deletion: Delete your entire account and all associated data from Settings → Delete All Data. See our Data Deletion Instructions for details.
Portability: Export your data as a PDF before deleting your account.
Restriction: You can revoke Apple Health permissions at any time through iOS Settings → Privacy → Health.

Upon account deletion, your data becomes immediately inaccessible and is permanently removed from our servers within 30 days.

7. Data Retention

Active accounts: Data is retained as long as your account is active.
Deleted accounts: All data is soft-deleted immediately and permanently erased within 30 days.
Chat sessions: Individual chat sessions expire after 1 hour of inactivity.
Audit logs: Retained for 90 days for security purposes.

8. Children's Privacy

GLYDE is not intended for use by anyone under the age of 17. We do not knowingly collect personal data from children. If you believe a child has provided us with data, please contact us and we will delete it.

9. International Data Transfers

Our servers are located in Europe. If you access GLYDE from outside Europe, your data will be transferred to and processed in Europe in accordance with applicable data protection laws.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes through the app or by updating the "Last updated" date above. Continued use of GLYDE after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this privacy policy or your data, contact us at:

Email: privacy@getglyde.ai

Support: getglyde.ai/support