Diabetes Tracker: BP Monitor is a local-first health tracking app. This page explains what data stays on your device, what optional features send data off-device, and how you can manage your privacy choices.
The core of Diabetes Tracker: BP Monitor works locally on your device. However, the current app also offers optional account, backup, purchase, weather, and AI features that rely on third-party services. This policy describes those flows explicitly so the app's published privacy disclosures can match the real behavior of the product.
Blood sugar, blood pressure, heart rate, cholesterol, weight, hydration, steps, medications, adherence records, notes, assessments, and most app preferences are stored locally on your device by default.
You can use the app in guest mode. If you create an account or sign in with Apple, we process account data such as your email address, name, user ID, and subscription status.
Cloud backup is only available to signed-in Premium users. If enabled, backup files containing your health records are uploaded to our Supabase storage bucket.
AI features may send selected health data and prompts to Google Gemini. Weather lookups use IP-based location services to estimate your city and fetch current weather. We do not use ads or cross-app tracking in the app.
The app stores the following data in its local database or local device storage:
If you use the heart rate feature, the app requests camera access and processes live camera frames on your device to estimate heart rate from fingertip color changes. The app does not intentionally upload or store your camera frames, photos, or videos on our servers.
If you create an account, sign in, reset your password, or sign in with Apple, we may process:
If you choose Sign in with Apple, Apple may provide a relay email address instead of your direct email, depending on your Apple account settings.
If you are a signed-in Premium user and use cloud backup, the app may upload JSON backup files that can include your health records and medication-related data, including blood sugar, blood pressure, heart rate, cholesterol, weight, hydration, steps, medications, and medication adherence.
The app currently keeps up to two backup versions in remote storage for your account: a latest backup and a previous backup.
If you use AI features such as wellness insights, trend analysis, weekly digest, or "Ask Your Data" chat, the app may send selected health summaries, recent readings, timestamps or dates, trends, calculated statistics, your prompts, and locale/language context to Google Gemini to generate a response.
We do not intentionally store AI prompts or AI outputs on our own servers as part of this feature. However, the third-party AI provider may process submitted content under its own terms and privacy practices.
If you make a subscription purchase or restore a purchase, the app may process:
Payment card data is processed by Apple or Google, not by us directly.
The app does not currently request Apple's GPS-based location permission. To display weather, it uses your network IP address with an IP-based location provider to estimate approximate location and then requests weather data for those coordinates.
This means weather requests may disclose your IP address to the location provider and approximate latitude/longitude to the weather provider. We do not use that flow for advertising or cross-app tracking.
Apple requires privacy policies to clearly identify third parties that receive user data and how that data is used. In this app, off-device processing may involve the following service providers and platforms:
We share only the data reasonably needed for the feature you use, and we expect service providers that receive user data for app functionality to protect it under their own published privacy commitments and applicable contractual obligations.
Supabase is used for authentication, profile records, remote guest-data migration, cloud backup storage, and purchase receipt validation infrastructure. Supabase may process account identifiers, profile data, backup files, and purchase verification requests needed to operate those features.
Apple may process sign-in data when you use Sign in with Apple and purchase data when you subscribe or restore purchases through the App Store.
Google Gemini is used for optional AI features. If you use those features, selected health summaries, readings, prompts, and response context may be sent to Google to generate AI output.
The app currently uses IPinfo to estimate approximate location from your IP address and Open-Meteo to fetch weather conditions for those coordinates.
We do not sell your personal data. The app does not currently include a third-party advertising SDK and does not use app tracking for cross-app or cross-website advertising.
Core tracking features can be used in guest mode. Account creation is optional unless you want features that require sign-in, such as remote backup or account-based recovery.
You can disable auto-backup in the app. You can also manually delete available backup files from the app's backup and restore area.
The current in-app deletion flow removes app-associated remote data, but a minimal authentication record may remain with the authentication provider unless and until separately removed through backend or provider-level processes.
If you do not want health data sent to Google Gemini, do not use AI insights, AI digest, or AI chat features.
If you want help with deletion, access, correction, or privacy questions, contact us at alinomi1@gmail.com.
Local records remain on your device until you delete them, reset your device, restore over them, or remove the app.
Account and profile data may be retained for as long as your account remains active and for a limited period afterward where needed for security, legal compliance, dispute resolution, or fraud prevention.
Remote backup files remain in cloud storage until they are replaced, deleted, or removed as part of an account/data deletion workflow.
Purchase providers retain their own transaction records. Our validation infrastructure may process and retain limited operational metadata as needed for entitlement enforcement, troubleshooting, and security.
We do not intentionally store AI prompts, AI outputs, or weather request payloads on our own servers as part of the core app experience, but the third-party providers that receive those requests may keep logs or process data under their own policies.
We use reasonable technical and organizational measures designed to protect data we control. Local app data is stored inside the app's sandbox on your device. Remote requests for account, backup, weather, AI, and purchase validation use network transport to external services. No system or service is perfectly secure, and you are responsible for using a device passcode, keeping your device updated, and choosing how you share exported health information.
This app is not offered as a HIPAA-covered service unless we explicitly agree otherwise in writing.
If you use cloud, AI, purchase, or weather features, your data may be processed in countries other than your own by the third-party services that support those features. By using those features, you understand that cross-border processing may occur.
This app is not directed to children under 13. We do not knowingly collect personal data from children under 13 through the remote services we control. If you believe a child has provided us data in connection with an account or support request, contact us and we will review the request.
Not medical advice: Diabetes Tracker: BP Monitor is for logging, observing trends, reminders, and educational insights only. It does not diagnose disease, prescribe treatment, or replace qualified medical care.
Camera-based heart rate and AI-generated content may be incomplete or inaccurate. Always confirm important information independently and consult a licensed clinician before making medical decisions. Do not use the app for emergencies.
We may update this Privacy Policy from time to time. When we do, we will update the "Last Updated" date, and for material changes we may also present notice inside the app or through another appropriate channel.
If you have questions about this Privacy Policy or our privacy practices, contact: