Privacy Policy
Effective date: 2026-06-08
This Privacy Policy describes how Glynce ("Glynce", "we", "us", or "our") collects, uses, and shares information when you use the Glynce mobile and watchOS applications and related services (the "App").
Glynce is a personal dashboard for adults with type 1 diabetes. It visualizes data from connected sources such as continuous glucose monitors and Apple Health for self-tracking and lifestyle purposes. Glynce is not a medical device, not a medical app, and not a clinical tool, and is not intended to diagnose, treat, cure, monitor, or prevent any disease. Always consult your healthcare provider for medical decisions. See the Terms of Service for the full disclaimer and your responsibilities.
If you have questions about this policy, contact us at support@glynce.app.
1. Who we are
The App is operated by Glynce, a company registered in the Netherlands under Chamber of Commerce (KvK) number 68577397, with its registered address at Oostenburgermiddenstraat 455, 1018 LH Amsterdam, Netherlands ("we", "us"). For privacy questions or to exercise your rights, contact support@glynce.app.
2. Information we collect
We collect the following categories of information.
2.1 Account information
- Email address
- A user identifier issued by your sign-in provider (Apple Sign-In or Google Sign-In)
- The date your account was created (used to determine entitlement to legacy free access)
2.2 Continuous glucose monitor (CGM) data
If you connect a CGM, we receive glucose readings and related metadata (timestamps, trend arrows, sensor status) from the provider you authorize. Supported providers currently include:
- Dexcom
- Abbott (via LibreLinkUp)
- Medtronic (Guardian)
- Eversense
- Nightscout (self-hosted; URL and access token you provide)
The access tokens needed to keep your CGM connection working are stored only on your device, in the iOS Keychain. By default, we do not send your CGM credentials to our servers. The one exception is if you choose to enable Background Glucose Alerts (see Section 2.9): only then are your credentials for that provider transmitted securely to our servers so we can fetch readings on your behalf while the App is closed. You can turn that off at any time, which deletes those credentials from our servers. You can disconnect a CGM at any time from within the App, which deletes the tokens from the Keychain.
2.3 Apple Health (HealthKit) data
With your permission, the App reads the following categories from Apple Health:
- Glucose readings
- Heart rate and heart rate variability
- Respiratory rate and blood oxygen
- Sleep
- Wrist temperature
- Steps, active energy, exercise minutes, stand hours, workouts
- Body weight
HealthKit data is processed on your device and synced to your Glynce account so it is available across your devices. We do not sell HealthKit data, use it for advertising, share it with third parties for their own marketing, or disclose it to data brokers. You can revoke HealthKit access at any time in iOS Settings → Health → Data Access & Devices → Glynce.
2.4 Food, meal, and nutrition data
- Food entries you log: name, brand, serving size, calories, macronutrients (carbs, fat, protein), meal type, barcode
- Photos you take of meals, packaging, nutrition labels, or recipes for AI analysis
2.5 Activity, gamification, and in-app content
- Challenges, milestones, badges, and other gamification state
- Settings and preferences (e.g., chosen glucose unit, target range)
2.6 Service telemetry and analytics
- Anonymized CGM-integration telemetry: an install-scoped UUID, the endpoint called, the outcome, HTTP status code, and error category. This is used to detect upstream API outages and provider changes.
- Product analytics from PostHog: events that describe how you use features, screen views, and device/OS metadata. Text inputs are masked in session recordings.
- Crash and error logs.
2.7 Feedback and support content
If you submit feedback or feature requests through the in-app feedback tool (Canny), the content you provide and any attached screenshots are stored to help us respond.
2.8 What we do not collect
We do not request or collect:
- Your precise location
- Contacts
- Browsing history outside the App
- Government identifiers
2.9 Background Glucose Alerts (optional)
Background Glucose Alerts is an optional feature that lets Glynce notify you about high or low glucose even when the App is closed. Because Apple's operating system limits how often a closed app can fetch data on its own, delivering timely alerts requires our servers to retrieve your readings for you.
If, and only if, you explicitly enable this feature:
- Your CGM login is stored on our servers. Your credentials for the connected provider (for example, your Dexcom account login) are sent over an encrypted connection (TLS) and stored encrypted on our backend. They are used solely to retrieve your glucose readings on your behalf and are never shared with anyone or used for any other purpose.
- We retrieve and evaluate your glucose readings on our servers. At regular intervals we sign in to your CGM provider, fetch your most recent readings, and compare them against your alert thresholds. When an alert condition is met, we send you a push notification through the Apple Push Notification service.
- We do not retain your glucose readings. Readings are processed transiently to decide whether to alert you and are not stored in our database. We keep only the minimal state needed to avoid sending you duplicate alerts (such as the time and level of the last alert).
- You stay in control. You can disable Background Glucose Alerts at any time in the App. Doing so stops all server-side processing and deletes your stored CGM credentials from our servers. If you never enable it, none of your CGM credentials or readings ever reach our servers, and glucose processing happens entirely on your device.
2.9.1 Your explicit consent (GDPR Article 9)
Glucose readings are health data, which the GDPR treats as a "special category" requiring a higher standard of protection. We process this data on our servers only with your explicit consent, which you give by enabling Background Glucose Alerts. We ask for that consent separately and clearly at the moment you turn the feature on, and turning the feature off withdraws it. Withdrawing your consent does not affect the lawfulness of processing carried out before you withdrew it. You are never required to enable this feature to use Glynce; without it, the App still works using on-device processing.
3. How we use information
We use the information described above to:
- Provide the App's core functions, including showing your glucose data, logging meals, and computing analytics
- Personalize features such as challenges, milestones, and the in-app companion ("Hero")
- Run AI-assisted features you choose to use (meal photo analysis, nutrition label OCR, recipe extraction)
- Maintain access to CGM provider APIs you have connected
- Detect outages, debug problems, and improve performance and reliability
- Determine your subscription entitlement
- Respond to support requests and feedback
- Comply with legal obligations
We do not use your information for behavioral advertising, and we do not sell your personal information.
4. Legal bases (EEA / UK users)
Where the GDPR or UK GDPR applies, we rely on the following legal bases:
- Performance of a contract — to provide the App and its features.
- Legitimate interests — to keep the App secure, debug problems, prevent abuse, and improve the product, balanced against your rights.
- Consent — for HealthKit access, optional analytics where required, and AI processing of meal photos. You can withdraw consent at any time.
- Explicit consent (Article 9 GDPR) — for the optional server-side processing of your glucose data used to deliver Background Glucose Alerts (Section 2.9). You give this consent when you enable the feature and can withdraw it at any time by disabling the feature.
- Compliance with legal obligations — when we must keep records or respond to lawful requests.
5. Third-party services we use
We rely on the following service providers ("processors") to operate the App. Each receives only the information needed for its function.
| Provider | Purpose |
|---|---|
| Supabase | Backend hosting, authentication, database, file storage, and AI-feature gateway |
| PostHog | Product analytics and optional session replay (text inputs masked) |
| Apple (Sign in with Apple, HealthKit, Live Activities, Push) | Authentication, on-device health data, system integrations |
| Google (Sign-In) | Authentication |
| Anthropic (Claude API) | AI analysis of food photos, nutrition labels, and recipes you submit |
| Dexcom, Abbott (LibreLinkUp), Medtronic (Guardian), Eversense, Nightscout | CGM providers you choose to connect |
| OpenFoodFacts, USDA FoodData Central, Edamam, Nutritionix | Food and nutrition database lookups |
| Canny | In-app feedback and feature requests |
Some of these providers process data in the United States or other countries outside your own. Where required, transfers from the EEA, UK, or Switzerland rely on the European Commission's Standard Contractual Clauses or an equivalent safeguard.
6. Sharing
We share information only:
- With the processors listed above, under contract, for the purposes described.
- With the CGM provider you authorize, so we can fetch your glucose data on your behalf.
- To comply with law, valid legal process, or to protect rights, safety, and property.
- In connection with a business transfer (merger, acquisition, asset sale), in which case you will be notified.
We do not sell your personal information, and we do not share it for cross-context behavioral advertising.
7. AI features
The App offers optional AI features (meal photo analysis, nutrition label OCR, recipe extraction) powered by Anthropic's Claude API, accessed through our backend. When you use one of these features, the relevant image or text is sent to Anthropic for processing. Anthropic does not train its models on this content. You can avoid using these features by not invoking them.
8. Data retention
- Account and health data are kept while your account is active.
- CGM telemetry events are retained for up to 12 months to support outage detection.
- Analytics data is retained according to PostHog defaults (typically up to 12 months) unless you request earlier deletion.
- If you enable Background Glucose Alerts, your stored CGM credentials are retained only while the feature is enabled and are deleted from our servers when you disable it or delete your account. Glucose readings fetched for those alerts are not retained; they are processed transiently and discarded.
- If you delete your account, we delete or anonymize your personal data within 30 days, except where we are required to retain it for legal, security, or fraud-prevention reasons.
9. Your rights and choices
Depending on where you live, you have some or all of the following rights:
- Access a copy of your personal data
- Correct inaccurate data
- Delete your data
- Restrict or object to certain processing
- Port your data to another service
- Withdraw consent
- Lodge a complaint with your local data protection authority
You can delete your account at any time from within the App (Settings → Delete account) or by emailing support@glynce.app. Account deletion removes your profile, your saved foods, favorites, and recipes, and your gamification state from our servers. Unless you have enabled Background Glucose Alerts, CGM credentials live only on your device, so uninstalling the App or disconnecting a CGM removes them. If you enabled Background Glucose Alerts, disabling it or deleting your account also deletes the credentials stored on our servers. HealthKit data remains on your device and in Apple Health and is not affected.
Apple HealthKit permissions can be reviewed or revoked in iOS Settings → Health → Data Access & Devices → Glynce.
10. Notice to California residents (CCPA / CPRA)
This section applies to California residents and supplements the rest of this Privacy Policy. It uses terms defined in the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA").
10.1 Categories of personal information we collect
In the last 12 months we have collected the following CCPA categories:
| Category | Examples | Collected? |
|---|---|---|
| Identifiers | Email, account ID, sign-in provider ID, device identifiers, IP address, install-scoped UUID | Yes |
| Customer records (Cal. Civ. Code §1798.80(e)) | Email tied to account, payment status | Yes |
| Commercial information | Subscription and entitlement status | Yes |
| Internet/network activity | App events, screen views, feature usage, crash and error logs | Yes |
| Geolocation | Coarse country/region inferred from IP for routing and outage detection only | Yes (no precise location) |
| Sensory information | Photos you take of meals, packaging, nutrition labels, or recipes | Yes |
| Inferences | Engagement signals used to personalize challenges and milestones | Yes |
| Sensitive personal information | Account login credentials (sign-in provider tokens), health information including glucose readings, HealthKit metrics, and meal logs | Yes |
We do not collect: precise geolocation, government IDs, biometric identifiers used for identification, racial or ethnic origin, religious beliefs, union membership, contents of mail/email/text messages, genetic data, or sexual-orientation information.
10.2 Sources
We collect this information from you directly, from your device, from CGM providers and Apple HealthKit when you authorize them, and from our service providers (analytics, error reporting).
10.3 Business purposes
We use personal information for the purposes described in Section 3, including providing the App, securing accounts, debugging, analytics, AI features you request, and complying with law.
10.4 Disclosures for a business purpose
In the last 12 months we have disclosed each category above to our service providers (listed in Section 5) under written contracts that restrict their use of the information to providing services to us.
10.5 Use of sensitive personal information
We use sensitive personal information (your health data, including glucose, HealthKit metrics, meal logs, and your sign-in tokens) only to provide the App's core functions you request, to secure your account, to prevent fraud or abuse, and to comply with law. We do not use it to infer characteristics about you for any other purpose. Under CCPA, you have the right to limit the use of sensitive personal information to these permitted purposes — and that is already the only way we use it.
10.6 "Sale" and "sharing" of personal information
We do not sell your personal information, and we do not share it for cross-context behavioral advertising, as those terms are defined under the CCPA. We have not sold or shared personal information in the last 12 months, including information of consumers under 16.
10.7 Your California rights
Subject to verification, you have the right to:
- Know what personal information we collect, use, disclose, and (where applicable) share or sell.
- Access a copy of your personal information.
- Delete your personal information.
- Correct inaccurate personal information.
- Opt out of any sale or sharing of personal information (not applicable — we do neither).
- Limit the use and disclosure of sensitive personal information (not applicable — we already limit it to the purposes in Section 10.5).
- Non-discrimination for exercising any of these rights. We will not deny you service, charge you a different price, or provide a different quality of service because you exercised a CCPA right.
10.8 How to exercise your rights
Submit a request by email to support@glynce.app with the subject line "CCPA Request" and tell us which right you want to exercise. To protect you, we will verify your request by asking you to confirm it from the email address associated with your Glynce account and, where reasonable, to provide additional information that matches what we already hold.
You may use an authorized agent to submit a request on your behalf. We will require the agent to provide signed written authorization from you and may still ask you to verify your identity directly.
We will respond within 45 days, with a possible 45-day extension if reasonably necessary.
10.9 Retention
We retain personal information for the periods described in Section 8.
10.10 "Shine the Light" (Cal. Civ. Code §1798.83)
We do not share personal information with third parties for their own direct marketing purposes.
11. Children
Glynce is intended for adults with type 1 diabetes. We do not knowingly collect personal information from children under 16 (or the equivalent minimum age in your jurisdiction). If you believe a child has provided us with personal information, contact support@glynce.app and we will delete it.
12. Security
We use industry-standard measures to protect your information, including encryption in transit (TLS), encryption at rest for backend storage, scoped access tokens, and row-level security in our database. No system is perfectly secure; if we become aware of a breach affecting your data, we will notify you and the relevant authorities as required by law.
13. International transfers
Our backend providers (including Supabase, PostHog, and Anthropic) may process data in the United States and other countries. Where required, we rely on Standard Contractual Clauses or other approved transfer mechanisms.
14. Changes to this policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you in the App or by email and update the "Effective date" above. Continued use of the App after an update means you accept the revised policy.
15. Contact
Glynce KvK 68577397 Oostenburgermiddenstraat 455, 1018 LH Amsterdam, Netherlands Email: support@glynce.app