Privacy Policy

Effective Date: October 16 2025

Company: NUTRIGUARD.AI LLC.

Address: 2828 NW 1st Avenue, Miami, Florida 33127 USA

Website: https://nuvard.ai

Doing Business As: NuVARD AI App

Contact Email: support@nuvard.ai

1. Introduction

NUTRIGUARD .ai LLC ("NuVARD ," "Company," "we," "our," or "us") is committed to safeguarding the privacy, security, and integrity of information entrusted to us by users ("you" or "your"). This Privacy Policy describes how we collect, use, disclose, retain, and protect personal information when you use the NuVARD AI mobile application, the nutri-guard.ai website, and related services (collectively, the "Service").

We process personal information in accordance with applicable laws, including:

  • The Health Insurance Portability and Accountability Act (HIPAA) (United States)
  • The General Data Protection Regulation (GDPR) (European Union)
  • The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
  • The Children’s Online Privacy Protection Act (COPPA)
  • Applicable international privacy laws in the 175 countries where NuVARD is available

By creating an account, downloading our App, or accessing our Website, you consent to the practices described in this Policy. If you do not agree with any provision herein, you must discontinue use immediately. Your continued use constitutes acceptance of this Privacy Policy in full.

2. Scope and Application

This Privacy Policy applies to all data processed by NuVARD AI, whether through:

  • The mobile application on iOS and Android devices;
  • The nutri-guard.ai Website and associated sub-domains;
  • Customer support channels, email, and in-app communications; and
  • Third-party integrations, APIs, and analytics tools connected to the Service.

It covers information collected from users worldwide, including those in the European Economic Area (EEA), the United Kingdom, Canada, Australia, and other jurisdictions recognizing data-subject rights.

This Policy does not apply to:

  • External websites or apps linked from our Service;
  • Data collected by third parties acting as independent controllers (such as Stripe or Apple App Store); or
  • Anonymous aggregated datasets that cannot reasonably identify an individual.

3. Definitions

For clarity and compliance with global standards, the following terms have specific meanings within this Policy:

  • “Personal Data” means any information that identifies or can reasonably identify an individual, including name, email, IP address, device ID, health metrics, or payment details.
  • “Processing” means any operation performed on Personal Data, including collection, storage, use, transfer, disclosure, or erasure.
  • “Controller” means NuVARD .ai LLC, which determines the purposes and means of Processing.
  • “Processor” means a third party that Processes data on our behalf (e.g., AWS or OpenAI).
  • “Sensitive Data” means information relating to health, biometric identifiers, genetic data, religious or dietary preferences, or other protected categories under law.
  • “User Content” means any data you submit to the Service, including food logs, supplement entries, photos, notes, or lab results.
  • “AI Output” means insights, recommendations, or reports generated by artificial intelligence systems used within the Service.
  • “Third-Party Partner” means any external entity providing infrastructure, payment processing, or AI functionality for NuVARD AI.
  • “Applicable Law” means the data-protection and consumer-privacy legislation governing the user’s jurisdiction.

4. Overview of Our Data Practices

NuVARD AI collects and processes Personal Data to operate securely, deliver personalized insights, and comply with legal requirements. Our data-handling principles are rooted in:

  1. Lawfulness and Transparency — We collect data under legitimate legal bases and communicate clearly about our practices.
  2. Purpose Limitation — We use data solely to provide the Service and improve user experience.
  3. Data Minimization — We collect only what is necessary for stated purposes.
  4. Accuracy — We take reasonable steps to keep information up to date.
  5. Integrity and Confidentiality — We protect data through encryption, access controls, and regular security audits.
  6. Storage Limitation — We retain Personal Data only as long as necessary or as required by law.

NuVARD AI never sells Personal Data and does not engage in surreptitious data collection or unauthorized marketing.

5. Categories of Information We Collect

We collect information in three primary ways: directly from you, automatically through device interactions, and via third-party integrations. The types of data include:

5.1 Information You Provide Directly

  • Account registration details (name, email, password);
  • Profile data (height, weight, age, gender, goals);
  • Health-related entries (food logs, supplements, medications, lab values, diagnoses);
  • Religious or dietary preferences if you choose to share them;
  • Payment information processed through Apple, Google, Stripe, or RevenueCat;
  • Support requests, survey responses, and feedback.

5.2 Information Collected Automatically

  • Device and connection information (IP address, browser type, operating system, app version);
  • Usage analytics (events, buttons clicked, pages visited);
  • Diagnostic data (crash logs, error reports);
  • Approximate location derived from device settings (for regional nutrition data).

We use tools such as Google Analytics, Firebase, and RevenueCat analytics to monitor performance and user engagement. These services collect data in aggregate form to help us improve functionality.

5.3 Information Received from Third Parties

We may receive information from:

  • Apple HealthKit or Google Fit, if you grant permission;
  • OpenAI, Mistral, and Gemini, when AI models process text inputs for recommendations;
  • AWS and Stripe (for secure payment and hosting data); and
  • Marketing partners (if you opt into newsletters or referral programs).

All third-party partners are bound by contractual data-processing agreements ensuring confidentiality and compliance with Applicable Law.

6. Legal Bases for Processing Personal Data

Depending on your jurisdiction, NUTRIGUARD .ai LLC relies on one or more of the following legal bases for collecting and processing Personal Data:

  1. Contractual Necessity – Processing is required to perform our obligations under the agreement between you and NuVARD (e.g., to provide the Guard Plan and personalized AI recommendations).
  2. Consent – You have given explicit consent to collect and process certain categories of data, such as health information or third-party integrations (Apple HealthKit, Google Fit). You may withdraw consent at any time by adjusting in-app permissions or contacting support@nuvard.ai.
  3. Legitimate Interests – We may process limited information to improve the Service, prevent fraud, ensure security, and analyze aggregated usage metrics, provided such processing does not override your privacy rights.
  4. Legal Obligations – Processing may be necessary to comply with legal requirements, respond to lawful requests, maintain tax or accounting records, or enforce our Terms of Service.
  5. Vital Interests – In rare cases, data may be processed to protect the vital interests of an individual (e.g., detecting fraudulent activity or system abuse that could cause harm).

All data processing is performed in accordance with applicable data-protection laws and subject to technical and organizational safeguards designed to maintain confidentiality, integrity, and availability.

7. Purposes for Which We Use Personal Data

NUTRIGUARD .ai LLC uses Personal Data for legitimate, limited, and transparent purposes as described below:

7.1 Service Delivery

  • To register user accounts and authenticate logins;
  • To store, display, and analyze nutritional, supplement, and medication data;
  • To generate personalized insights and AI-based recommendations;
  • To integrate with wearable and health-tracking APIs for user convenience.

7.2 Payment Processing and Subscription Management

  • To facilitate payments via Apple, Google, Stripe, or RevenueCat;
  • To verify transactions, issue receipts, and manage billing cycles;
  • To prevent fraudulent payments and ensure PCI DSS compliance.

7.3 Customer Support and Communication

  • To respond to inquiries, troubleshoot issues, and handle refund or cancellation requests;
  • To send operational emails or in-app notifications related to security or policy changes;
  • To manage support cases efficiently using ticketing systems.

7.4 Product Development and Research

  • To improve algorithms and app usability through anonymized trend analysis;
  • To enhance AI models’ accuracy while maintaining de-identification of sensitive data;
  • To conduct performance monitoring, bug detection, and security audits.

7.5 Marketing and Optional Communication

  • To send opt-in newsletters, promotional materials, or updates about new features;
  • To perform analytics that measure campaign effectiveness (Google Analytics, Firebase);
  • To operate referral programs or partnership offers, only with prior consent.

7.6 Legal, Security, and Compliance

  • To detect and prevent fraudulent, abusive, or illegal activity;
  • To enforce our Terms of Service, protect intellectual property, and ensure platform integrity;
  • To comply with law-enforcement requests and regulatory obligations.

We never use Personal Data for discriminatory profiling or automated decision-making that produces legal or similarly significant effects on individuals.

8. Disclosure of Personal Data to Third Parties

NUTRIGUARD .ai LLC does not sell Personal Data under any circumstances. We share limited information with third-party partners only as necessary to deliver the Service, under strict contractual controls that preserve user confidentiality.

8.1 Infrastructure and Hosting Providers

  • Amazon Web Services (AWS) hosts all production systems in encrypted environments meeting HIPAA, SOC 2, GDPR, and ISO 27001 standards.
  • Access to these systems is restricted to trained personnel and logged through AWS CloudTrail monitoring.

8.2 Artificial-Intelligence Providers

To deliver personalized recommendations and text analysis, we transmit anonymized or pseudonymized data to:

  • OpenAI (USA),
  • Mistral AI (EU), and
  • Google Gemini (USA).

These providers process inputs to generate AI Outputs strictly per NuVARD instructions and under data-processing agreements ensuring no secondary use or model training based on identifiable information.

8.3 Payment Processors

Payments are securely handled through Apple, Google, RevenueCat, and Stripe. Each acts as an independent data controller for financial information and may collect necessary billing identifiers to process your subscription. NuVARD .ai LLC never stores full credit-card numbers or banking credentials.

8.4 Analytics and Performance Tools

We employ Firebase, Google Analytics, and similar analytics frameworks to gather aggregated metrics such as session length, device type, and feature usage. These insights help improve functionality and user experience. IP addresses are truncated or anonymized when required by regional law.

8.5 Customer-Support Platforms

User inquiries submitted via in-app forms or email may be managed through secure support platforms under confidentiality agreements. Access is limited to authorized support agents who are bound by confidentiality obligations.

8.6 Legal Disclosures

We may disclose Personal Data if required by law or in good faith belief that such action is necessary to: comply with a legal obligation or court order; respond to requests from law-enforcement or regulatory authorities; protect the rights, property, or safety of NuVARD .ai LLC, its users, or the public.

8.7 Business Transfers

In the event of a merger, acquisition, restructuring, or asset sale, Personal Data may be transferred to the acquiring entity subject to equivalent privacy protections and continued adherence to this Policy.

9. International Data Transfers

NUTRIGUARD .ai LLC operates globally in more than 175 countries. Your Personal Data may therefore be processed in jurisdictions that have different data-protection standards from your own. When data is transferred outside your country, we rely on mechanisms such as:

  • Standard Contractual Clauses (SCCs) under the GDPR;
  • Data-Processing Addendums (DPAs) with vendors; and
  • Adequacy decisions recognized by the European Commission or other authorities.

All cross-border transfers are executed with due safeguards to maintain lawful and secure processing.

10. Data Retention and Deletion

10.1 Retention Periods

NUTRIGUARD .ai LLC retains Personal Data only for as long as necessary to fulfill the purposes for which it was collected, including to: provide the Service and fulfill contractual obligations; maintain transactional and billing records for legal and tax compliance; resolve disputes, enforce agreements, and detect abuse; improve algorithms and anonymized research datasets. When data is no longer required for these purposes, it is securely deleted or anonymized so that it can no longer be linked to an identifiable individual.

10.2 Deletion Procedures

Users may request account deletion at any time by contacting support@nuvard.ai or by using the in-app “Delete Account” feature. Upon confirmation:

  • Personal identifiers (name, email, device ID) are permanently removed;
  • Health and nutrition logs are deleted or anonymized;
  • Payment data is retained only by payment processors (Apple, Google, Stripe, RevenueCat) per their own retention policies;
  • Backups containing deleted data are automatically purged within 30–90 days through secure overwriting mechanisms.

10.3 Anonymized Research Data

Certain data may be stripped of identifiers and aggregated to improve NuVARD ’s algorithms, train detection systems for harmful ingredient alerts, or refine nutrition recommendations. Such data is no longer considered Personal Data under Applicable Law because it cannot identify an individual.

11. User Rights and Controls

Depending on your jurisdiction, you may have the following rights regarding your Personal Data. NUTRIGUARD .ai LLC honors all applicable privacy rights and provides simple tools for exercising them.

11.1 Right of Access

You may request confirmation of whether NuVARD holds your Personal Data and obtain a copy of such data in a structured, commonly used, and machine-readable format.

11.2 Right to Rectification

You may correct inaccurate or incomplete information through in-app profile settings or by contacting support@nuvard.ai.

11.3 Right to Deletion (“Right to be Forgotten”)

You may request permanent deletion of your Personal Data. NuVARD will comply except where retention is required by law (e.g., financial recordkeeping).

11.4 Right to Restrict or Object to Processing

You may restrict processing for specific purposes (such as marketing or analytics) or object to processing based on legitimate interest.

11.5 Right to Data Portability

You may request transfer of your data to another service provider where technically feasible, subject to security verification.

11.6 Right to Withdraw Consent

If processing is based on consent, you may withdraw it at any time. Withdrawal does not affect prior lawful processing.

11.7 Right to Lodge a Complaint

If you believe NUTRIGUARD .ai LLC has violated your privacy rights, you may file a complaint with your local Data Protection Authority or the U.S. Federal Trade Commission (FTC). We encourage you to contact us first so we can promptly address your concern.

12. Children’s Privacy

NUTRIGUARD .ai LLC recognizes the importance of protecting children’s privacy online.

12.1 Age Limitation

The Service is not directed to children under the age of thirteen (13). We do not knowingly collect Personal Data from minors. If you are under 13, you may not use the Service or provide any information to us. If we learn that we have inadvertently collected data from a child under 13, we will delete it immediately.

12.2 Parental or Guardian Consent

For users aged 13 to 17, parental or guardian consent is required in jurisdictions mandating it. Parents who believe their child has provided data without consent should contact support@nuvard.ai.

13. Cookies and Tracking Technologies

13.1 Use of Cookies

Our Website and App use cookies and similar tracking technologies to:

  • Authenticate users and maintain session integrity;
  • Remember preferences such as language or region;
  • Analyze traffic patterns and usage trends;
  • Deliver optional personalized marketing (only with consent).

Cookies may be classified as:

  • Strictly Necessary Cookies – required for core functionality;
  • Analytics Cookies – help us understand usage and improve performance;
  • Functional Cookies – store user preferences;
  • Advertising Cookies – used only if the user opts into promotional communications.

13.2 Third-Party Tracking

Third-party analytics tools, such as Google Analytics and Firebase, may place their own cookies on your device to measure engagement. These providers process information according to their own privacy policies. Users in the EEA or California may disable non-essential cookies using the cookie banner or device settings.

13.3 Cookie Management

You may manage or delete cookies through browser settings. Disabling cookies may limit certain functionality or affect Service performance.

13.4 Do Not Track Signals

Our systems currently do not respond to “Do Not Track” (DNT) signals. However, users can manage data preferences through account settings or privacy dashboards.

14. Data Security Measures

14.1 Technical Safeguards

  • Encryption in Transit and at Rest: TLS 1.2 or higher for transmissions; AES-256 for stored records.
  • Access Control: Role-based authorization, MFA, and least-privilege principles.
  • Intrusion Detection & Monitoring: AWS GuardDuty, CloudTrail, and real-time SIEM systems.
  • Network Segmentation: Separation of production environments from testing and administrative layers.
  • Vulnerability Management: Quarterly penetration testing and regular patch cycles.

14.2 Organizational Safeguards

Employees and contractors undergo annual privacy and security training. Each is bound by confidentiality agreements and subject to disciplinary measures for violations. Third-party vendors must meet the same security standards under formal Data-Processing Agreements (DPAs).

14.3 Incident Response and Breach Notification

In the event of a data breach, NUTRIGUARD .ai LLC follows a documented Incident Response Plan that includes detection, containment, eradication, and recovery. If a breach is likely to result in a risk to individual rights and freedoms, affected users and relevant regulators will be notified within the statutory timeframes (GDPR Article 33 and CCPA §1798.82).

14.4 Physical Security

All servers are housed in AWS facilities with ISO 27001-certified access controls, 24/7 monitoring, and redundant power and environmental systems. Data centers are geographically distributed to provide business continuity and disaster resilience.

15. International Data Transfers (Expanded)

Because NUTRIGUARD .ai LLC serves users in 175 countries, information may be transferred and processed outside your country of residence.

15.1 Safeguards for Cross-Border Transfers

  • Standard Contractual Clauses (SCCs): All international transfers between the U.S. and EEA/UK are governed by European Commission-approved SCCs.
  • Additional Safeguards: Encryption, pseudonymization, and purpose-limitation measures apply to all exports.
  • Vendor Compliance: OpenAI, Mistral, Gemini, AWS, and Google each maintain independent certifications ensuring lawful processing.

15.2 User Consent for Transfer

By using the Service and agreeing to this Policy, you expressly consent to the transfer of your data to the United States and other jurisdictions with different privacy laws, subject to adequate protections.

15.3 Data Localization and Regional Rights

Where local laws require data to remain within specific territories (e.g., EU or Canada), NuVARD maintains regional processing zones or trusted sub-processors that comply with those requirements.

16. Third-Party Links and External Websites

The Service may contain links to third-party websites, plugins, or services (e.g., Amazon product APIs or educational resources). These sites are operated independently and subject to their own privacy policies. NuVARD .ai LLC does not control, endorse, or assume responsibility for the content or practices of such third parties. We recommend that you review the privacy statements of each external site you visit.

Clicking external links or enabling integrations may allow those third parties to collect data about you. This Policy does not apply to their activities.

17. Automated Decision-Making and Profiling

17.1 Purpose of Automation

NuVARD AI uses machine-learning algorithms to analyze nutrition patterns, predict nutrient deficiencies, and suggest optimized plans. These recommendations are purely informational and do not constitute automated decision-making with legal or significant effects under GDPR Article 22.

17.2 Human Oversight

All AI recommendations are subject to user review and optional confirmation. No user is subject to a decision based solely on automated processing. Users retain full control to ignore, adjust, or delete AI Outputs at any time.

17.3 Fairness and Transparency

NuVARD implements testing to detect bias and ensure algorithmic fairness across different populations and dietary backgrounds. Users may request information about the logic involved in AI processing to the extent permitted by trade-secret and security limitations.

18. California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). NuVARD .ai LLC honors these rights for all users, regardless of residence.

18.1 Right to Know

You may request disclosure of:

  • Categories and specific pieces of Personal Data collected about you;
  • Sources from which the information was collected;
  • The business or commercial purpose for collecting or disclosing the data; and
  • Categories of third parties with whom the data is shared.

18.2 Right to Delete

You may request deletion of Personal Data collected from you, subject to exceptions (e.g., required to complete a transaction, detect security incidents, or comply with a legal obligation).

18.3 Right to Opt Out of Sale or Sharing

NUTRIGUARD .ai LLC does not sell or share Personal Data for monetary or behavioral-advertising purposes.

18.4 Right to Correct

You may request correction of inaccurate information maintained about you.

18.5 Non-Discrimination

We will not deny goods or services, charge different prices, or provide a different quality of Service because you exercised any privacy right.

18.6 How to Submit a Request

California residents (or authorized agents) may submit requests by emailing support@nuvard.ai with the subject line “CCPA Privacy Request.” We will verify your identity before fulfilling the request and respond within statutory timeframes.

19. European Union / United Kingdom GDPR Rights

If you reside in the EEA or United Kingdom, the following additional rights apply:

19.1 Right of Access

You may obtain confirmation whether we process your Personal Data and receive a copy of it.

19.2 Right of Rectification and Erasure

You may request correction or deletion of inaccurate, incomplete, or outdated data, subject to legal retention obligations.

19.3 Right to Data Portability

You may receive your data in a structured, machine-readable format and have it transmitted to another controller where technically feasible.

19.4 Right to Restrict Processing / Object

You may object to processing for direct marketing or request restriction in specific circumstances.

19.5 Supervisory Authority Complaints

You may lodge a complaint with your local Data Protection Authority. For EEA users, a list of authorities is available at https://edpb.europa.eu. UK users may contact the Information Commissioner’s Office (ICO) at https://ico.org.uk.

19.6 Representative and DPO Contact

NUTRIGUARD .ai LLC appoints a Data Protection Officer (DPO) responsible for compliance oversight. To reach the DPO, email support@nuvard.ai with “DPO Inquiry” in the subject line.

Postal correspondence may be directed to:
Data Protection Officer — NUTRIGUARD .ai LLC
2828 NW 1st Avenue, Miami, Florida 33127 USA

20. Updates to This Privacy Policy

20.1 Revision Frequency

We may modify this Policy periodically to reflect new technologies, industry practices, or legal requirements. The “Effective Date” at the top will indicate the latest revision.

20.2 Notification of Changes

Material changes will be communicated through in-app alerts, banners, or email notifications. Your continued use after such posting constitutes acceptance of the revised Policy. If you disagree, you must cease using the Service and request deletion of your account.

21. Contact Information and Data-Protection Officer

For all inquiries regarding this Policy, your rights, or data-protection matters, contact:

NUTRIGUARD .ai LLC — Privacy and Data Protection Office
2828 NW 1st Avenue
Miami, Florida 33127 USA
📧 support@nuvard.ai
🌐 https://nuvard.ai

We respond to verified requests within the timelines established by Applicable Law (usually 30 days).

22. Acknowledgment and Consent

By creating an account, accessing the Website, or using the NUTRIGUARD AI App, you acknowledge that you have read, understood, and agreed to this Privacy Policy. You consent to the collection, use, disclosure, and retention of information as described herein. If you do not consent, you must immediately discontinue use of the Service.

23. Entire Policy and Precedence

This Privacy Policy constitutes the entire understanding between you and NUTRIGUARD .ai LLC regarding data privacy. It supersedes all prior statements, agreements, or representations related to information collection and use. In the event of inconsistency between this Policy and local laws, the provision most protective of the user shall prevail.

Sign up to our newsletter !
Stay in the loop with the latest updates, exclusive offers, and
financial tips by signing up for our newsletter.
Opt out at any time by using your account dashboard.