Privacy Policy: NexuSelf

Welcome to NexuSelf. This Privacy Policy explains how NexuSelf Inc. ("NexuSelf," "we," "us," or "our") collects, uses, discloses, retains, and protects your personal data when you use our mobile application and related services (collectively, the "Service"), including our AI wellness coach, Raha. By creating an account or using the Service, you confirm that you have read, understood, and agreed to this Privacy Policy. If you do not agree, you must not use the Service.

Related Documents: Please also review our Terms and Conditions for your rights and responsibilities when using the Service.

1. Information We Collect

1.1 Account Information

When you create an account, we collect the following through third-party authentication:

Google Sign-In (Android & iOS): Email address, display name, and profile picture.
Apple Sign-In (iOS): Email address, display name, and profile picture - or anonymized identifiers if you select "Hide My Email."

We do not receive or store your Google or Apple account password. Authentication is handled exclusively by Google and Apple on their own infrastructure.

1.2 Personal and Health Information

To provide personalized fitness and nutrition recommendations, we collect the following information that you provide during onboarding and ongoing app usage:

Basic Information: Age, gender.
Physical Measurements: Height, current weight, and target weight.
Fitness Goals: Your stated objectives (e.g., weight loss, muscle gain, maintenance).
Activity Preferences: Workout frequency and dietary preferences.
Health Context: Self-reported obstacles or health challenges.
Menstrual Cycle Data: Cycle start and end dates, phase tracking, and related symptoms you choose to log.
Mood and Energy Levels: Self-reported scores and notes that you enter in the app.
Sleep Data: Sleep duration and quality scores you log or that are imported from Apple Health or Health Connect (see Section 1.6).
Hydration Data: Daily water intake logs you enter.
Symptoms: Physical and emotional symptoms you voluntarily report.

Special Category Data Notice: Menstrual cycle information, hormonal health data, mood data, and symptom data constitute "special category" personal data under GDPR Article 9 (EU/UK), sensitive personal data under India's DPDP Act 2023, and sensitive personal information under applicable US state laws. We collect this data only with your explicit consent and solely to provide the Service. See Section 11 for your specific legal rights.

1.3 Food and Nutrition Data

When you use food tracking features, we collect:

Food Logs: Manually entered meal information, including food names, quantities, and nutritional values.
Barcode Scans: Barcode identifiers from packaged foods, stored alongside your nutrition log entries.

1.4 Raha AI Coach Interaction Data

When you use Raha, our AI wellness coach, we collect:

Text Inputs: The text messages and questions you type to Raha.
Conversation Transcripts: A record of the exchanges between you and Raha, stored to provide session continuity.
Voice Input (if used): When you use Raha's voice feature, your spoken words are converted to text on your device or via the voice pipeline before being processed. We do not permanently store raw audio recordings of your voice.
Contextual Health Data Shared with Raha: Raha accesses the health and wellness data you have already provided to NexuSelf (cycle phase, mood, energy, sleep, hydration, nutrition, and symptoms) to generate personalized responses. You control what data you provide to the app and therefore what context Raha can access.

Raha is powered by third-party AI and voice services. When you interact with Raha, your text input - which may include health context - is transmitted to Google's Gemini API to generate a response, and Raha's text response is transmitted to ElevenLabs to produce synthesized voice output. Both transmissions are made over encrypted connections. Full details of how these third parties handle data are set out in Section 4.

Apple App Store Disclosure (Guideline 5.1.2(i)): By using Raha, you explicitly consent to your personal data - including health and wellness context - being shared with Google (Gemini API) and ElevenLabs solely for the purpose of generating AI coaching responses and synthesized voice output. This sharing occurs only when you actively initiate a conversation with Raha. You may disable Raha at any time under Settings → Raha → Disable AI Coach, which will stop all data transmission to these third parties.

1.5 Device Permissions

The NexuSelf app requests the following device permissions. Each permission is requested only at the moment you initiate the feature that requires it, and only with your active consent:

Camera: To capture food photos, scan barcodes, and take progress photos.
Photo Gallery / Library: To upload existing food photos or progress photos from your device.
Microphone: To enable voice conversations with Raha. Microphone access is used exclusively during active Raha voice sessions. We do not record, store, or transmit raw audio outside of the active session pipeline.

You may revoke any of these permissions at any time through your device's operating system settings. Revoking microphone access will disable Raha's voice feature; Raha's text feature will continue to function without microphone access.

1.6 Health Platform Integrations

With your explicit permission, NexuSelf can import data from:

Apple Health (iOS): Sleep, steps, workouts, and vitals.
Health Connect (Android): Sleep, steps, workouts, and vitals.

This import occurs only after you grant permission through the operating system's standard permission prompt. You can revoke this permission at any time in your device settings or within the app under Settings → Integrations.

1.7 Information We Do NOT Collect

For transparency, we explicitly confirm that we do not collect:

Device identifiers, operating system versions, or hardware model information.
IP addresses (except transiently in server logs for security, which are deleted within 30 days).
Usage analytics or behavioral tracking data.
GPS location or precise location data.
Contacts or address book information.
Persistent audio recordings outside of active Raha voice sessions.
Cookies or cross-site tracking technologies.

2. How We Use Your Information

2.1 To Provide and Personalize the Service

Create and manage your account.
Generate personalized workout plans, nutrition recommendations, and recovery guidance.
Power Raha's AI coaching responses, tailored to your cycle phase, mood, energy, sleep, hydration, nutrition, and symptoms.
Track your fitness progress and health metrics over time.
Maintain your food diary and exercise history.
Calculate calorie targets and macronutrient recommendations.

2.2 To Communicate With You

Send essential service notifications (e.g., subscription renewal reminders, payment confirmations).
Respond to your support requests and inquiries.
Notify you of material changes to this Privacy Policy or our Terms at least 30 days before those changes take effect.

2.3 To Process Payments

We process subscription payments through the Apple App Store and Google Play Store. We do not directly collect or store your payment card information. All payment processing is handled by Apple and Google through their respective in-app purchase systems.

2.4 To Maintain Security and Legal Compliance

Detect and prevent fraud, abuse, and security incidents.
Comply with applicable legal obligations.
Enforce our Terms of Service.
Protect the rights, property, and safety of NexuSelf, our users, and the public.

2.5 Purposes for Which We Do NOT Use Your Data

We explicitly confirm that we do not use your personal data - including your health, cycle, or Raha conversation data - for any of the following purposes:

Sale or rental to any third party for any purpose.
Advertising targeting, profiling for advertising, or advertising measurement.
Training or fine-tuning any AI or machine learning model operated by NexuSelf.
Any purpose other than those described in Sections 2.1 through 2.4 above.

3. How We Store and Protect Your Information

3.1 Data Storage

Your data is stored on servers operated by DigitalOcean, located in California, United States, using MongoDB as the database system.

3.2 Security Measures

We implement the following security measures:

Encryption in Transit: All data transmitted between your device and our servers is encrypted using HTTPS (TLS 1.2 or higher).
Encryption at Rest: Sensitive personal data, including health and cycle data, is encrypted at rest.
Password Security: Passwords are hashed using industry-standard algorithms (bcrypt or equivalent) before storage. We do not store plaintext passwords.
Session Management: User sessions are managed using JSON Web Tokens (JWTs) with limited lifespans.
Access Controls: Only authorized NexuSelf personnel have access to user data, and all access is logged and monitored.
Security Reviews: We conduct periodic security reviews to identify and address emerging threats.

3.3 Data Retention

Account and Health Data: Retained while your account is active to support tracking history and personalized recommendations.
Raha Conversation Transcripts: Retained for 90 days from the date of each conversation to maintain coaching continuity, then automatically and permanently deleted. You may request immediate deletion at any time via Settings → Raha → Clear Conversation History.
Voice Session Data: Raw audio from Raha voice sessions is not stored by NexuSelf. Text transcripts derived from voice sessions are subject to the 90-day retention period above.
Deleted Account Data: When you delete your account, your personal data is immediately removed from active systems and permanently purged from all backup systems within 45 days. After the 45-day period, recovery is not possible.
Transient Server Logs: Server-level IP logs are retained for a maximum of 30 days for security purposes, then deleted.
Legal Requirements: Financial records may be retained for longer periods as required by applicable law.

4. Third-Party Services and Data Sharing

4.1 Authentication Services

Google Sign-In: Handles authentication for Android and iOS users. Google's Privacy Policy governs their handling of authentication data.
Apple Sign-In: Handles authentication for iOS users. Apple's Privacy Policy governs their handling of authentication data.

4.2 AI and Voice Processing Services (Raha)

These services receive personal data - including health context - when you use Raha. Your use of Raha constitutes your explicit consent to this transmission, as described in Section 1.4.

Google Gemini API: Powers Raha's conversational AI responses. When you send a message to Raha, your text input and relevant health context are transmitted to Google's Gemini API servers. NexuSelf uses the paid tier of the Gemini API. Under Google's paid-tier terms, Google does not use your prompts or responses to train its AI models. Google logs prompts and responses for a limited period solely to detect violations of its Prohibited Use Policy, after which logs are deleted. Authorized Google personnel may access flagged content for policy enforcement only. If a conversation is reviewed by a human at Google, Google states it attempts to disconnect that content from your account prior to review. For full details, see Google's Gemini API Terms and Google's Privacy Policy.
ElevenLabs: Powers Raha's voice output. When Raha generates a text response, that text is transmitted to ElevenLabs' servers to produce synthesized audio. ElevenLabs may process your data for purposes including service operation, product development, and improvement of AI models, as described in their Privacy Policy and Terms of Service. ElevenLabs retains voice-related data for up to 3 years after your last interaction, unless you request deletion. ElevenLabs offers a Data Processing Agreement (DPA) covering GDPR, CCPA, and Brazil LGPD obligations. For full details, see ElevenLabs' Privacy Policy and ElevenLabs' DPA.

Important: Both Google (Gemini API) and ElevenLabs are independent data processors with their own privacy policies. NexuSelf is not responsible for how these third parties handle data once it is transmitted to their systems. We have contractual safeguards in place with these providers, but we encourage you to review their privacy policies. If you do not wish your health data to be transmitted to these services, you must not use Raha.

4.3 Payment Processing

Apple In-App Purchase: Processes subscriptions for iOS users. Apple's Privacy Policy applies.
Google Play Billing: Processes subscriptions for Android users. Google's Privacy Policy applies.

We do not receive or store your payment card details. Payment data is handled exclusively by Apple and Google.

4.4 Food Database Services

OpenFoodFacts: A public food database used to retrieve nutritional information from barcode scans. Only the barcode or product identifier is transmitted to OpenFoodFacts. No personal user data is sent.
USDA FoodData Central: A public nutritional database used to provide accurate food information. No personal data is shared with USDA.

4.5 Infrastructure

DigitalOcean: Cloud hosting provider (California, USA) on which NexuSelf's servers operate. DigitalOcean processes data as a sub-processor under contractual data protection obligations.
MongoDB: Database management system used to store and organize your data securely.

4.6 No Sale of Personal Data

NexuSelf does not sell, rent, or share your personal data with any third party for marketing, advertising, or any commercial purpose beyond those described in this Section 4. This applies without exception to your health, cycle, mood, and Raha conversation data.

4.7 Legal Disclosure

We may disclose your information only where required by law or in response to a valid, lawful request from a government authority (e.g., a court order or regulatory agency), and only to the minimum extent necessary to comply. Where permitted by law, we will notify you before complying with such a request.

5. Raha - AI Wellness Coach: Detailed Disclosures

5.1 How Raha Works

Raha is NexuSelf's AI-powered wellness coach. She generates personalized coaching responses using your health profile and any wellness data you have logged in the app. Her text responses are generated by Google's Gemini API and delivered to you as synthesized voice via ElevenLabs. Raha's suggestions are recommendations only; see Section 5.5 for the medical disclaimer.

5.2 Raha Is an AI, Not a Human

Raha is an artificial intelligence system. She is not a human, not a licensed medical professional, not a licensed nutritionist, and not a licensed therapist. All interactions you have with Raha are interactions with an automated AI system. NexuSelf will never misrepresent Raha as a human.

5.3 Data Raha Accesses

To generate personalized responses, Raha may access the following data you have provided to NexuSelf:

Your current menstrual cycle phase and cycle history.
Mood and energy level logs.
Sleep quality and duration data.
Hydration and nutrition logs.
Symptoms you have reported.
Conversation history from within the current and recent sessions.

Raha does not access data outside the NexuSelf app. She cannot access your device contacts, calendar, other apps, or any data not explicitly logged in NexuSelf.

5.4 Voice Conversations

When you use Raha's voice feature:

Your spoken words are converted to text and transmitted to Google's Gemini API for response generation.
Raha's text response is transmitted to ElevenLabs for voice synthesis.
NexuSelf does not permanently store raw audio recordings of your voice. Text transcripts are stored for 90 days as described in Section 3.3.
ElevenLabs may retain data related to voice synthesis in accordance with their own Privacy Policy.

5.5 Medical Disclaimer

Raha is a wellness coaching tool. She does not provide medical advice, medical diagnosis, medical treatment, or clinical mental health support. Nothing Raha says constitutes a substitute for the advice of a qualified physician, licensed dietitian, licensed therapist, or other healthcare professional. Do not use Raha's responses to make decisions about your medical treatment, medication, or clinical care. If you have a medical concern, consult a qualified healthcare professional.

5.6 Automated Recommendations - Your Rights

Raha's coaching suggestions are generated by automated AI processing. They are intended as guidance only. NexuSelf does not use Raha's output to make decisions that produce legal or similarly significant effects on you. You are never required to follow Raha's recommendations. Under GDPR Article 22 (EU/UK users), you have the right not to be subject to solely automated decision-making that produces significant effects. If you believe Raha has generated guidance that has negatively affected you, please contact us at Contact Support.

5.7 Opting Out of Raha

Use of Raha is entirely optional. You may disable Raha at any time under Settings → Raha → Disable AI Coach. Doing so will immediately stop all data transmission to Google Gemini API and ElevenLabs. All other NexuSelf features remain fully available after disabling Raha.

6. Your Rights and Choices

6.1 Access and Correction

You may access and correct your personal information at any time:

Go to Settings → Profile to view and edit account information.
Go to Settings → Personal Details to update health and fitness information.
View and manage your food logs and exercise history within the app.

6.2 Deletion of Your Account and Data

You have the right to delete your account and all associated personal data at any time:

In the app: Settings → Account → Delete My Account.
By email: Contact Support - include "Account Deletion Request" in the subject line.

Upon deletion:

Your personal data, health data, food logs, and Raha conversation history are immediately removed from active systems.
All data is permanently purged from backup systems within 45 days. This action is irreversible after the 45-day window.
Certain financial records may be retained as required by law.
Data previously transmitted to Google Gemini API or ElevenLabs is subject to those providers' own retention and deletion policies. We recommend also requesting deletion directly with those providers where applicable.

6.3 Deletion of Raha Conversation History Only

You may delete your Raha conversation history without deleting your account: Settings → Raha → Clear Conversation History. This immediately and permanently deletes all stored conversation transcripts from NexuSelf's systems.

6.4 Withdrawal of Consent

Where we process your data based on your consent (including special category health data and Raha AI processing), you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing that occurred before withdrawal. To withdraw consent:

For Raha AI processing: disable Raha via Settings → Raha → Disable AI Coach.
For health platform integrations: revoke via Settings → Integrations or your device's system settings.
For all other data: delete your account as described in Section 6.2.

6.5 Data Portability

We do not currently provide an automated data export tool. To request a copy of your personal data in a machine-readable format, contact us at Contact Support. We will respond within 30 days.

6.6 Marketing Communications

We do not send marketing or promotional emails. You will receive only essential service communications (e.g., subscription renewal reminders, material policy changes).

7. International Data Transfers

Your data is stored on servers in California, United States. When you use Raha, your data is also transmitted to Google's Gemini API and ElevenLabs, which may process data in the United States and other countries. By using the Service, you acknowledge and consent to the transfer of your data to the United States and other countries where data protection laws may differ from those in your jurisdiction.

For users in the European Economic Area (EEA) and United Kingdom: Transfers to the United States are made on the basis of applicable transfer mechanisms under GDPR, including Standard Contractual Clauses (SCCs) where required. Google and ElevenLabs each maintain GDPR-compliant data processing agreements and participate in applicable adequacy frameworks.

For users in India: Transfers outside India are made in accordance with the Digital Personal Data Protection Act, 2023 (DPDP Act) and the DPDP Rules 2025, with appropriate contractual safeguards in place with our data processors.

8. Children's Privacy

NexuSelf is intended for users aged 13 and above. Users under the age of 18 must have the permission of a parent or legal guardian to use the Service. We do not knowingly collect personal data from children under the age of 13. If you believe we have inadvertently collected data from a child under 13, contact us immediately at Contact Support and we will delete such data promptly.

Users under 18 should not share sensitive health information in Raha conversations without parental awareness, given that such data is transmitted to third-party AI services as described in Section 4.2.

9. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights or freedoms, we will:

Notify affected users via the email address associated with their account within 72 hours of becoming aware of the breach, to the extent practicable.
Notify relevant regulatory authorities as required by applicable law (including under GDPR Article 33, India DPDP Act, and applicable US state breach notification laws).
Provide details of the nature of the breach, the data affected, and the steps we are taking to address it.

10. Changes to This Privacy Policy

We may update this Privacy Policy. When we make material changes - including changes to how we use your health data or changes to third-party AI services - we will:

Update the "Last updated" date at the top of this policy.
Notify you via email and/or in-app notification at least 30 days before the changes take effect.
Where required by law, obtain your fresh consent before applying material changes to special category data processing.

Your continued use of the Service after the effective date of any change constitutes acceptance of the updated policy.

11. Jurisdiction-Specific Rights

11.1 European Economic Area and United Kingdom - GDPR and UK GDPR

Legal Basis for Processing:

Explicit Consent (GDPR Articles 6(1)(a) and 9(2)(a)): Processing of special category data - including menstrual cycle, hormonal health, mood, symptom, and Raha conversation data - is based on your explicit consent given at onboarding and when enabling Raha. You may withdraw this consent at any time as described in Section 6.4.
Contract Performance (GDPR Article 6(1)(b)): Processing of account, fitness goal, and payment-related data is necessary to perform the contract between you and NexuSelf.
Legal Obligation (GDPR Article 6(1)(c)): Certain data may be processed to comply with applicable legal requirements.
Legitimate Interests (GDPR Article 6(1)(f)): Transient server logs for security and fraud prevention are processed on the basis of our legitimate interest in protecting the Service and our users.

Your Rights Under GDPR: You have the right to access, rectify, erase, restrict, and port your personal data; to object to processing based on legitimate interests; to withdraw consent; and to lodge a complaint with your national supervisory authority. To exercise these rights, contact Contact Support. We will respond within 30 days.

Automated Decision-Making (GDPR Article 22): Raha's coaching suggestions are generated by automated AI processing. They do not constitute automated decisions that produce legal or similarly significant effects on you. You are free to disregard any recommendation. You may contact us if you wish to request human review of any guidance provided by Raha.

Data Protection Impact Assessment: We have conducted a DPIA covering our processing of special category health data through Raha and our third-party AI processors.

11.2 United States - California (CCPA / CPRA)

California residents have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

Right to Know: The categories and specific pieces of personal information we collect, the purposes for which we use it, and the categories of third parties with whom we share it.
Right to Delete: Request deletion of your personal information (see Section 6.2).
Right to Correct: Request correction of inaccurate personal information (see Section 6.1).
Right to Opt Out of Sale or Sharing: We do not sell or share your personal information for cross-context behavioral advertising. No opt-out is currently necessary, but you may contact us to confirm.
Right to Limit Use of Sensitive Personal Information: You may limit our use of sensitive personal information (including health and menstrual cycle data) to purposes strictly necessary to provide the Service. To exercise this right, disable Raha and contact us at Contact Support.
Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights.

To submit a CCPA request, contact us at Contact Support with "CCPA Request" in the subject line. We will verify your identity before processing the request and respond within 45 days.

11.3 India - Digital Personal Data Protection Act 2023 (DPDP Act) and DPDP Rules 2025

NexuSelf acts as a Data Fiduciary under the DPDP Act. We process your personal data based on your free, specific, informed, and unambiguous consent, which you provide at account creation and when enabling individual features (including Raha).

Your rights as a Data Principal under the DPDP Act:

Right to Access: Obtain information about the personal data we hold about you and how it is processed.
Right to Correction and Erasure: Request correction of inaccurate data or erasure of data that is no longer necessary.
Right to Grievance Redressal: Have your grievances addressed within a reasonable timeframe. Contact our Grievance Officer at Contact Grievance Officer.
Right to Withdraw Consent: Withdraw consent at any time, without affecting prior processing. Withdrawal of consent will result in the discontinuation of features that depend on that consent.
Right to Nominate: Nominate a person to exercise your rights in the event of your death or incapacity.

Data breach notification: In accordance with the DPDP Act and Rules 2025, we will notify affected users and the Data Protection Board of India of any personal data breach within the timelines prescribed by the Rules.

Cross-border transfers: Your data is stored and processed in the United States. Transfers are made in accordance with applicable DPDP Act requirements. Raha processing involves transmission to Google (USA) and ElevenLabs (USA). You consent to these transfers when you use Raha.

11.4 Other Jurisdictions

We are aware of data protection obligations under other applicable laws, including Brazil's LGPD, Canada's PIPEDA, Australia's Privacy Act 1988, South Korea's PIPA, and applicable laws in other regions where our users are located. If you are located in a jurisdiction with specific privacy rights not addressed above, please contact us and we will respond to your rights request in accordance with applicable local law.

12. Contact Us

For any questions, concerns, or rights requests regarding this Privacy Policy or our data practices:

Email: Contact Support
In-App Support: Settings → Support
Grievance Officer (India DPDP Act): Contact Grievance Officer
Response Time: We aim to respond to all requests within 7 business days and will resolve them within 30 days (or within the shorter period required by applicable law).

13. Your Consent

By creating an account and using NexuSelf, you confirm that you have read and understood this Privacy Policy and agree to the collection, processing, and sharing of your information as described herein. If you do not agree with any part of this Privacy Policy, you must not use the Service. You may withdraw your consent and delete your account at any time as described in Sections 6.2 and 6.4.