MyBloodTest ("we", "our", "the app") is developed by Joelis labs, UAB. This Privacy Policy explains how we collect, use, store, and protect your information when you use MyBloodTest on iOS, Android, or the web.

Data Controller: Joelis labs, UAB, Girulių g. 10-201, LT-12112 Vilnius, Lithuania (Lithuanian Register of Legal Entities code: 307655634). Contact: info@mybloodtest.app

We take your privacy seriously. Your wellness data is sensitive, and we've designed MyBloodTest to keep you in control of it at all times.

Wellness and test result data. Blood test results, body measurements, activity data, and related notes that you enter manually, scan from lab reports, or import from Apple Health or Google Health Connect. This is your core data and the primary purpose of the app.

Account information. If you sign in (via Google, Apple, or Facebook), we receive your name, email address, and profile photo from the authentication provider. We use this solely to identify your account for cloud sync.

App settings and preferences. Your chosen reference range sources, unit systems, display preferences, pinned biomarkers, and custom reference databases.

Child profile data. If you create child sub-profiles, we collect the child's name, date of birth, gender, and lab test results that you enter on their behalf. This data is stored under your account and subject to the same storage and sync policies as your own data. See Section 13 (Children's Privacy) for details.

Camera and photo library access. The app requests access to your device's camera and photo library so you can capture or select lab report images for the AI scan feature. We only access these when you explicitly initiate a scan; we do not access them in the background, and we do not access any photos other than the ones you select for scanning.

Scanned lab report images. When you use the AI scan feature, your lab report images are sent to our Cloud Function server for processing. The images are not stored after processing is complete. The extracted text data (test names, values, units) is returned to your device.

Anonymous usage analytics. We collect anonymous, aggregated usage data through Firebase Analytics to understand how the app is used and prioritize improvements. This includes events such as which features are used (e.g., scan, manual entry, wellness app import), which biomarker categories are popular, which reference sources are selected, and general app interaction patterns. These events contain no logged values, test results, personal notes, or information that could identify you or your personal circumstances.

Ad attribution data. With your permission (collected at onboarding via the analytics consent toggle and changeable at any time in Settings), we measure where new installs came from — which marketing campaign, ad network, or referrer — using Adjust. Adjust receives a minimal set of device-level identifiers (e.g. Android Advertising ID, anonymized device fingerprint) and install/open events. It does not receive your wellness data, test results, personal notes, or any identifying information. Turning analytics off in Settings stops sending events to Adjust on this device.

Crash reports. We use Firebase Crashlytics to collect anonymous crash reports when the app encounters an error. These reports include device type, operating system version, and a technical stack trace to help us identify and fix issues. Crash reports never contain your wellness data, test results, or personal information.

Rate-limit metadata. We track AI scan and AI Insight request counts per account to enforce monthly usage limits and prevent abuse.

Web storage and cookies. On the web version, we use browser localStorage to store essential preferences (theme, language, sign-in state) and your cookie-consent decision. With your permission — collected via the cookie banner shown to visitors in the EU/EEA, UK, and Switzerland on first visit — we also load Firebase Analytics (Google Analytics) to measure aggregated, anonymous usage of the website. Firebase Analytics may set its own first-party cookies/identifiers in your browser. We do not use advertising SDKs or third-party tracking services. You can change your cookie preferences for this browser using the button below.

We do not collect your location, contacts, call logs, browsing history, or any data unrelated to wellness tracking. We do not use advertising identifiers. We do not sell, rent, or trade your personal data to anyone.

Local storage (default). All your wellness data is stored locally on your device using SQLite. The app works fully offline. No account or internet connection is required to use the core features.

Cloud sync (optional). If you sign in and enable cloud sync, your manually entered and scanned results, settings, and custom reference databases are synced to Google Firebase Firestore. This data is stored in Firebase's secure infrastructure and is accessible only by your authenticated account. You can disable cloud sync at any time — your local data remains unaffected.

Wellness app imports (local only). Data imported from Apple Health or Google Health Connect is never uploaded to our servers or synced to the cloud. It stays exclusively on the device where it was imported. Each device independently imports from its local wellness platform.

Your data is used solely to provide and improve the app:

• Display your test results, trends, and status indicators • Compute whether values are within reference ranges • Sync data across your own devices (when enabled) • Process lab report images for AI-powered text extraction • Rate-limit AI scan and AI Insight requests to maintain service quality • Collect anonymous usage patterns to understand which features to improve • Collect crash reports to identify and fix bugs

We do not use your wellness data for advertising, marketing, profiling, or research. Anonymous analytics events never contain your actual logged values or test results — only general interaction patterns (e.g., "user scanned a report", not "user's glucose is 5.2").

Under the EU General Data Protection Regulation (GDPR), we process your data on the following legal bases:

• Explicit consent (Art. 9(2)(a)). Your wellness and test result data is "special category" data under GDPR Article 9. We process it only with your explicit consent, which you provide when entering, scanning, or importing wellness data. You may withdraw consent at any time by deleting your data or account. • Contract performance (Art. 6(1)(b)). Account authentication and cloud sync are processed as necessary to provide the service you requested. • Legitimate interest (Art. 6(1)(f)). Anonymous usage analytics and crash reporting help us maintain and improve the app. These never contain your wellness data or personally identifiable information.

When you scan a lab report, the image is sent to a Firebase Cloud Function which forwards it to one of our AI providers — Anthropic Claude (served either directly via Anthropic's API or via Amazon Web Services' Bedrock platform), Google Gemini, or OpenAI's ChatGPT (served via Microsoft's Azure OpenAI Service) — for text extraction. The provider and routing used for any given request are selected by us based on availability, model performance, and cost; you do not choose the provider. All providers' API terms prohibit using API inputs for their own model training by default. The extracted results are written to your Firestore document and then to your device.

Lab report images — default behavior. By default, lab report images you scan are processed by the AI provider for text extraction and discarded immediately after processing. They are not retained on our servers, on the AI provider's servers, or anywhere else.

Optional retention for product improvement. If you enable "AI Training Data" in Settings (under Privacy → Help improve MyBloodTest), your scanned lab report images are retained on our servers (Firebase Storage) and may be used to improve our own AI scanning models. You can disable this option at any time. When you disable it, all previously retained lab report images are automatically deleted from our servers.

Firebase, operated by Google Ireland Limited (EU users) / Google LLC (US). Authentication, cloud database (Firestore), Cloud Functions, hosting, anonymous usage analytics (Firebase Analytics), and crash reporting (Firebase Crashlytics). Analytics data is aggregated and not linked to your identity. Subject to Google's privacy policy.

Adjust (Adjust GmbH, Germany). Used to measure install attribution and basic post-install events when you allow analytics. Adjust acts as a data processor for Joelis labs and only receives device-level identifiers and install/open events — never your wellness data, test results, or personal notes. Subject to Adjust's privacy policy at adjust.com/privacy-policy.

AI providers — Anthropic (Claude), Google (Gemini), and OpenAI (ChatGPT). Used for AI-powered lab report text extraction and AI Wellness Insights. Claude is served either directly via Anthropic's API or via Amazon Web Services' Bedrock platform; ChatGPT is served via Microsoft's Azure OpenAI Service; Gemini is served directly via Google's API. Any given request may be routed to any of these providers and any of these underlying platforms based on availability, model performance, and cost. Images and prompts are processed via API and not retained. Subject to each provider's and platform's respective API terms (Anthropic, AWS, Google, OpenAI, Microsoft).

Apple Health / Google Health Connect. On-device wellness data APIs. We only read data — we never write to these platforms. Data access requires your explicit permission and can be revoked at any time in your device settings.

Authentication providers (Google, Apple, Facebook). We receive only basic profile information (name, email, photo) during sign-in. We do not access your contacts, posts, or any other data from these platforms.

Some of our third-party service providers (Firebase/Google, Anthropic, OpenAI, Amazon Web Services, Microsoft) are based in the United States. When you use cloud sync or the AI scan feature, your data may be transferred to and processed in the US. These transfers are protected by the EU-US Data Privacy Framework and Standard Contractual Clauses (SCCs) as approved by the European Commission, ensuring your data receives an adequate level of protection as required by GDPR.

Your local data persists until you uninstall the app or clear app data. Cloud-synced data persists in Firestore until you delete it.

You have two options:

• Open MyBloodTest and sign in if you aren't already. • Go to the Settings and open the Sync tab. • Scroll to the bottom and tap Delete Account. • Confirm by typing DELETE when prompted.

This permanently removes all your locally stored data, all cloud-synced data (Firestore documents under your user ID), child profile data, custom reference databases, AI scan and Insight rate-limit counters, your active subscription record, and your authentication record (your Google, Apple, Facebook, or email/password sign-in identity). Wellness app imports are also cleared. If you signed in with Apple, your Apple ID grant for MyBloodTest is also revoked at deletion time, so the app no longer appears under "Sign in with Apple" in your iCloud settings. The action cannot be undone.

If you no longer have access to the app (e.g. uninstalled it, lost your device, or can't sign in), email us at info@mybloodtest.app from the email address tied to your account, with the subject "Account deletion request". We'll confirm and complete the deletion within 30 days.

• Delete individual results. Long-press any result in Calendar or History and tap delete. • Export your data first. Use Settings → Export to download all your data as JSON before deletion. • Disconnect wellness imports. Wellness app imports are deleted from MyBloodTest when you disconnect the wellness platform in Settings. They can be re-imported at any time by reconnecting. • Uninstall the app. Uninstalling removes the on-device data, but cloud-synced data remains until you delete it via the in-app option or email request above.

Disaster recovery snapshots. To protect against accidental data loss caused by software bugs or operational errors, our cloud database (Firebase Firestore) maintains automated point-in-time recovery snapshots for up to 7 days. When you delete your account, your data is removed immediately from active systems and purged automatically from these snapshots within 7 days as the recovery window rolls forward. Snapshots are encrypted at rest and accessible only by Joelis labs personnel for disaster recovery purposes — they are never read for any other reason and never shared with third parties.

Data in transit is encrypted via TLS (HTTPS). Firebase Firestore data at rest is encrypted by Google. Local SQLite data is stored in the app's private sandbox, inaccessible to other apps. Authentication tokens are managed by Firebase Auth with industry-standard security. AI provider API keys (Anthropic, Google, OpenAI) are stored in Google Secret Manager and never exposed to clients.

Depending on your jurisdiction, you may have the right to:

• Access all personal data we hold about you • Export your data (via the app's built-in Export feature) • Delete your data (individual results or full account) • Withdraw consent for cloud sync at any time • Revoke wellness data access in your device settings • Opt out of anonymous analytics collection

For GDPR (EU/EEA), CCPA (California), or other data protection requests, contact us at the email below. If you are in the EU/EEA and believe your data protection rights have been violated, you have the right to lodge a complaint with your local supervisory authority. In Lithuania, this is the State Data Protection Inspectorate (Valstybinė duomenų apsaugos inspekcija, VDAI) at vdai.lrv.lt.

If a government authority or law enforcement agency requests user data, Joelis labs, UAB reviews each request for legal validity and jurisdiction before responding. We challenge requests that appear unlawful, overbroad, or extrajudicial. Where disclosure is legally required, we disclose only the minimum information necessary and never bulk account contents. We document every request received, our response, and the legal basis. We will notify affected users of any request unless legally prohibited from doing so.

Child profiles managed by an account holder. Account holders may create child profiles within their own account to track wellness data for their minor children for whom they are the parent or legal guardian. Child profiles are not separate accounts — they are managed entirely by the adult account holder, who is responsible for all data entered. The child does not log in, sign up, or interact with the app directly. Wellness app integration, usage analytics, and AI training data collection are automatically disabled for child profiles.

Data collected for child profiles. We collect the child's name, date of birth, gender, and lab test results entered by the parent. This data is stored under the parent's account and subject to the same local storage and optional cloud sync policies described in this Privacy Policy.

Protections for child profiles. When a child profile is active: • Wellness app integration (Apple Health, Google Health Connect, Fitbit, Withings) is disabled — no automated data collection occurs for children. • Firebase Analytics and Crashlytics are disabled — no usage analytics or crash reports are collected. • AI training data consent is hidden and always off — children's lab report images are never stored for training purposes.

Legal basis. We process child wellness data based on the explicit consent of the parent or legal guardian, in compliance with GDPR Article 8 (parental consent for children's data in Lithuania applies to children under 16), COPPA (US, children under 13), and Apple's guidelines for handling minors' data.

Parental rights. Parents can view, edit, export, and delete all data associated with a child profile at any time. Deleting a child profile permanently removes their results and profile data from both the device and the cloud (if sync is enabled). To request complete deletion of a child's data, parents may also contact us at the email below.

No direct child access. Children do not have independent accounts. The app requires the parent's authenticated session to access child data. If you believe a child has accessed the app without parental supervision, please contact us.

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the app after changes constitutes acceptance.

If you have questions about this Privacy Policy or want to exercise your data rights, contact us at:

Email: info@mybloodtest.app