Privacy Policy

# Privacy Policy

Effective date: [Month Day, Year]
Last updated: [Month Day, Year]

This Privacy Policy explains how twoRings ("twoRings," "we," "us," or "our") collects, uses, discloses, and protects information when you use the twoRings mobile application and related services (the "Service").

If you do not agree with this Privacy Policy, do not use the Service.

## 1. Information We Collect

We collect information you provide directly, information collected automatically, and information from third parties.

### A. Information You Provide

- Account information (for example, user ID, email, and profile details if provided).
- App inputs and content (for example, nutrition logs, goals, referral code, and support messages).
- Images and food photos you upload.
- Any information you share when using app features.

### B. Health and Fitness Data

If you choose to connect Apple Health, we may access and process health and fitness data that you authorize (for example, activity, workout, or calorie-related data) to provide app features.

- We only access Apple Health data with your permission.
- You can revoke Apple Health access at any time in Apple Health settings.

### C. Subscription and Transaction Data

When you purchase a subscription through Apple In-App Purchase, Apple processes the payment. We receive limited subscription data needed to verify and manage your entitlement status (for example, product ID, transaction identifiers, expiration status, and renewal state).

We do not receive your full payment card details.

### D. Information Collected Automatically

- Device and app information (for example, app version, OS version, device model).
- Usage and diagnostics data (for example, crash logs, performance, and feature usage metadata).
- Technical logs required to operate, secure, and debug the Service.

## 2. How We Use Information

We use information to:

- Provide and operate the Service.
- Personalize calorie, nutrition, and progress experiences.
- Process and validate subscriptions and restore purchases.
- Improve product performance and reliability.
- Detect fraud, abuse, or security incidents.
- Communicate with you about updates or support requests.
- Comply with legal obligations and enforce our terms.

## 3. Legal Bases (Where Applicable)

Depending on your location, we process personal data based on:

- Performance of a contract (providing the Service).
- Legitimate interests (security, analytics, product improvement).
- Consent (for example, Apple Health permissions).
- Legal obligations (compliance and recordkeeping).

## 4. How We Share Information

We do not sell personal information.

We may share information with:

- Service providers and infrastructure vendors (for hosting, storage, analytics, and support).
- Apple, for subscription verification and entitlement management.
- Vendors that process requested features (for example, image analysis and AI-powered app functionality).
- Legal authorities or other parties when required by law or to protect rights and safety.
- A successor entity in a merger, financing, acquisition, or asset sale.

We require vendors to protect data and use it only for authorized purposes.

## 5. Data Retention

We retain information for as long as necessary to provide the Service, meet legal obligations, resolve disputes, and enforce agreements.

Retention may vary by data type (for example, logs may be retained for shorter periods than account records).

## 6. Your Choices and Rights

Depending on your location, you may have rights to:

- Access personal information.
- Correct inaccurate information.
- Delete certain information.
- Restrict or object to certain processing.
- Request data portability.
- Withdraw consent where processing is based on consent.

To exercise rights, contact us at: [privacy@yourdomain.com]

We may need to verify your identity before processing requests.

## 7. Account and Data Deletion

You may request account deletion by contacting us at: [privacy@yourdomain.com]

If requested, we will delete or de-identify personal information unless we must keep certain data for legal, security, fraud prevention, or legitimate business purposes.

## 8. Children

The Service is not directed to children under 13 (or higher age where required by local law). We do not knowingly collect personal information from children without appropriate legal basis.

If you believe a child has provided personal information, contact us and we will take appropriate steps.

## 9. Security

We use reasonable administrative, technical, and organizational safeguards to protect information. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

## 10. International Transfers

Your information may be processed in countries other than your own. Where required, we use appropriate safeguards for international transfers.

## 11. Third-Party Services

The Service may link to or integrate third-party services. Their privacy practices are governed by their own policies.

## 12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will update the "Last updated" date and, where required, provide additional notice.

## 13. Contact Us

For privacy questions or requests, contact:

- Company: [Legal Company Name]
- Email: [privacy@yourdomain.com]
- Address: [Company Mailing Address]

---

This draft is provided for product and App Store readiness and should be reviewed by legal counsel before publication.