Life Assistant AI Privacy Notice

Last updated: June 2, 2026

This Privacy Notice explains what information we collect, how we use it, when we share it, and how we protect it when you use Life Assistant AI. It is written to give users a clearer explanation of our health-data, AI, and connected-account practices, including Google Health sync.

1. What Changed

• We added a clearer explanation of how Google Health sync works and that the Google Health scope we request is read-only.
• We clarified what fitness data may be imported into your account and how imported exercise records are stored.
• We clarified that your personal data is not used to train or fine-tune our own AI models.
• We clarified that we do not publicly share, sell, or broker your private health or fitness data.
• We added more detail about encryption, access controls, and what happens when you disconnect a provider or delete imported exercise data.

2. Who We Are

Life Assistant AI is a personal health and life-management platform that includes journaling, planning, nutrition, exercise tracking, and selected AI-assisted features. Questions about this notice may be sent to [email protected].

3. Information We Collect

We collect information from three main sources: information you provide directly, information generated when you use the service, and information you choose to sync from connected providers.

• Account and profile data: Name, email address, profile information, and account settings.
• User-submitted content: Journal entries, planning information, nutrition logs, exercise entries, medical-history fields, and other content you enter into the app.
• Connected fitness data: If you connect Google Health or Strava, we may import activity data such as activity name or type, date and start time, duration, distance, calories, step count, heart-rate metrics, elevation metrics, provider activity identifiers, and related provider payload data used to display, deduplicate, or maintain synced workouts.
• Connection and authentication data: OAuth tokens, token expiry, granted scopes, sync timestamps, and provider account identifiers needed to keep the connection working. Third-party OAuth access and refresh tokens are stored using encrypted model fields.
• Technical and security data: Log information, device or browser information, IP-related request metadata, and diagnostics used for security, reliability, and abuse prevention.

4. How We Collect It

• Directly from you: When you create an account, fill out forms, enter health or journal information, or contact support.
• From connected services: When you authorize Google Health or another provider, we fetch the data needed to support the sync feature you asked us to provide.
• Automatically: Through logs, sessions, and normal platform operations used to secure and run the service.

5. Google Health Data

If you choose to connect Google Health, we request the scope https://www.googleapis.com/auth/googlehealth.activity_and_fitness.readonly. That scope is used to read activity and fitness information so we can import workouts into your account. We do not use that connection to post back to Google Health or modify your Google Health records.

The use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

6. How We Use Your Data

• Provide the service: Create and manage your account, display your data, and operate features you request.
• Sync connected workouts: Import fitness activities, avoid duplicate imports, maintain connection status, and let you review imported exercise details.
• Generate app functionality: Calculate exercise calories, update summaries, and support search, filtering, reporting, and personalization inside your account.
• Support and security: Troubleshoot issues, prevent misuse, investigate abuse, and protect the integrity of the platform.
• Legal compliance: Meet legal, regulatory, tax, accounting, or enforcement obligations when required.

7. AI Data Use and Model Training

• We do not use your private health, fitness, journal, or other sensitive user content to train or fine-tune our own AI models.
• We do not use Google Health data to build public datasets, advertising profiles, or data products.
• When you use an AI-assisted feature, we may send the minimum content needed to a service provider that powers that feature.
• For API-based AI features, we intend to use business/API offerings that do not use API inputs and outputs for model training by default unless an explicit opt-in is separately enabled by the account owner.

8. Sharing and Disclosure

We do not sell your personal data. We do not publicly publish your private health or fitness information as part of the ordinary operation of the service.

We may share information only in the following limited circumstances:

• Service providers and processors: Hosting, infrastructure, authentication, analytics, email, and AI vendors that help us operate requested features under contractual or operational controls.
• Connected providers: When you intentionally connect or use a third-party integration, information is exchanged as needed to complete that action.
• Legal and safety needs: When required by law, legal process, or to protect users, the service, or the public.
• Corporate transactions: If the business is reorganized, merged, or sold, subject to applicable legal protections.

We do not share Google Health data with data brokers, advertisers, or other third parties for independent marketing use.

9. Retention and Deletion

We keep information for as long as reasonably necessary to provide the service, maintain account records, resolve disputes, protect against fraud or abuse, and comply with legal obligations.

• Disconnecting a provider: Disconnecting Google Health or another fitness provider stops future syncs, but it does not automatically delete workouts that were already imported into your account.
• Deleting an imported workout: If you delete an imported exercise entry from the app, the visible exercise row is removed. We may retain related import metadata so the same provider activity is not recreated on the next sync.
• Connection records: We may retain inactive connection metadata for operational, security, backup, or recordkeeping purposes unless and until it is deleted through account cleanup or a verified deletion request.

10. Data Security

We use administrative, technical, and organizational safeguards designed to protect user data. These measures include encryption where appropriate, encrypted storage for third-party OAuth tokens, access restrictions, authentication controls, and secure communications with third-party providers over HTTPS/TLS.

No system can guarantee absolute security. You are responsible for keeping your account credentials secure and notifying us if you believe your account has been compromised.

11. Your Rights and Choices

• Access, update, or correct account and profile information.
• Disconnect Google Health or other third-party providers.
• Delete entries you created or imported through the app interface where available.
• Request deletion of your account or other data, subject to legal or operational retention needs.
• Object to or restrict certain processing where applicable law gives you that right.
• Lodge a complaint with a regulator where applicable.

12. Children’s Privacy

This service is intended for adults and is not directed to children under 18. If we learn that we have collected personal information from a child in violation of applicable law, we will take reasonable steps to delete it.

13. Changes to This Notice

We may update this notice from time to time. If we make a material change, we may notify users through the website, email, or an in-product notice before or when the update becomes effective.

14. Contact

If you have a privacy question, want to make a data request, or want imported fitness data and connection records reviewed for deletion, contact [email protected].