Effective Date#

Effective date: 2026-02-27
Last updated: 2026-02-27

Who We Are#

Insights is provided by JWB Systems (England and Wales).

Contact for privacy requests: privacy@jwbsystems.com

Age Requirement#

Insights is intended for people aged 16 and over.

What We Collect#

We collect the following categories of personal data when you use Insights:

  • Account and profile data: username, email address, password hash, profile fields (for example birth date, height, marketing preference).
  • Subscription and billing data: current plan, billing interval, payment method, and subscription lifecycle records.
  • Purchase and receipt records: Stripe references, Apple/Google purchase transaction records, and audit metadata.
  • Health and activity data: tracks you create (for example steps, sleep, workouts, blood pressure, medication, goals, and other custom tracking entries).
  • Nutrition and meal data: meal entries, meal photos, AI analysis outputs, and saved meal templates.
  • Journal data: journal text, audio/video uploads, and transcript text/segments.
  • Location data: GPS points, movement/location summaries, place boundaries, and related metadata where enabled.
  • AI conversation data: prompts, responses, conversation history, and user facts inferred from conversations.
  • Device and sync data: device identifiers, app/software version, sync logs, and debug logs uploaded from devices.
  • Technical and security data: authentication tokens, request metadata, and operational logs needed to secure and run the service.

How We Use Data#

We use personal data to:

  • provide tracking, analytics, sync, and account features;
  • process subscriptions and purchases;
  • run AI features (assistant, food analysis, transcription);
  • protect service security, integrity, and abuse prevention;
  • troubleshoot reliability and support issues;
  • meet legal and accounting obligations.

Where GDPR applies, we process data under these legal bases:

  • Contract: to provide your account, sync, subscriptions, and core product functions.
  • Consent: for health-related data processing and optional location permissions.
  • Legitimate interests: for security, fraud prevention, diagnostics, and service reliability.
  • Legal obligation: where records must be retained for tax/accounting or legal compliance.

You can withdraw optional consents in app/device settings, but some features may stop working.

Third-Party Processors#

We use service providers that process data on our behalf:

  • Google Cloud Platform (GCP): hosting, databases, storage, and infrastructure operations.
  • OpenAI: AI assistant and food-analysis related model processing.
  • AssemblyAI: transcription of journal audio where that feature is used.
  • Stripe: web subscription billing.
  • Apple App Store / Google Play: in-app purchase processing and subscription validation.
  • LogMeal (where enabled): food-recognition support in meal analysis flows.

We do not sell personal data.

Cookies and Similar Technologies#

  • The privacy/help static sites are Hugo static pages and do not set advertising cookies by default.
  • The Django portal uses essential cookies such as session and CSRF cookies for authentication and security.

See also the Cookie Policy page.

Retention#

Retention depends on data type and plan limits. Current plan-level retention limits are:

  • Free: 30 days
  • Standard: 365 days
  • Premium / Comp: 1095 days (3 years)

See the Data Retention page for category-specific details.

Your Rights#

Depending on your jurisdiction, you may have rights to:

  • access your personal data,
  • correct inaccurate data,
  • request deletion (right to erasure),
  • object to or restrict certain processing,
  • request portability where applicable.

To exercise rights, contact privacy@jwbsystems.com.

International Transfers#

Data may be processed in jurisdictions outside your country. Where required, we apply appropriate safeguards for international transfers.

Security#

We use technical and organizational controls, including encryption in transit and access controls. No system is perfectly secure, but we continuously improve protections.

Changes To This Policy#

We may update this Privacy Policy to reflect product or legal changes. We will update the “Last updated” date when changes are published.