Log & Grow — Personal Health & Nutrition Coach
This Privacy Policy describes how Invictus Publishing Ltd. ("we", "our", or "us"), trading as Log & Grow, collects, uses, and protects information in connection with the Log & Grow mobile application ("the App"). It applies to all users of the App and has been prepared in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR").
We are committed to protecting your personal data and to being fully transparent about how we handle it. Please read this policy carefully before using the App.
The data controller responsible for your personal data is:
We do not knowingly collect personal data from individuals under the age of 18. If you are under 18, please do not use the App or provide any personal data through it.
If we become aware that we have inadvertently collected personal data from a person under 18, we will take immediate steps to delete that information. If you believe we may have collected data from a minor, please contact us at the Contact Us menu option directly in the app.
We do not sell, share, rent, or trade your personal data with third parties for their own purposes.
When you use features powered by artificial intelligence — such as personalised health coaching or meal recognition — your data is transmitted to third-party AI services solely to generate a response. That response is returned to your device and stored locally. The third-party services do not retain your data beyond the processing of each individual request, in accordance with their respective data processing terms.
When you use the App, you may choose to enter the following personal and health data. All data is stored exclusively on your device in an encrypted database:
The legal basis for processing this data is your explicit consent (GDPR Article 6(1)(a)) and, for health-related data, your explicit consent for the processing of special category data (GDPR Article 9(2)(a)). You may withdraw consent at any time via App Settings.
The App uses Firebase Authentication (Google Ireland Limited) to assign an anonymous identifier to your device session. This identifier:
The App uses Firebase Crashlytics for crash reporting services, resolving technical issues and bugs.
The App does not use analytics tools or any advertising identifiers beyond what is described in this policy.
Where you have provided a location in your profile, the App may retrieve local environmental data including outdoor temperature, humidity, and air quality measurements (NO₂, O₃, SO₂, PM₂.₅, PM₁₀, NH₃, CO). This data is fetched via our secure server-side functions and stored locally on your device alongside your health records.
If you use the "Contact Us" feature, you may provide your email address and a message. This is transmitted solely to allow us to respond to your enquiry. We do not add you to any mailing list without your explicit consent.
We use the data described in Section 5 for the following purposes only:
We do not use your data for advertising, profiling for third-party commercial purposes, or any purpose not listed above.
We do not use your data for training AI models, all AI services are enterprise paid services from top providers within the EU and USA which adhere to strict data protection standards.
When you use AI-powered features, selected health data is transmitted securely to the following third-party providers solely to generate a response, these are enterprise AI services governed by strict data protection standards, your data is not used at any point for AI training purposes. Providers do not store your personal data beyond processing each individual request.
All data transmitted to third-party processors is sent over encrypted connections (HTTPS/TLS). Providers located outside the EEA process data under EU Standard Contractual Clauses approved by the European Commission.
We do not operate or maintain any central server database containing your personal health records. The only data that exists on external servers at any point is transient data being processed in real time by our third-party AI providers as described in Section 7, and the anonymous session identifier managed by Firebase Authentication.
You are responsible for maintaining the security of your own device, including its screen lock and operating system updates. If your device is lost or stolen, your encrypted data cannot be accessed without your device's authentication credentials.
Your health data is retained on your device for as long as you choose to keep the App installed. The App is designed to support up to ten years of historical health data to enable meaningful long-term trend analysis.
You may delete all data at any time by uninstalling the App, which removes the encrypted database from your device. You may also export all your data at any time using the Export My Data feature in App Settings.
Your anonymous Firebase Authentication session is retained for as long as your App installation exists. Firebase automatically clears inactive anonymous sessions after an extended period of inactivity in accordance with Google's standard retention practices.
As a data subject under GDPR, you have the following rights with respect to your personal data:
Access all your health data directly through the App at any time, or export a complete copy using the Export My Data feature in Settings.
Correct or update your personal data at any time through the App's Home screen and Profile screen.
Uninstalling the App constitutes complete erasure of your personal health records. Contact us to request deletion of your anonymous authentication identifier from Firebase using the Contact Us menu option in the app.
Restrict AI processing at any time by revoking the privacy agreement in App Settings. All outbound API calls are disabled immediately.
Export all your health data in machine-readable JSON format at any time via Export My Data in Settings. Delivered as a ZIP archive.
Object to any processing of your personal data at any time by contacting us at the Contact Us menu option in the app or revoking the in-app privacy agreement.
Withdraw consent at any time via App Settings. This does not affect the lawfulness of processing carried out before withdrawal.
To exercise any of the above rights, contact us at the Contact Us menu option in the app. We will respond within 30 days and may ask you to verify your identity before processing certain requests.
If you believe that we have processed your personal data in a manner that does not comply with GDPR, you have the right to lodge a complaint with the relevant supervisory authority. As we are based in the Czech Republic, the competent supervisory authority is:
You may also lodge a complaint with the supervisory authority of the EU member state where you reside or work if different from the Czech Republic.
The App processes health-related data including body weight, blood pressure, pulse rate, symptoms, and meal nutritional information. Under GDPR Article 9, this constitutes special category data and is subject to enhanced protections.
We process this data solely on the basis of your explicit consent, provided when you accept the in-app privacy agreement. This consent is entirely voluntary. The App remains partially functional (manual data logging and historical report viewing) even if you decline AI processing. You may withdraw your consent for AI processing at any time via App Settings without losing access to your locally stored data.
The App uses AI to generate personalised health and nutrition coaching reports based on your health data. This constitutes automated analysis of personal data. However, these reports are informational and advisory in nature only. They do not produce legal effects or similarly significantly affect you.
The App is not directed at children under the age of 18. We do not knowingly collect personal data from children under 18. If you are a parent or guardian and believe your child has provided personal data through the App, please contact us immediately at the Contact Us menu option in the app and we will take prompt steps to delete that information.
Some of our third-party AI service providers are located outside the European Economic Area (EEA), specifically in the United States. When your data is transmitted to these providers for AI processing, it is transferred outside the EEA. We ensure that such transfers are protected by appropriate safeguards as required by GDPR Chapter V:
You may request a copy of the relevant transfer safeguards by contacting us at the Contact Us menu option in the app.
We may update this Privacy Policy from time to time to reflect changes in our practices, the App's functionality, or applicable law. When we make material changes, we will notify you through the App with a prompt to review and re-accept the updated policy. The effective date at the top of this document will be updated accordingly.
Your continued use of the App after the effective date of a revised policy constitutes your acceptance of the changes. If you do not agree to the revised policy, please stop using the App and contact us at the Contact Us menu option in the app to request deletion of your authentication data.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: