Privacy Policy

Effective Date: 2025-09-01 | Last Updated: 2025-09-01

1. Introduction

Welcome to LymeTrack (“App,” “we,” “us,” or “our”), a wellness tracking application operated by Light Works Studio, LLC (“Company”), a company registered in the United States. We respect your privacy and are committed to protecting your personal information in accordance with applicable data protection laws worldwide.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application, regardless of where you are located. By using LymeTrack, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the App.

2. Wellness Tracker Disclosure

LymeTrack is a general wellness and lifestyle tracking application. It is designed to help users track their daily wellness patterns, habits, and lifestyle factors. The App:

  • Is NOT a medical device
  • Does NOT provide medical advice, diagnosis, or treatment
  • Is intended for general wellness and informational purposes only
  • Should NOT replace professional medical consultation

3. Information We Collect

Personal Information You Provide

When you register and use LymeTrack, we may collect:

  • Account Information: Email address, name, and password
  • Wellness Data: Self-reported symptoms, wellness activities, environmental factors, daily check-ins, journal entries, and wellness scores
  • Profile Information: Display name, profile photo (optional), country/region
  • Usage Data: Check-in streaks, app preferences, and interaction patterns

Information Automatically Collected

When you use the App, we automatically collect:

  • Device Information: Device type, operating system, unique device identifiers, language settings
  • Usage Analytics: App features used, frequency of use, performance data (with your consent where required)
  • Error Reports: Crash logs and error data to improve app stability
  • IP Address: For security and regional service provision (not stored with personal data)

Information We Do NOT Collect

  • We do not collect precise GPS location data
  • We do not access your contacts or photos without explicit permission
  • We do not collect biometric or genetic data
  • We do not collect special categories of personal data beyond self-reported wellness information

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process your personal data based on:

  • Consent: For wellness data processing, analytics, and optional features
  • Contract: To provide the services you've requested through your subscription
  • Legitimate Interests: For service improvement, security, and fraud prevention
  • Legal Obligations: When required by applicable law

You may withdraw your consent at any time through the app settings or by contacting us.

5. How We Use Your Information

We use your information to:

  • Provide Core Services: Enable wellness tracking, pattern monitoring, and lifestyle logging
  • Generate Insights: Create trends and correlations from your wellness data (within your account only)
  • Maintain the App: Fix bugs, improve performance, and develop new features
  • Communicate: Send check-in reminders and support responses (with your consent)
  • Ensure Safety: Detect and prevent fraud, abuse, or security issues
  • Legal Compliance: Comply with applicable laws and regulations

6. Data Sharing and Disclosure

We Do NOT Sell Your Data

We never sell, rent, or trade your personal information to third parties for their marketing purposes.

Limited Sharing

We may share your information only in these circumstances:

  • With Your Explicit Consent: When you authorize sharing (e.g., exporting data for personal use)
  • Service Providers: With carefully selected third-party services that help operate our app
  • Legal Requirements: If required by law, court order, or governmental request in any jurisdiction
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice)
  • Protection: To protect rights, property, or safety in accordance with applicable law

7. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, particularly the United States where our primary servers are located.

Transfer Safeguards

We ensure appropriate safeguards for international transfers through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions where applicable
  • Your explicit consent for transfers where required

8. Data Storage and Security

Where Your Data is Stored

  • Primary Storage: Secure, encrypted servers in the United States
  • Backups: Encrypted backups in geographically distributed locations
  • Regional Caching: Content delivery networks for performance (no personal data)

Security Measures

  • End-to-end encryption for sensitive wellness data
  • Encryption of data in transit (TLS 1.3) and at rest (AES-256)
  • Secure authentication protocols with multi-factor authentication option
  • Regular security audits and penetration testing
  • Limited access controls (principle of least privilege)
  • OWASP security standards compliance

Data Retention

  • Active Accounts: Data retained while account is active
  • Account Deletion: All personal data deleted immediately upon request
  • Legal Holds: Data may be retained longer if required by law
  • Anonymized Data: May be retained indefinitely for analytics (cannot identify you)

9. Your Privacy Rights

Universal Rights

Regardless of location, you have the right to:

  • Access: Request a copy of your personal data
  • Correct: Update or correct inaccurate information
  • Delete: Request deletion of your account and all associated data
  • Export: Download your data in a portable format (JSON/CSV)
  • Opt-Out: Disable notifications, analytics, or marketing communications

Regional Rights

Additional rights apply based on your location:

  • EU/UK (GDPR): Data portability, restriction, objection, and right to lodge complaints
  • California (CCPA/CPRA): Know what's collected, delete data, opt-out of sale
  • Canada (PIPEDA): Access, challenge accuracy, know usage
  • Australia (Privacy Act): Access, correct, opt-out of marketing

To exercise any of these rights, contact us at [email protected].

10. Children's Privacy

Age requirements vary by region:

  • United States: 13 years or older
  • European Economic Area: 16 years or older (or 13 with parental consent where permitted)
  • Other Regions: Minimum age as required by local law

We do not knowingly collect personal information from children under the applicable age limit. If we learn we have collected information from a child under the required age, we will promptly delete it.

11. Cookies and Tracking Technologies

We use essential cookies and similar technologies to maintain your session and preferences, ensure security, and remember your consent choices. Optional analytics and performance cookies require your consent where required by law.

12. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in law or our practices. We will notify you of material changes by in-app notification, email notification (for significant changes), and providing 30 days notice for material adverse changes.

13. Contact Us

For privacy-related questions, requests, or concerns, please contact our Data Protection Officer:

Light Works Studio, LLC
117 S Lexington Street, STE 100
Harrisonville, MO 64701, USA
Email: [email protected]
Response Time: Within 30 days

Your Privacy is Our Priority. At LymeTrack, we understand that tracking your wellness journey is personal. We're committed to protecting your privacy across all jurisdictions and giving you control over your data.