Privacy Policy
Effective date: January 2026 | Last updated: January 2026
This Privacy Policy explains how BLUEPINKSECURITY LTD ("Bionutara", "we", "us", "our") collects, uses, shares, and protects personal data when you use the Bionutara mobile application and our website (bionutara.fr) (together, the "Services").
1. Privacy Summary
- We use Auth0 for authentication.
- If you use voice features, we process audio recordings and generate transcripts.
- We use Microsoft Azure for hosting and AI processing.
- We use ElevenLabs for voice audio processing.
- We use Google Analytics in the app (with opt-out available).
- You can delete your content anytime.
- We do not sell your personal data.
2. Who We Are
Controller: BLUEPINKSECURITY LTD (United Kingdom)
Privacy: dpo@bionutara.fr
Support: contact@bionutara.fr
3. Personal Data We Collect
A) Account Data
- Auth0 identifier, email address, account metadata
B) Voice and Conversation Data
- Audio recordings, transcripts, conversation content
C) Technical Data
- Device identifiers, app version, crash reports
D) Payment Data
- Payment processing is handled by our payment providers (RevenueCat, Stripe, Apple, Google). We do not store full payment card details.
4. How We Use Your Data
- Provide and operate the Services
- Process subscriptions and payments
- Improve the product and user experience
- Communicate with you about the Service
- Comply with legal obligations
5. Sharing Your Data
A) Vendors / Processors
- Auth0 (authentication)
- Microsoft Azure (hosting, AI services)
- ElevenLabs (voice processing)
- Google Analytics (in-app analytics)
- RevenueCat (subscription management and billing infrastructure)
- Stripe (payment processing for web subscriptions)
- Apple App Store / Google Play (in-app purchases)
We do not sell your personal data.
6. Your Rights
You may have rights to access, correct, delete your data, object to processing, and lodge a complaint with a supervisory authority.
Contact: dpo@bionutara.fr
7. Data Retention
- Account data: retained for the duration of your account
- User content: up to 24 months
- AI logs: up to 24 months
8. Security
We implement appropriate technical and organisational measures to protect your data, including encryption and access controls.
9. International Transfers
We may transfer data outside the UK/EEA with appropriate safeguards (UK IDTA, EU SCCs).
10. Children
The Services are not intended for children under 18.
11. Changes
We may update this Privacy Policy and will notify you of material changes.