Your Data, Your Control

Privacy is a Right, Not a Feature

At Leo, we believe your health data belongs to you -- and only you. We never sell, share, or monetize your personal information. We're different because we built our business model around respecting your privacy, not exploiting it.

View Security DetailsYour Data Rights

Our Data Promise

These aren't just policies -- they're promises we make to every Leo user.

We Never Sell Your Data

Your health information is never sold, shared, or monetized. Period. We make money from subscriptions, not from exploiting your personal data.

Your Data Stays Yours

You own your health data completely. We're just the custodian -- storing and protecting it on your behalf. You can export or delete it anytime.

Complete Transparency

You can see exactly what data we store and who has accessed it. Our audit logs show every interaction with your health information.

Healthcare-Grade Security

We use the same security standards as major hospitals -- HIPAA compliance, AES-256 encryption, and continuous security monitoring.

What We Never Do

Some things are off the table. Forever.

  • Sell your data to advertisers or data brokers
  • Share your health information with insurance companies
  • Use your data for targeted advertising
  • Allow third parties to access your data without your explicit consent
  • Keep your data after you delete your account
  • Use your health data for training purposes without anonymization and consent

How We're Different

Most health apps treat your data as a product. We treat it as a responsibility.

Feature
Leo
Most Health Apps
Sells user data
Third-party ad tracking
Complete data export
Full data deletion
Per-user encryption keys
Zero-knowledge PHI storage
Cryptographic key exchange for sharing
Open audit logs

What We Collect & Why

We only collect what's necessary to provide you with the best health management experience.

Health Data

  • Medications & doses
  • Vital signs
  • Sleep patterns
  • Workout data
  • Symptoms & mood
Purpose: To help you track and manage your health

Account Data

  • Email address
  • Name
  • Profile photo
  • Preferences
Purpose: To identify your account and personalize your experience

Device Data

  • Device type
  • App version
  • Crash reports
Purpose: To fix bugs and improve the app

Usage Data

  • Feature usage (anonymized)
  • Performance metrics
Purpose: To understand how to make Leo better

Your Data Rights

You have complete control over your health data. Here's what you can do.

Right to Access

Download all your health data at any time in standard formats (JSON, CSV, PDF). Your complete health record is always available to you.

Right to Delete

Request complete deletion of your account and all associated data. We'll remove everything within 30 days, with a confirmation email.

Right to Correction

Update or correct any inaccurate information in your health record. Your data should always reflect the truth.

Right to Know

Be notified if your data is ever involved in a security incident. We'll tell you what happened and what we're doing about it.

Built for Global Compliance

We designed Leo from the ground up to meet the strictest privacy regulations worldwide, so your data is protected no matter where you live.

HIPAA-- U.S. healthcare privacy law
GDPR-- EU General Data Protection Regulation
CCPA-- California Consumer Privacy Act
PIPEDA-- Canadian privacy law
Data Residency
You choose where your data lives
United StatesAvailable
European UnionAvailable
United KingdomAvailable
CanadaAvailable
AustraliaAvailable
GDPR Compliance

Lawful Basis for Processing

Under Article 6 of the GDPR, we process your personal data on the following legal grounds.

Consent (Art. 6(1)(a))

Analytics cookies, marketing communications, and optional health insights. You can withdraw consent at any time.

Contract Performance (Art. 6(1)(b))

Processing health data, medication tracking, and vital signs necessary to deliver the service you signed up for.

Legal Obligation (Art. 6(1)(c))

Maintaining audit logs and responding to lawful data access requests from authorities.

Legitimate Interest (Art. 6(1)(f))

Fraud prevention, service security, and essential site functionality. We perform balancing tests to ensure your rights are protected.

Data Processors

We work with trusted service providers who process data on our behalf under strict data processing agreements.

Processor
Purpose
Location
Google Cloud / Firebase
Authentication, database, cloud functions, analytics
United States
Google Analytics
Anonymous website traffic analysis (with consent)
United States
Stripe
Payment processing for donations and subscriptions
United States
Shopify
Ambassador rewards store and product fulfillment
Canada / United States
Apple HealthKit
On-device health data sync (data stays on device)
On-device only

International Data Transfers

Leo is operated from the United States. If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, your personal data may be transferred to and processed in the United States.

We protect these transfers through:

  • Standard Contractual Clauses (SCCs) -- approved by the European Commission for EU-US data transfers
  • Data Processing Agreements -- with all sub-processors requiring equivalent safeguards
  • Encryption in transit and at rest -- AES-256 encryption for all stored data

Data Retention Periods

Health & medication dataUntil you delete it or your account
Account informationDuration of account + 30 days after deletion
Audit logs7 years (legal/compliance requirement)
Analytics data14 months (Google Analytics default)
Cookie consent recordsUntil you clear browser storage
Support correspondence2 years after resolution

Your GDPR Rights

Right of Access (Art. 15)

Request a copy of all your personal data

Right to Rectification (Art. 16)

Correct inaccurate personal data

Right to Erasure (Art. 17)

Request deletion of your data

Right to Restrict Processing (Art. 18)

Limit how we use your data

Right to Data Portability (Art. 20)

Receive your data in a machine-readable format

Right to Object (Art. 21)

Object to processing based on legitimate interest

Right to Lodge a Complaint

File a complaint with your local Data Protection Authority

Children's Data Protection

Leo is designed for family use, including children. In compliance with Article 8 of the GDPR:

  • Children under 16 years old require verifiable parental consent before their data can be processed
  • Parent and guardian accounts can manage their children's data, including viewing, exporting, and deleting it
  • We collect only the minimum data necessary for the child's health management
  • Children's data is never used for marketing or profiling purposes
  • Parents can withdraw consent and request deletion at any time

Questions About Your Privacy?

We're happy to answer any questions about how we handle your data. Your trust is the foundation of everything we do.

Contact Privacy TeamTerms of ServiceCookie Policy
Last updated: February 2026 | Effective date: February 7, 2026