PRIVACY POLICY

Last Updated: February 27, 2026 UPDATED

← Back to Home

The TCM Analysis app is operated by Altin Vital.

At Altin Vital ("we", "our", "the company"), operating the TCM Analysis application, we respect your privacy. This Privacy Policy explains how your personal information is collected, used, and protected when you use our mobile application.

Data Controller: Altin Vital

🆕 What's New (February 27, 2026)

We've updated our privacy policy to provide more transparency about:

  • AI Service Usage: Detailed information about how we use OpenAI for tongue analysis
  • App Tracking Transparency: Clear disclosure of tracking activities and your consent options
  • Enhanced User Controls: More information about your rights and how to exercise them

1. INFORMATION COLLECTED

1.1 Account Information

When you sign in to our application with Google Authentication, we collect the following information:

  • Name and surname
  • Email address
  • Google profile photo
  • Unique user ID

1.2 Health and Medical Information

To provide tongue analysis services, we collect the following information:

  • Tongue photos (front, right side, left side, bottom view)
  • Age, gender, height, weight information
  • Health complaints and symptoms
  • Analysis results and TCM assessments

1.3 Camera and Photo Access

To take tongue photos:

  • Camera access permission
  • Photo gallery access permission

1.4 Usage Information

  • Application usage statistics
  • Analysis history
  • Credit usage information
  • Purchase history

1.5 Device Information

  • Device model and operating system
  • Application version
  • Language and region settings
  • Unique device identifiers

2. USE OF INFORMATION

We use the information we collect for the following purposes:

2.1 Service Provision

  • Performing tongue analysis and providing TCM assessment
  • Providing personalized health recommendations
  • Storing and displaying your analysis history

2.2 Account Management

  • Creating and managing user accounts
  • Authentication and security
  • Credit system and purchase transactions

2.3 Application Improvement

  • Improving service quality
  • Resolving technical issues
  • Developing new features

2.4 Communication

  • Informing about important updates
  • Responding to support requests
  • Sending security notifications

3. INFORMATION SHARING

3.1 Third-Party Service Providers

Your information is shared only with the following trusted service providers:

  • Firebase (Google): Authentication, database, cloud storage
  • OpenAI: Tongue analysis and AI assessment (see section 3.4 for details)
  • RevenueCat: In-app purchase management
  • Google Cloud Platform: Server infrastructure and data processing

3.2 Legal Requirements

We may share your information in the following cases:

  • Legal obligations and court orders
  • Protecting user safety
  • Preventing fraud
  • Protecting our legal rights

3.3 Information Not Shared

We never share your personal and health information:

  • We do not sell to third-party advertisers
  • We do not share for marketing purposes
  • We do not share with others without your permission

3.4 AI Service Data Sharing (OpenAI) 🆕

IMPORTANT: AI Processing via OpenAI

Altin Vital uses OpenAI's artificial intelligence service to analyze your tongue photos and provide Traditional Chinese Medicine assessments.

Before your first analysis, you will be asked for explicit permission to send your data to OpenAI.

What Data is Sent to OpenAI?

  • Tongue photographs (all 4 angles)
  • Patient information (name, age, gender) if provided
  • Previous analysis results (for follow-up analyses)

How is the Data Used?

  • Purpose: Only for Traditional Chinese Medicine (TCM) tongue analysis
  • Processing: Data is processed according to OpenAI's privacy policy
  • Training: Your data is NOT used for AI model training
  • Retention: Data is deleted after analysis is complete
  • Security: All data is transmitted with end-to-end encryption

Your Consent

  • You will be asked for explicit permission before your first analysis
  • You can decline, which will cancel the analysis
  • Your consent is stored on your device
  • Consent is cleared when you log out
  • You can withdraw consent at any time by logging out and back in

OpenAI Privacy Policy

For more information about how OpenAI handles your data, please visit: https://openai.com/privacy

4. DATA TRACKING AND TRANSPARENCY 🆕

4.1 App Tracking Transparency (iOS)

On iOS devices, we request your permission before tracking your activity across other companies' apps and websites. This permission is requested when you first open the app.

What We Track (if you allow):

  • User ID for analytics
  • Health data usage patterns
  • Product interaction for improving user experience

Your Rights:

  • You can choose "Ask App Not to Track" to decline
  • You can change your preference in iOS Settings > Privacy > Tracking
  • Declining tracking does not affect core app functionality

4.2 Data Collection Purpose

We collect data to:

  • Improve app functionality and user experience
  • Understand how features are used
  • Provide personalized health recommendations
  • Ensure app security and prevent fraud

5. DATA SECURITY

5.1 Security Measures

  • Data transmission with SSL/TLS encryption
  • Database protection with Firebase security rules
  • API key security with Google Cloud Secret Manager
  • Regular security updates
  • End-to-end encryption for sensitive health data

5.2 Data Storage

  • Tongue photos are stored encrypted in Firebase Storage
  • Analysis results are securely kept in Firestore database
  • All your data is permanently deleted when account is deleted
  • Data is stored in Europe (europe-west1) region

6. USER RIGHTS

6.1 Right of Access

  • View your personal information
  • Access your analysis history
  • Update your account information

6.2 Right to Deletion

  • Delete your account and all your data
  • Delete specific analysis records
  • Delete your photos

6.3 Data Portability

  • Right to download and export your data

6.4 Right to Object

  • Object to data processing activities
  • Refuse marketing communications
  • Withdraw AI service consent

6.5 Right to Withdraw Consent 🆕

  • You can withdraw your consent for AI analysis at any time
  • Log out and log back in to be asked for consent again
  • Withdrawing consent will prevent future analyses until consent is granted again

7. CHILDREN'S PRIVACY

Our application is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will delete that information immediately.

8. INTERNATIONAL DATA TRANSFER

Your data is stored on servers in the Europe (europe-west1) region. However, as our service providers (Firebase, OpenAI) use global infrastructure, your data may be transferred to different countries. These transfers are made in compliance with GDPR and other data protection laws.

OpenAI Data Transfer:

  • OpenAI may process your data in the United States
  • Data transfer is protected by standard contractual clauses
  • OpenAI complies with applicable data protection regulations

9. COOKIES AND TRACKING TECHNOLOGIES

Our application uses:

  • Authentication tokens for session management
  • Application performance monitoring
  • Error reporting and analytics
  • Crash reporting for app stability

We do not use third-party advertising cookies.

10. PRIVACY POLICY CHANGES

We may update this Privacy Policy from time to time. When there are significant changes:

  • We will show notifications in the application
  • We will inform you by email
  • We will change the update date

Your continued use of the application after changes are published means you accept the new policy.

11. HEALTH INFORMATION WARNING

⚠️ IMPORTANT: This application is for educational and informational purposes.

It does not replace medical diagnosis, treatment, or professional medical advice. Always consult a licensed healthcare professional for health problems.

Tongue analysis results:

  • Are based on Traditional Chinese Medicine principles
  • Include AI-assisted assessment
  • Are not definitive medical diagnosis
  • Are for informational purposes only
  • Should not be used as the sole basis for medical decisions

12. GDPR COMPLIANCE (EUROPEAN UNION)

For EU citizens, GDPR rights:

  • Right to be forgotten
  • Right to data portability
  • Right to restrict processing
  • Right to object to automated decision-making processes
  • Right to lodge a complaint with a supervisory authority
  • Right to withdraw consent at any time

13. CONTACT

App Operator & Data Controller: Altin Vital

For questions about our privacy policy or your data:

Email: tcmanalysisapp@gmail.com

In-App Support: Settings > Help and Support

For data protection requests:

  • Account deletion: Settings > Account > Delete Account
  • Data download: Settings > Privacy > Download My Data
  • Communication preferences: Settings > Notifications
  • Withdraw AI consent: Log out and log back in

14. ACKNOWLEDGMENT

By using this application, you:

  • ✓ Have read this Privacy Policy
  • ✓ Accept the collection and processing of your personal and health information
  • ✓ Understand that your data will be shared with OpenAI for analysis purposes
  • ✓ Accept our Terms of Use
  • ✓ Are over 13 years of age
  • ✓ Understand your right to withdraw consent at any time

15. THIRD-PARTY SERVICE PRIVACY POLICIES

For complete information about how our third-party service providers handle your data:

This privacy policy was last updated on February 27, 2026

© 2026 Altin Vital (TCM Analysis). All rights reserved.