Privacy Policy — Nelaton

Effective date: 14 October 2025 • Version: v2025-10-14

This Privacy Policy (the “Policy”) applies to the Nelaton mobile application (the “App”) and related services provided by Ulibkin OÜ (Estonia), acting as the data controller (“we”, “us”). You may use the App only after accepting this Policy and the Terms of Use. For the processing of health data, we will ask for your explicit consent inside the App.

1. At a glance (TL;DR)

Summary

Your data, including health records, is stored in the cloud in the EU (Supabase) with encryption in transit and at rest.
Using the App requires your explicit consent to process health data and your consent to technical analytics (Amplitude/Google Analytics). Without these consents, the App cannot be used.
We use internal AI algorithms to generate personalised reports. Health records are not shared with analytics providers and are not used to train third-party AI models.
You control your data: you can export, withdraw consents, and delete your account and all data in settings. Backups are purged within 30 days.
Sign-in is via e-mail (account required).
The App is not intended for persons under 16.

2. Controller and contact

Controller: Ulibkin OÜ (Estonia)

Contact for data matters: support@nelaton.app

3. What we process and why

Categories of data & purposes

3.1. Account data

What: e-mail, authentication/session tokens, interface language, time zone, notification settings.

Why: create and maintain your account, authentication, interface personalisation, notifications.

3.2. Health data (special category)

What: diary entries (event timestamps, volume/colour, symptoms/well-being, notes), fluid intake, leak events, natural urination, urges, schedules, reminders, attachments/files, generated reports.

Why: core App functions (diary, statistics, reminders), secure synchronisation across devices, export.

3.3. AI reports (internal processing)

What: the health data you entered.

Why: create personalised reports and insights as part of your subscription.

Important: processing takes place in environments we control (server functions/handlers within Supabase EU infrastructure). The contents of your health records are not shared with analytics providers and are not used to train third-party models.

3.4. Technical analytics and diagnostics (external providers)

What: event and technical data (screen views, taps, stability/crashes, OS/App version, device model, system language, IP/region, install/notification identifiers). The contents of your health records are not sent.

Why: improve UX, performance and stability; measure installs/campaigns.

Providers: Amplitude, Google Analytics (product analytics); AppsFlyer (install attribution when IDFA/GAID is permitted by the OS).

3.5. Subscriptions and purchases

What: product identifiers, subscription/purchase status, anonymised receipts/tokens. Full card/payment data is processed by Apple App Store / Google Play.

Provider: RevenueCat (receipt validation/statuses).

3.6. Aggregated/anonymous data

We may use aggregated or anonymous datasets for research and service improvement — such data does not allow identification of a user. If only pseudonymisation is applied, GDPR/UK GDPR still applies.

4. Legal bases (GDPR / UK GDPR)

Grounds for processing

Core functions & sync

Art. 6(1)(b) (contract) and, for health data, Art. 9(2)(a) (explicit consent).

AI reports on health data

Art. 6(1)(b) (contract) plus Art. 9(2)(a) (explicit consent).

Product analytics (Amplitude/GA)

Art. 6(1)(a) — consent (without consent the App is unavailable).

Install attribution (AppsFlyer)

Art. 6(1)(a) — consent (and OS permission for IDFA/GAID).

Minimal security/diagnostics & logging

Art. 6(1)(f) — legitimate interests (abuse prevention, service resilience).

You may withdraw consent in the App settings or by e-mail. Withdrawal does not affect the lawfulness of prior processing but may render the App unavailable.

5. Storage, transfers and recipients

Where we store and who processes data

Supabase (EU) — cloud database/storage and synchronisation. Encryption in transit/at rest, row-level security (RLS), least-privilege access controls.

Amplitude / Google Analytics — product analytics and diagnostics (technical/event data only; not the contents of health records). International transfers, where applicable, rely on SCCs/DPF and data processing agreements.

RevenueCat — subscription management/receipt validation (no card PANs).

AppsFlyer — install/campaign attribution (IDFA/GAID only if permitted by the OS).

Where data is processed outside the EEA, we use Standard Contractual Clauses (SCCs) and other safeguards as required by law. We do not disclose the contents of your health records to advertising networks.

6. Retention and deletion

How long we keep data

We keep data while your account is active or as needed for the purposes in Section 4. You can delete your account and all cloud data in settings: Profile → Settings → Delete account & data. Backups are purged within 30 days. Deletion is irreversible — please export data (PDF/CSV/JSON) beforehand if needed.

7. Your rights

Data subject rights

You have the rights to: access and obtain a copy; rectify inaccuracies; request erasure; restrict processing; receive data in a portable format; object to processing based on legitimate interests; and withdraw consent at any time.

We respond within 1 month (extendable by up to 2 months for complex requests). We may ask you to verify your e-mail/account ownership. You may also lodge a complaint with your local data protection authority or the Estonian authority.

8. Security

Measures we take

We implement organisational and technical measures: TLS encryption, at-rest encryption at providers, access control and auditing, data minimisation and segmentation, stability monitoring and patching. If a personal-data breach creates a high risk to your rights and freedoms, we will notify you and the authorities within statutory timeframes.

9. Age restrictions

Who may use the App

The App is not intended for persons under 16. If we learn that we process data of a person under 16 without the required guardian consent (where applicable), we will delete such data and close the account.

10. Medical notice and liability

Disclaimer and liability

Medical notice. Nelaton is a self-monitoring tool and is not a medical device. It does not replace professional medical advice and is not intended for diagnosis, treatment or prevention of disease. All information is for informational purposes only. Always follow your healthcare provider’s advice.

Liability. To the maximum extent permitted by law, we are not liable for indirect, incidental, punitive damages or loss of profits arising from the use of the App. This does not limit liability that cannot be limited by law. Details are set out in the Terms of Use.

11. Third-party links

External sites

The App may contain links to third-party sites/services. We do not control them and are not responsible for their practices. Please review their privacy policies.

12. Governing law and disputes

Applicable law

This Policy is governed by Estonian law together with applicable GDPR/UK GDPR rules. Disputes are subject to Estonian courts unless mandatory consumer laws provide otherwise.

13. Changes to this Policy

Updates

We may update this Policy. The current version is available in the App and on our website. Where changes materially affect your rights, we will endeavour to notify you via the App and/or app stores.

14. Contact

How to reach us

Ulibkin OÜ

E-mail: support@nelaton.app

Change log

Recent changes

14.10.2025 — migration to EU cloud (Supabase); added AI reports; analytics based on consent (Amplitude/GA), attribution (AppsFlyer), subscriptions (RevenueCat); deletion procedures and 30-day backup retention; age threshold 16+; clarified international transfers (SCC/DPF).