Privacy Policy for Leanient
Introduction
This Privacy Policy explains how POPFAME LLC, powered by Boltzman LLC technology ("we," "us," or "our"), handles your personal information when you use the Leanient iOS app (the "App") or visit our website at leanient.app.
Leanient is a wellness and coaching app designed to help people using GLP-1 medications retain muscle, track protein, log workouts and doses, complete weekly check-ins, and see their progress over time. Leanient is not a medical device, and nothing in the App is medical advice, diagnosis, or treatment. Always talk to your clinician about decisions related to your health, medications, or care.
We tried to write this in plain language. If anything is unclear, contact us at dev@boltzman.ai.
Data We Collect
We collect information you provide when you create an account, use the App, or contact us. We also collect some technical data automatically when the App or our servers run.
Account information
When you sign up or sign in, we collect:
- Your name or display name
- Your email address
- Authentication identifiers from Apple Sign-In or Google Sign-In, we do not receive your password
- A profile photo or avatar, if you add one
- Your subscription status
Onboarding and profile information
To personalize the App for you, we ask for:
- Height, current weight, and goal weight
- The GLP-1 medication you take, if any, and your dose schedule
- Your training status and equipment access
- Your protein target and weekly workout target
- Your timezone
- Other preferences and settings you choose
Health and fitness information
The App is built around tracking your progress, so it works with health and fitness data, which may include:
- Weight measurements
- Workouts you log or that are imported
- Steps and active energy
- Body fat percentage, if you choose to log it
This data can come from your direct entry in the App or, with your permission, from Apple Health (HealthKit). See the Apple Health / HealthKit Data section below for important details on how we handle HealthKit-sourced information.
Logs and activity in the App
As you use Leanient, we store:
- Dose logs, when you take your medication
- Meal logs, including protein and calorie information
- Meal photos and scan images, if you use the meal scan feature
- Workout logs
- Side effect logs and notes
- Weekly check-in responses
- Progress photos you upload, including face-check photos
- On-device facial measurements, if you turn on facial volume tracking. These stay on your device, as described in the On-Device Facial Analysis section.
- Measurement logs
- Messages you exchange with the AI coach features
Photos and user content
Progress photos, meal scan photos, and your avatar image are stored using cloud storage, currently AWS S3, and served back to you using short-lived signed URLs. Your photos are used to power App features, such as showing your progress over time, analyzing meals you scan, and displaying your avatar. They are not used for advertising and are not shared with advertisers.
Payment and subscription information
Purchases of Leanient subscriptions are processed by the Apple App Store and managed through RevenueCat. We do not receive or store your full credit card number. From the App Store and RevenueCat, we receive:
- Your subscription status, active, expired, in trial, etc.
- The product or plan you purchased
- Renewal, cancellation, and trial information
- Transaction identifiers and customer identifiers that let us tie your purchase to your Leanient account
Technical data
When you use the App or contact our servers, we may automatically collect:
- Device and app information, such as device model, OS version, and app version
- Request logs and timestamps
- IP address
- Crash and error data
- API request paths
- Authentication and session metadata
- Push notification tokens, if you enable notifications
Notifications
If you turn on reminders or other notifications, we may send them as local notifications on your device or as push notifications via Expo's notification services. You can turn notifications off at any time in App settings or iOS Settings.
Apple Health / HealthKit Data
If you grant Leanient permission to access Apple Health (HealthKit), the App can read and, where applicable, write health and fitness data such as weight, workouts, body fat percentage, steps, and active energy.
A few things we want to be clear about:
- HealthKit access is optional. You control it through iOS Health permissions. The App still works if you do not grant HealthKit access, you can log data manually.
- You can revoke HealthKit permission at any time from the Apple Health app or from iOS Settings > Privacy & Health.
- We use HealthKit data only for App functionality and product personalization. This means showing you your progress, building your weekly verdict, personalizing workouts and targets, and similar features.
- We do not use HealthKit data for any kind of advertising or marketing.
- We do not sell HealthKit data.
- We do not share HealthKit data with data brokers.
Some HealthKit-derived data, such as weight history or workout logs we use to compute your weekly verdict and progress, is stored on our backend so the App can show you your history across devices and over time. We aim to store only the HealthKit-derived information needed to operate features you use.
How We Use Data
We use the information described above to:
- Provide and operate the App
- Personalize your weekly verdicts, workouts, protein targets, coaching, and progress insights
- Process subscriptions and verify entitlements
- Store your logs and progress history so you can see your trends over time
- Send reminders and notifications you have opted into
- Improve reliability, debug issues, and prevent abuse or fraud
- Respond to support requests
- Comply with legal obligations
AI Features and OpenAI
Leanient uses OpenAI to power several features, including:
- The AI coach and chat responses
- Meal scan analysis, interpreting photos of food
- Weekly verdict explanations
- Stall diagnostics
- Today's focus and workout recommendation copy
When you use one of these features, we send relevant context from your Leanient account to OpenAI so it can generate a response. This may include health, fitness, profile, or log information that is needed for the feature to work. We try to send only the information needed for the specific feature, not your entire account.
OpenAI processes this data to generate the response and is contractually limited in how it can use the data. We do not allow OpenAI to use your data to train its general models.
If you do not want your data sent to OpenAI, you can avoid using the AI-powered features in the App. Core tracking features, such as logging weight, workouts, doses, and meals, do not require OpenAI.
Photos and User Content
Progress photos, meal photos, and avatars are stored on cloud infrastructure, currently AWS S3, and shown back to you in the App through short-lived signed URLs. We do not use your photos for advertising. We do not share your photos with third parties except service providers needed to store and deliver them.
You can delete your progress photos at any time within the App. Deleting a photo removes it from your active Leanient experience. Backups may persist for a limited period, as noted in the Data Retention section.
On-Device Facial Analysis
Leanient offers an optional "facial volume tracking" feature that estimates the proportions of your face (such as cheek and jaw width) from your face-check photos, to help you see whether your face is staying full as you lose weight. Because this involves analyzing facial geometry, it is treated as sensitive and is handled as follows:
- Strictly opt-in. The feature is off by default. It runs only after you explicitly turn it on in the App, and we record the date you consented. You can turn it off at any time.
- The analysis runs on your device. Facial landmark detection uses Apple's on-device Vision framework. The resulting facial measurements are stored only on your device and are never uploaded to or stored on our servers.
- Your face-check photos follow the photo rules above. The face-check photos themselves are progress photos, so they are stored on cloud infrastructure and shown back to you through short-lived signed URLs, like your other progress photos. You can delete them in the App at any time.
- It is an estimate, not a diagnosis. The measurements are an on-device estimate of facial proportions for your own tracking. They are not a medical or diagnostic measurement.
- We do not identify you with it. We do not use this feature to recognize or identify you, and we do not create a facial recognition template or "faceprint." It measures proportions to show you a trend over time.
- Turning it off deletes the measurements. When you turn the feature off, the facial measurements stored on your device are deleted. Uninstalling the App also removes them.
Subscriptions and Payments
Leanient subscriptions are sold through the Apple App Store and managed via RevenueCat.
- Apple handles payment processing. Apple's privacy practices apply to your payment information.
- RevenueCat manages subscription state, renewals, trials, and entitlements, and shares the subscription status and identifiers described above with Leanient.
- You can manage or cancel your subscription at any time through your Apple ID account settings, Settings > Apple ID > Subscriptions on iOS.
We do not receive or store your full payment card information.
Notifications
You can enable or disable notifications in App settings or in iOS Settings > Notifications. We use notifications to send reminders, for example dose reminders, check-in nudges, or progress prompts, only if you have turned them on.
How We Share Data
We share personal information only with:
- Service providers that help us operate the App, including Apple, Google, RevenueCat, OpenAI, AWS, MongoDB Atlas, Render, Expo, and email delivery providers.
- Legal and safety reasons. We may share data if required by law, valid legal process, or to protect the rights, property, safety, or security of users, the public, or POPFAME LLC.
- Business transfers. If POPFAME LLC is involved in a merger, acquisition, or sale of assets, your information may be transferred. If that happens, we will let you know and continue to honor this Privacy Policy or notify you of any changes.
We do not sell personal information. We do not share personal data for cross-app tracking purposes. We do not use HealthKit data for advertising or marketing.
Data Retention
We keep your account data and logs while your account is active or as needed to provide the App to you. If you delete your account or request deletion, we remove or de-identify your personal data within a reasonable period, except where we are required to keep it for legal, security, accounting, or fraud-prevention reasons.
Backups and operational logs may persist for a limited time before they are overwritten in normal course.
Your Choices and Rights
You have several ways to control your information in Leanient:
- Access and export. You can view your information in the App. Contact us at dev@boltzman.ai to request a copy of your data.
- Delete your data. You can delete your account from within the App, or contact us at dev@boltzman.ai to request deletion.
- Download your progress photos. Available in the App.
- Revoke Apple Health permissions. Manage this in the Apple Health app or iOS Settings > Privacy & Health.
- Turn off notifications. Available in the App or iOS Settings.
- Cancel subscriptions. Manage in Settings > Apple ID > Subscriptions on iOS.
- Privacy requests. Email dev@boltzman.ai with any privacy-related question or request.
Depending on where you live, you may have additional rights:
- California residents. You may have rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete personal information, the right to correct inaccurate information, and the right not to be discriminated against for exercising your rights. We do not sell personal information.
- EEA / UK residents. If you are in the European Economic Area or the United Kingdom, you may have rights under the GDPR including access, rectification, erasure, restriction, portability, and objection. The legal bases for our processing are typically: performance of a contract with you, our legitimate interests, your consent, and legal obligations.
You can exercise any of these rights by contacting dev@boltzman.ai. We may ask you to verify your identity before we act on a request.
Security
We use reasonable safeguards to protect your information, including encryption in transit and short-lived signed URLs for private images. No system is perfectly secure, and we cannot guarantee absolute security. If we become aware of a security incident that affects your information, we will notify you and the appropriate authorities as required by law.
Children
Leanient is intended for adults. We do not knowingly collect personal information from children under 13, or under the age where local law requires parental consent. If you believe a child has provided us with personal information, please contact dev@boltzman.ai and we will delete it.
International Transfers
Leanient is operated from the United States, and your information will be processed in the United States. If you access the App from outside the United States, your information will be transferred to and processed in the United States, which may have data protection rules different from those in your country.
Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will let you know through the App or by email before the changes take effect. The Effective date at the top tells you when the current version went into effect.
Contact Us
If you have any questions, requests, or concerns about this Privacy Policy or your information:
Email: dev@boltzman.ai
Company: POPFAME LLC, powered by Boltzman LLC technology
App: Leanient (Bundle ID: ai.boltzman.leanient)