Privacy Policy

Bolus Brain is developed and operated by Liam Biswell, a sole trader based in Leighton Buzzard, England, United Kingdom.

For data protection purposes, Liam Biswell is the Data Controller for all personal data processed through this application.

Contact Details

For all privacy and data protection enquiries:

support@bolusbrain.app

19 Leopold Road, Leighton Buzzard, Bedfordshire, LU7 2QU

This Privacy Policy explains what personal data we collect, why we collect it, how we use it, how long we keep it, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018), as amended by the Data (Use and Access) Act 2025.

This policy is written in plain English. If anything is unclear, please contact us before using the app.

We will notify you of any material changes to this policy by in-app notification. Continued use of the app after notification constitutes acceptance of the updated policy.

3.1 Special Category Health Data (Highest Protection)

The following data is classified as special category data under Article 9 of the UK GDPR and receives the highest level of legal protection:

• Glucose readings (mmol/L) drawn from your connected CGM integration (e.g. LibreLinkUp, Nightscout)
• Insulin doses you log manually within the app
• Meal names, descriptions, and photographs you upload
• AI-assisted carb estimates generated from your meal photographs (see Section 8.1)
• Glucose response curves (start glucose, peak glucose, time to peak, total rise) automatically calculated after meals
• Context flags you choose to log (Exercise, Illness, Stress)
• Snack logs and quick-log entries
• Equipment profiles (insulin brand, delivery method, CGM type)
• Hypo treatment records
• Time in Range (TIR) calculations derived from your CGM glucose data
• Session grouping and meal pattern classifications (e.g. grouping meals into dining sessions and categorising glucose responses)

3.2 Account and Technical Data

• Email address and password hash (for account creation and authentication)
• Demographic information you provide during onboarding (age range, gender, T1D duration, latest HbA1c) — all optional
• Device type, operating system version, and app version (for technical support and crash diagnostics)
• Timestamps of app activity (for data accuracy and pattern calculations)

3.3 Data We Do NOT Collect or Sell

• We do not collect your name
• We do not collect location data
• We do not use advertising trackers or analytics SDKs that profile you
• We never sell, rent, or trade your identifiable personal data to any third party
• We never share your identifiable health data with insurers or employers
• If you opt in to anonymised data sharing (see Section 8.3), fully anonymised and aggregated data may be shared with research partners — but your identity is never attached and you can opt out at any time

Under UK GDPR, we must have a lawful basis to process your personal data. Because we process health data (special category data), we need both a lawful basis under Article 6 and a condition under Article 9.

Your Explicit Consent

Because we process health data, we will ask for your explicit, informed, and freely given consent during onboarding. You may withdraw this consent at any time by deleting your account. Withdrawal will not affect the lawfulness of processing before withdrawal.

We apply the principle of data minimisation and do not keep your data longer than necessary.

Why 3 Years?

A 3-year retention period allows the app to identify meaningful long-term patterns in your glucose data (e.g. seasonal variation, changes after medication adjustments) while keeping data storage proportionate. You may request earlier deletion at any time — see Section 7.

6.1 Where Your Data is Stored

• App data (meals, insulin, glucose curves) is stored in a PostgreSQL database hosted by Supabase in London, UK (eu-west-2)
• Meal photographs are stored locally on your device. When you use the AI carb estimation feature, photographs are sent to Anthropic's API for processing and are not retained by Anthropic after the response is generated
• Your CGM glucose data is fetched from your connected CGM service (e.g. LibreLinkUp, Nightscout) — we do not store your CGM credentials on our servers

6.2 Security Measures

• Passwords are hashed using bcrypt — we never store plaintext passwords
• All data is transmitted using TLS 1.2 or higher encryption
• Database access is restricted to application services only — no public access
• Meal photographs are stored in private, access-controlled buckets
• We carry out periodic security reviews of our infrastructure

6.3 Data Breach

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the Information Commissioner's Office (ICO) within 72 hours and notify you without undue delay, as required by UK GDPR Article 33–34.

You have the following rights regarding your personal data. To exercise any of these rights, contact us at the address in Section 1. We will respond within one calendar month.

If you believe we have handled your data incorrectly, you have the right to complain to the Information Commissioner's Office (ICO):

• Website: ico.org.uk
• Helpline: 0303 123 1113
• Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

We do not sell, rent, or trade your personal data. We share data only in the following limited circumstances:

8.1 Service Providers (Data Processors)

We use the following third-party processors who act on our instructions:

• Supabase (London, UK) — cloud database hosting for app data. Subject to Supabase's Data Processing Agreement.
• Anthropic (San Francisco, USA) — AI-powered carb estimation from meal photographs. Photos are sent via encrypted HTTPS, processed ephemerally (not stored by Anthropic after the response), and are only sent when you explicitly use the "Estimate carbs" feature after granting separate in-app consent. You can revoke this consent at any time in Settings. Anthropic's API terms prohibit them from using your data to train their models.

All processors are required to implement appropriate security measures and may not use your data for their own purposes.

8.2 Legal Obligations

We may disclose data if required to do so by law, court order, or regulatory authority. We will notify you where legally permitted to do so.

8.3 Anonymised Data Sharing (Opt-In)

We will NEVER sell or share your identifiable health data. However, if you choose to opt in, we may share fully anonymised and aggregated data with selected research partners to help advance Type 1 diabetes care. Here is exactly how this works:

• What is shared: aggregated, population-level statistics only — such as average glucose responses to common meal types, carb-to-insulin ratios across demographics, and glycemic variability trends. No individual meal logs, glucose traces, or personal records are ever shared.
• How it is anonymised: data is stripped of all identifiers (email, device ID, timestamps), aggregated across many users, and subjected to statistical thresholds so that no individual can be re-identified.
• Who may receive it: academic and NHS research institutions (e.g. NIHR, Diabetes UK-funded studies) and insulin manufacturers (e.g. Novo Nordisk, Eli Lilly, Sanofi) conducting research to improve insulin therapies and diabetes outcomes.
• How you control it: the app includes a dedicated Data Sharing toggle in Settings. This is off by default. You are introduced to this choice during onboarding, but you can change it at any time. Opting out takes effect immediately — your data will no longer be included in future anonymised datasets.
• What is NOT shared: we will never share anonymised data with insurance companies, employers, or any party whose use could disadvantage individuals with diabetes.

Your core app data (meals, insulin, glucose curves, account information) is stored in the UK by Supabase (London, eu-west-2).

When you use the AI carb estimation feature, meal photographs are sent to Anthropic's servers in the United States for processing. This transfer is covered by your explicit, opt-in consent (UK GDPR Article 49(1)(a)). Photos are processed ephemerally and not retained by Anthropic.

If any of our processors operate outside the UK/EEA, we will ensure that appropriate safeguards are in place (such as UK adequacy decisions or Standard Contractual Clauses) as required by UK GDPR Chapter V.

Your CGM glucose data is fetched from your connected CGM service. We do not control where your CGM provider hosts their infrastructure.

Bolus Brain is not designed for children under 13. We do not knowingly collect personal data from children under 13. If you are a parent or guardian and believe your child has provided data to us, please contact us and we will delete it promptly.

Users aged 13–17 should obtain parental consent before using the app.

Bolus Brain does not make automated decisions that produce legal or similarly significant effects on you. The app displays historical data and patterns from your own records to inform your personal decisions. No automated dosing recommendations are generated.

Under the UK Data (Use and Access) Act 2025, automated decision-making based on special category health data that has significant effects on you requires your explicit consent and the right to human review. We do not engage in such processing.

The Bolus Brain mobile app uses minimal local device storage for the following purposes only:

• Authentication token — to keep you logged in between sessions
• App preferences — display settings you have configured

We do not use advertising cookies, tracking pixels, or third-party analytics frameworks.

Liam Biswell is registered with the Information Commissioner's Office (ICO) as a data controller. ICO Registration Number: ZC100677 (registered 02 March 2026, expires 01 March 2027).

This registration covers the processing of personal data in connection with the Bolus Brain application.

We may update this Privacy Policy from time to time. When we do:

• We will update the version number and effective date at the top of this document
• We will notify you via in-app notification before the changes take effect
• For material changes affecting how we process health data, we will ask for renewed consent where required

You can always find the current version of this policy in the app under Settings > Privacy Policy.

Data Controller Contact

Liam Biswell

Email: support@bolusbrain.app

19 Leopold Road, Leighton Buzzard, Bedfordshire, LU7 2QU

Response time: We aim to respond to all data requests within 30 days.