Privacy Policy

Last updated: 28th December 2025

Origin Labs s.r.o. (Company ID as registered in the Czech Republic) (“Origin Labs”, “we”, “our”, or “us”) is committed to protecting your privacy. This Privacy Policy (“Policy”) explains how we collect, use, share, and protect personal information when you use:

  • The Nutrinaut mobile application (“Nutrinaut” or the “App”)
  • Our website at nutrinaut.app (the “Website”)
  • Any related services, support channels, and integrations (collectively, the “Services”)

By using the Services, you agree to this Policy.

1. Who we are (data controller)

Data controller: Origin Labs s.r.o.
Address: Wichterlova 2372/8, Prague, Czechia
Contact email: [email protected]

If you have privacy questions or requests, contact us using the details above.

2. Summary of how Nutrinaut uses health data

Nutrinaut is a performance coach. Its core purpose is to help you improve performance by optimizing training load (strain), recovery, sleep, and nutrition guidance, including recommendations such as when to train, when to prioritize recovery, suggested bedtime, and nutrition adjustments (for example, increasing carbohydrates or protein depending on recovery and training demands).

If you connect Health Connect, Nutrinaut may process health and fitness data to:

  • estimate recovery readiness and training strain trends
  • detect signs of under-recovery (for example, elevated resting heart rate or low oxygen saturation relative to your usual range)
  • personalize sleep guidance (bedtime suggestions and responses to low deep sleep patterns)
  • adapt nutrition guidance to support performance and recovery
  • track progress over time (weight trends, activity energy, sleep consistency)

You control whether Health Connect is connected and which data types Nutrinaut can access.

3. Information we collect

3.1 Information you provide directly

  • Account information (for example, email, name if provided)
  • Profile information (for example, age range, height, weight if you enter it, goals, preferences)
  • Manual logs you add in the App (for example, meals, training sessions, notes)
  • Support communications (emails, bug reports, feedback)

3.2 Health Connect data (with your permission)

If you choose to connect Health Connect, Nutrinaut may read certain health data types through Health Connect. Nutrinaut requests only the permissions needed for the performance coaching features you enable.

Data types we may read (Health Connect):

  • Heart rate (including resting heart rate trends, where available)
  • Blood oxygen saturation (SpO2)
  • Sleep (sleep sessions and sleep stage-related summaries where available)
  • Steps and activity data
  • Active calories / energy burned (activity energy expenditure)
  • Weight (to support weight trend insights and personalized nutrition targets)

Data types we may write (Health Connect) – optional features
Depending on your settings, Nutrinaut may write:

  • Workout/training sessions you log in Nutrinaut to Health Connect
  • Weight you enter in Nutrinaut to Health Connect (if you enable sync)

If you do not enable write-back, Nutrinaut will not write data to Health Connect.

3.3 Automatically collected technical and usage data

  • Device and app information (OS version, device identifiers as permitted, app version)
  • Logs and diagnostics (crash reports, performance logs)
  • App usage events (screens viewed, feature usage) to improve stability and usability

3.4 Cookies (Website)

The Website may use cookies or similar technologies for essential functionality and basic analytics. You can control cookies through your browser settings.

4. Why we need each health metric (solid justifications)

Nutrinaut’s performance coaching depends on a combination of recovery signals, sleep behavior, and activity load. Each metric below is used for a specific, user-expected function:

4.1 Heart rate (and resting heart rate trends)

Used for:

  • estimating training load/strain patterns (how hard your body is working)
  • recovery readiness indicators (for example, sustained elevation in resting heart rate compared to your usual range can indicate insufficient recovery, illness stress, or overreaching)
  • improving timing and intensity recommendations (for example, suggesting easier training or rest when recovery signals are poor)

Why it is necessary: heart rate-derived signals are among the most direct, day-to-day indicators of physiological strain and recovery, which are core to Nutrinaut’s performance guidance.

4.2 Blood oxygen saturation (SpO2)

Used for:

  • identifying potential oxygenation drops that can correlate with poor sleep quality, breathing-related sleep issues, high fatigue, or environment-related factors (for example, altitude)
  • improving recovery confidence and safety of training recommendations (for example, if oxygenation is unusually low relative to your typical range, Nutrinaut can reduce intensity suggestions and prioritize recovery and sleep)
  • supporting sleep and recovery insights that are performance-oriented

Why it is necessary: oxygenation is a recovery quality signal. Integrating SpO2 strengthens the accuracy of “train vs recover” guidance and sleep optimization recommendations, particularly when combined with sleep data.

4.3 Sleep (duration, timing, consistency, and available sleep summaries)

Used for:

  • bedtime recommendations and sleep timing guidance to maximize recovery and next-day performance
  • identifying under-sleep patterns and recovery risk
  • tailoring advice when deep sleep is low (for example, prioritizing longer sleep opportunity, reducing late-day intensity, focusing on consistent bedtime routines)

Why it is necessary: sleep is a primary driver of recovery and performance. Nutrinaut’s core product value includes recommending when to sleep and when to train based on recovery, which requires access to sleep data.

4.4 Steps and activity

Used for:

  • measuring daily activity load outside of workouts (important for total fatigue and recovery)
  • calibrating strain and recovery recommendations (for example, high step counts may increase daily load and reduce readiness for additional intense training)
  • supporting consistency tracking and coaching prompts (for example, low-activity days versus baseline)

Why it is necessary: total daily activity materially affects recovery and performance. Without steps/activity, the app cannot accurately model overall strain beyond intentional workouts.

4.5 Active calories / calories burned (activity energy expenditure)

Used for:

  • estimating total daily energy demand to avoid under-fueling or over-fueling relative to performance goals
  • supporting nutrition guidance that improves recovery (for example, recommending more carbohydrates on high-load days)
  • contextualizing training load with energy expenditure

Important note: Nutrinaut may include calorie tracking features, but calories are treated as a supporting signal. The primary purpose is performance and recovery optimization through training, sleep, and nutrition guidance.

4.6 Weight

Used for:

  • tracking progress trends over time (for example, weight management goals, body composition direction signals where users choose to track)
  • calibrating personalized nutrition targets (for example, energy targets and macro recommendations often depend on body mass and goals)
  • improving accuracy of performance and fueling recommendations

Why it is necessary: weight improves personalization and trend tracking. Users can use Nutrinaut without weight syncing, but weight enables more precise, goal-aligned nutrition planning.

5. Background access and automatic syncing

If you enable Health Connect integration and the relevant settings, Nutrinaut may sync data in the background to keep your recovery, strain, sleep, and nutrition guidance up to date without requiring you to open the app. Background syncing is used to:

  • keep daily readiness recommendations current
  • support timely sleep and recovery guidance (for example, morning recovery updates and bedtime suggestions)
  • avoid gaps in daily activity load modeling

You can disable Health Connect integration or background syncing in your device settings and/or in the app settings (depending on platform capabilities).

6. How we use your information

We use data to:

  • provide and operate the Services
  • personalize performance coaching insights (training, recovery, sleep, nutrition)
  • maintain your account and sync settings
  • provide customer support and respond to requests
  • improve reliability, safety, and performance of the app (bug fixes, crash diagnostics)
  • comply with legal obligations and enforce our terms

We do not use health data for advertising profiling.

7. How we share your information

We do not sell your personal data, including health data.

We may share data only as necessary:

7.1 Service providers (processors)

We use service providers to host and operate the Services (for example, infrastructure, databases, authentication, and diagnostics). This may include Firebase (Google) for authentication and data storage.

  • Data transmitted between your device and our servers is protected using encryption in transit (HTTPS/TLS).
  • Data stored in our backend is protected using encryption at rest provided by our infrastructure providers.

We also use access controls (see Security section) to restrict data access.

7.2 Legal and safety

We may disclose information if required by law or to protect the rights, safety, and security of Origin Labs, our users, or others.

7.3 Business transactions

If we undergo a merger, acquisition, or asset sale, your information may be transferred as part of that transaction. We will provide notice where required.

7.4 With your consent

We may share information if you explicitly direct us to do so.

8. Security measures

We implement administrative, technical, and organizational measures designed to protect your data:

  • encryption in transit (HTTPS/TLS) for communications between the app and backend
  • encryption at rest provided by our hosting infrastructure
  • Firebase Authentication for user identity and session control
  • per-user access control using backend security rules and least-privilege principles (users can only access their own data)
  • restricted internal access (only authorized personnel with a business need can access production systems)
  • monitoring and logging for abuse prevention and incident response
  • where supported, app integrity controls may be used to reduce unauthorized access (for example, integrity checks)

No method of transmission or storage is 100% secure, but we maintain safeguards appropriate to the sensitivity of health data.

9. Data retention and deletion

9.1 Retention

We retain personal data, including health data, for as long as:

  • your account remains active, and
  • the data is needed to provide the Services (performance insights, trends, and history)

We may retain limited data longer where required for legal compliance, dispute resolution, or security.

9.2 Deletion by you

You can request deletion in one of the following ways:

  • In-app: Settings – Account – Delete account / Delete health data (if available)
  • By email: [email protected]

9.3 Deletion timeline

We aim to complete deletion requests within 30 days, unless legal obligations require longer. Backup copies may persist for a limited period as part of routine backup policies and will be overwritten on the normal backup cycle.

10. Your controls and choices

  • Health Connect permissions: You can grant or revoke permissions at any time in Health Connect settings.
  • What happens if you revoke access: Nutrinaut will stop importing (and if enabled, writing) Health Connect data after revocation. Previously stored data in your Nutrinaut account may remain until you delete it or delete your account.
  • Account settings: You can update profile information and preferences in the app.

11. International data transfers

Our service providers may process data on servers located outside your country. Where required, we use appropriate safeguards for international transfers (for example, contractual protections).

12. Legal bases (EEA/UK users)

If you are in the European Economic Area or the UK:

  • We process account and service data as necessary to perform the contract (provide the Services).
  • We process health data and other sensitive data based on your explicit consent (for example, when you connect Health Connect and grant permissions), and you may withdraw consent at any time by revoking permissions and/or requesting deletion.

13. Your rights (EEA/UK and similar jurisdictions)

Depending on your location, you may have rights to:

  • access your personal data
  • correct inaccurate data
  • delete your data
  • restrict or object to certain processing
  • data portability
  • lodge a complaint with your local data protection authority

To exercise these rights, contact: [email protected]

14. Children’s privacy

Nutrinaut is not intended for children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided data, contact us and we will take appropriate steps to delete it.

15. Prominent disclosure and consent

Where required, Nutrinaut provides an in-app disclosure before requesting access to sensitive permissions (including health data) explaining what data will be accessed, how it will be used, and how it will be stored. We request your affirmative consent before processing health data via Health Connect.

16. Changes to this Policy

We may update this Policy from time to time. We will post the updated version on nutrinaut.app and update the “Last updated” date. If changes are material, we will provide additional notice where required.

17. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Mail: Origin Labs s.r.o. – Wichterlova 2372/8, Prague, Czechia

Email: [email protected]

Founder Verification & Authorized Outreach Domains

My legal name is Jevgenij Blagodarny (I also go by Eugene Blago in developer communities). I am the founder and managing director of Origin Labs s.r.o.

This statement is published by Origin Labs on an Origin Labs–controlled website and serves as public confirmation of my identity and role.

Official verification contact: [email protected]
Postal address: Origin Labs s.r.o., Wichterlova 2372/8, Prague, Czechia

Authorized Outreach Email Domains

For deliverability and brand-safety, our team may contact you from the following domains. Emails from these domains are authorized by Origin Labs s.r.o.: 

@getoriginlabs.com
@nutrinautapp.com
@theoriginlabs.com
@useoriginlabs.com
@getnutrinaut.com
@trynutrinaut.com

If you receive a message and want to confirm its authenticity, please forward it to [email protected] for verification.

Security note: Origin Labs will never ask for your passwords or request direct crypto transfers via email. Any invoices will clearly identify Origin Labs s.r.o. as the counterparty.

Signed,
Jevgenij Blagodarny (“Eugene Blago”)
Founder, Origin Labs s.r.o.