Legal

Privacy Policy

Version 1.0 · Effective May 2026 · Language: English

 The short version: Levare is a personal lifestyle support tool for people following a GLP-1 journey. It is not a medical device. All data you enter stays exclusively on your device - Levare has no access to your data at any time, and never transmits it to any external server.

Important: Levare is a lifestyle support tool. The content in this app does not constitute medical, nutritional, or therapeutic advice. Always consult your doctor or specialist before making any decisions about your health or treatment.

1. Data controller

Because all data is processed exclusively by you, for personal use, on your own device, Levare operates under the household exemption of Art. 2(2)(c) GDPR. You are the data controller of your own information.

For any questions about this policy: privacy@levare.app

2. What data Levare handles

Levare only handles data you enter manually. Nothing is collected automatically. The categories are:

Category	Examples	Storage
Injection / dose logs	Date, time, dose chosen, site, personal notes	Device only
Weight & measurements	Weight, body fat % (self-entered), body measurements	Device only
How you feel	Self-reported symptoms, perceived intensity, notes	Device only
Nutrition	Protein, water, calories, food noise (self-perception)	Device only
Physical activity	Type, duration, intensity	Device only
Personal journal	Free text, mood	Device only
Profile	Name, chosen drug, dose, personal goals	Device only
Menstrual cycle	Dates, personal notes (opt-in)	Device only · never shared

This data falls under health-related personal data as defined by Art. 9 GDPR. All values are manually entered by you and reflect personal self-perceptions - not clinical measurements or medical assessments.

3. How your data is handled

Local storage only. All data is saved exclusively in your device's local storage (Hive on mobile, localStorage on web). Levare has no servers, no cloud database, and no backend infrastructure for user data.

PDF report. The document generated for your doctor's appointment is created entirely on your device. No data is uploaded to any external server during PDF generation.

Optional backup. If you enable backup to iCloud (iOS) or Google Drive (Android), your data syncs to your personal Apple or Google account, subject to Apple's and Google's respective privacy policies. Levare has no access to this backup.

Notifications. Reminders are managed through your device's local notification system (iOS/Android). No health-related data is transmitted to Apple Push Notification Service or Firebase Cloud Messaging. Notifications contain only the text you configured (e.g. "Levare - reminder").

4. Data Levare does NOT collect

No usage analytics or telemetry
No crash reports or diagnostics containing health information
No advertising identifiers (IDFA / GAID)
No location data
No biometric authentication data
No payment information (handled by App Store / Google Play)

5. Community insights - future optional feature

Levare may offer in the future an optional anonymous comparison feature ("community insights"). If and when available, this feature will:

Require explicit, separate, granular consent - distinct from accepting these terms
Transmit only aggregated data with differential privacy - no individually identifiable records
Never include menstrual cycle data, body composition, or journal entries
Be deactivatable at any time, with immediate deletion of aggregated data

This feature, if introduced, will be accompanied by a specific supplementary notice and a Data Protection Impact Assessment (DPIA) under Art. 35 GDPR before activation.

6. Legal basis for processing

Processing of health-related personal data within Levare is based on your explicit consent under Art. 9(2)(a) GDPR, expressed through voluntary use of the app and confirmed during onboarding.

As data is processed exclusively by you for personal purposes on your own device, the exemption under Art. 2(2)(c) GDPR for purely personal or household activities also applies.

7. Your rights

Under Arts. 15–22 GDPR you have the right to:

Access: view all your data at any time via the Report section of the app
Rectification: edit or correct any entry directly in the app
Erasure: delete individual records or all data via Settings, or by uninstalling the app
Portability: export your data in JSON format via the app's export function
Objection: stop using the app at any time

Since all data lives locally on your device, you can exercise these rights directly through the app - no need to contact Levare.

8. Data retention

Data is kept on your device until you delete it or uninstall the app. Levare does not impose any minimum or maximum retention period. No copy of your data exists on Levare's servers - because Levare has no servers.

9. Security

Data is stored in your device's secure storage system (Keychain on iOS, Keystore on Android), protected by OS-level encryption. On web, data is stored in your browser's localStorage, protected by same-origin policies.

We recommend protecting your device with a PIN, fingerprint, or Face ID to prevent unauthorized access to your personal data if your device is lost.

10. Levare is not a medical device

Levare is a personal lifestyle support tool for people following a GLP-1 journey. The content in this app does not constitute medical, nutritional, or therapeutic advice. Always consult your doctor or specialist before making any health or treatment decisions.

Levare is not a medical device under EU Regulation 2017/745 (MDR). It does not provide diagnoses, does not prescribe treatments, and does not replace in any way the advice of your doctor, endocrinologist, or any other healthcare professional.

Specifically:

The food noise indicator is a subjective self-perception logged by you - not a validated clinical measure
Clinical benchmarks shown in the app (e.g. SURMOUNT-1, STEP trial data) are provided for general informational context only - they are not personalised medical assessments
Pharmacokinetic information (curves, half-lives, estimated levels) is framed temporally and contextually ("36 hours after your injection") - not as pharmacological guidance
Meal and nutrition suggestions are personal starting points, not prescribed dietary plans
Automatic prompts (e.g. body composition reminders) are informational nudges based on data you self-entered - not clinical evaluations

Any decision regarding your therapy - dose, timing, escalation, or discontinuation - must be made exclusively with your healthcare provider.

11. Cloudflare Turnstile

The Levare website (levare.app) uses Cloudflare Turnstile to protect forms (such as the waitlist sign-up) from automated bot submissions. Turnstile runs lightweight JavaScript challenges in your browser to distinguish human visitors from bots.

To do this, Cloudflare processes certain technical signals including your IP address, TLS fingerprint, User-Agent header, and sitekey. Cloudflare states it cannot directly identify any individual from these signals. No health data is involved in this process.

Cloudflare acts as a data processor for bot detection purposes. For full details on how Cloudflare handles Turnstile data, please refer to the Cloudflare Turnstile Privacy Addendum.

12. Children

Levare is not intended for anyone under 18. We do not knowingly handle data from minors. If you believe a minor is using the app, please contact us.

13. Changes to this policy

Material changes to this policy will be communicated via in-app notification at least 30 days before taking effect. The updated version will always be available at levare.app/privacy. Continued use of the app after changes take effect constitutes acceptance of the updated policy.

14. Contact & complaints

For any questions about this policy: privacy@levare.app

You have the right to lodge a complaint with your local data protection authority. In Italy: garanteprivacy.it. In the EU, you can contact the supervisory authority in your country of residence.