Privacy Policy

Last Modified: May 7, 2026

Introduction

GlucoSense Inc. (“Company”, “we” or “our”) respects your privacy and are committed to protecting it through our compliance with this policy.

This policy describes the types of information we may collect from you or that you may provide when you use, subscribe, visit or view the following Platform, together with its pages, features and functions, and our practices for collecting, using, maintaining, protecting, and disclosing that information.

  1. Our website: https://www.glucosense.ai/ and other related desktop and smartphone applications (our “Website”); and
  2. Glucose monitor, insulin pump, wearable, and connected health platform which are owned by you, used by you and/or connected to Company's services (the “Equipment”).

Website and Equipment are collectively referred to as “Platform”.

This Policy applies only to information we collect on or through our Platform. This Policy does not apply to information that we collect offline, or that you provide to, or is collected by any third party, which may have their own privacy policies that we encourage you to read before providing your information on or through them. This Policy also applies to your subscription or use of the services provided by Company (“Services”).

Please read this Policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, please do not use our Platform. By accessing or using this Platform, you agree to the contents of this Policy. This policy may change from time to time. Your continued use of our Platform after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Children Under the Age of 18

You must have reached the age of majority to register as a member of or be permitted use of the Platform. Any information we receive from people we believe to be under this age will be purged from our database.

We do not knowingly collect personal information from children under 18. If you are under 18, do not use or provide any information on our Platform or through any of its features, register on our Platform, make any purchases through our Platform, use any of the interactive or public comment features of our Platform, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we find or are made aware that we have collected or received personal information from a child under 18 without verification of parental consent, we will make reasonable efforts to delete that information.

Information We Collect About You and How We Collect It

We collect information from and about users of our Platform, including information:

  1. By which you may be personally identified, such as name, postal address, e-mail address, telephone number, gender, age, IP addresses, any other identifier by which you may be contacted online or offline (“personal information”);
  2. Details of transactions you carry out through our Website and of the fulfillment of your orders of products or use of your services;
  3. Health information, such as physical or psychological state of health (e.g., weight, glucose, insulin and laboratory data), disease or other ailments, medical history, medical treatment or diagnosis, health care provider information, activity metrics (e.g., steps taken, amount of exercise, calories burned, heart rate, and eating and sleeping habits);
  4. About your internet connection, the equipment you use to access our Platform, and usage details.

Information You Provide to Us

The information we collect on or through our Platform may include:

  1. Information that you provide by filling in forms on our Platform. This includes information provided at the time of registering to use our Platform, subscribing to our services, posting material, or requesting further services.
  2. Records and copies of your correspondence (including email addresses), if you contact us.
  3. Your search queries on our Platform.
  4. Analytic tools and services, which are sometimes offered by third parties, and which track, measure and/or generate information about a website's or program's traffic, sales, audience and similar information.

Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with our Platform, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

  1. Details of your visits to and use of Platform, including traffic data, location data, logs, and other communication data and the resources that you access and use on our Platform.
  2. Information about your computer and internet connection, including your IP address, operating system, and browser type.

The technologies we primarily use for this automatic data collection may include:

  1. Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser.
  2. Flash Cookies. Certain features of our Platform may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Platform.
  3. Web Beacons. Our Platform may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit Company, for example, to count users who have visited those pages and for other related Platform statistics.

How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal information:

  1. To present our Platform and its contents to you.
  2. To provide you with information, products, or services that you request from us.
  3. To fulfill any other purpose for which you provided the information.
  4. To develop our Platform, products, and services.
  5. To provide you with support and to respond to your inquiries.
  6. To help maintain the safety, security, and integrity of our Platform, products and services, databases and other technology assets, and business.
  7. For testing, research, analysis, and product development, including to develop and improve our Platform.
  8. To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
  9. To notify you about changes to our Platform or any products or services we offer or provide though it.
  10. To allow you to participate in interactive features on our Platform.
  11. To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  12. To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets.
  13. In any other way we may describe when you provide the information.
  14. For any other purpose with your consent.

Disclosure of Your Information

We may disclose, without restriction, aggregated information about our users, and information that does not identify any individual.

We may disclose personal information that we collect or you provide:

  1. To contractors, service providers, and other third parties we use to support our business.
  2. To our affiliates.
  3. To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets.
  4. For any other purpose disclosed by us when you provide the information.
  5. With your consent.
  6. To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
  7. To enforce our rights arising from any contracts entered into between you and us and for billing and collection.
  8. If we believe disclosure is necessary or appropriate to protect our rights, property, or safety, or the rights, property, or safety of our customers or others.

Company also reserves the right to use data collected on, through, or in relation to the Platform for use in conducting medical research, studies, and publications; provided, however, that any such use of such data will be on an anonymized basis.

Service Providers and Subprocessors

GlucoSense engages the following third-party service providers (“subprocessors”) to process personal information on our behalf in the operation of our Platform. We require each subprocessor to commit, in writing, to confidentiality and security obligations consistent with this Policy and, where applicable, to a Business Associate Agreement under HIPAA or a Data Processing Agreement under GDPR.

  1. Google Cloud Platform— cloud infrastructure provider (compute, storage, databases, and AI/ML services via Vertex AI). Processes application data, including personal information and health information. Hosted in United States regions.
  2. Google Workspace— email, productivity, and workforce identity provider. Processes correspondence with our team, including any personal information you include in support communications. Hosted in the United States.
  3. Terra API— continuous glucose monitor (CGM) data integration provider, used to ingest glucose and device data from Dexcom, Abbott Libre, and other connected devices on your behalf. Hosted in the United States.
  4. PostHog— product analytics provider, used to understand how users interact with the Platform and to improve our features. Processes usage and event data, which may include pseudonymous identifiers. Hosted in the United States.

We review this list at least annually and on any material change to our service providers. If you would like to receive notice of additions or replacements to our subprocessors, please contact us at support@glucosense.ai.

Choices About How We Use and Disclose Your Information

  1. Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent.
  2. Promotions from Us.You can opt-out of receiving certain promotional materials by selecting “unsubscribe” in emails we send to you.

Accessing and Correcting Your Information

You may access, update, or correct your account information directly through the Platform's profile settings at any time. To request access to, correction of, deletion of, or restriction on the use of personal information you have provided to us, please email us at support@glucosense.ai with the subject line “Privacy Request.”

How We Verify Your Identity

To protect your information from unauthorized access, we will verify your identity before fulfilling any privacy request. Verification typically consists of confirming the request from the email address associated with your account or, where appropriate, requiring you to authenticate to your account and submit the request from within the Platform. We may request additional information to verify your identity for sensitive requests or where the request cannot be matched to an active account.

Response Timelines

We will acknowledge receipt of your request within ten (10) business days and aim to respond substantively within thirty (30) calendar days of verification. Where applicable law permits and the complexity of the request requires it, we may extend this period and will inform you of the extension and the reasons for it.

Limitations

We may not accommodate a request if we believe doing so would violate any law or legal requirement, compromise the privacy or security of another person, render information that you or others have a right to retain inaccurate, or interfere with our ability to comply with our legal, regulatory, or contractual obligations. Where we decline a request, we will explain the reason for our decision and inform you of any rights you may have to appeal or escalate, including, where applicable, to a regulatory authority.

Your California Privacy Rights

The following additional privacy notices for California residents supplement the information contained in the other portions of this Policy and apply solely to individuals who reside in the State of California. We adopt this California Notice to comply with the California Consumer Privacy Act, as amended by the California Privacy Rights Act, and their related regulations (collectively the “California Privacy Law” or the “CPL”).

Overview of Consumer Rights Under the CPL

Under the CPL, California consumers have certain rights regarding their personal information, including:

  1. The right to know the categories of personal information that we have collected and the categories of sources from which we obtained such information.
  2. The right to know our business purposes for sharing personal information.
  3. The right to know the categories of third parties with whom we shared personal information.
  4. The right to access the specific pieces of personal information that we have collected.
  5. The right to correct personal information that we have collected.
  6. The right to delete your personal information.
  7. The right to not be discriminated against if you exercise your rights under the CPL.

Sales of Personal Information

In the preceding twelve (12) months, Company has not sold personal information.

Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us through the contact information below. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not deny you goods or services, charge you different prices or rates, provide you a different level or quality of goods or services, or suggest that you may receive a different price or rate.

Your EU Privacy Rights

Persons who are residents of the member countries of the European Union (EU) or other data subjects covered by the EU's General Data Protection Regulation, 2016/679 (GDPR), have certain additional privacy rights under applicable law.

Your Rights as a European Union Citizen

You have a number of rights concerning your personal information that Company holds and uses, including the following:

  1. Right of Access. You have the right to be informed about what personal information Company holds about you and to a copy of this personal information.
  2. Right to Rectification. You have the right to have any inaccurate personal information which Company holds about you updated or corrected.
  3. Right to Erasure. In certain circumstances you may request that Company delete the personal information that Company holds about you.
  4. Right to Complain. You have the right to lodge a complaint regarding the processing of your personal information to an applicable governmental or supervisory authority in your country.
  5. Right to Withdraw Consent. Where processing of personal information is based on your consent, you have the right to withdraw such consent at any time.
  6. Right to Object. Where Company relies on its legitimate interests to process your personal information, you have the right to object to such use.
  7. Right to Restriction. You have the right to request that Company stop using your personal information in certain circumstances.

Data Security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Platform, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Platform. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Platform.

Changes to Our Privacy Policy

If we make material changes to how we treat our users' personal information, we will post the updated version of the privacy policy on the Platform together with the policy's updated effective date. Your continued use of our Platform following the posting of changes constitutes your acceptance of such changes.

We review this Privacy Policy at least annually to ensure it remains accurate and aligned with our practices. The “Last Modified” date at the top of this Policy reflects the date of the most recent review or update.

HIPAA Applicability

GlucoSense's relationship to the federal Health Insurance Portability and Accountability Act of 1996, as amended, and the regulations issued under that law (collectively, “HIPAA”), depends on how you interact with our Platform and Services.

Direct Users

If you use the Platform as an individual consumer (for example, by downloading the GlucoSense mobile application and connecting your own personal device or account), GlucoSense is not acting as a HIPAA-covered entity, and is not acting as a HIPAA business associate of any covered entity, with respect to information you share with us directly. In that case, HIPAA does not apply to our handling of your information. The information you provide is instead governed by this Privacy Policy and any other applicable federal, state, or international privacy law, including the California Privacy Rights Act and the European Union General Data Protection Regulation, where applicable.

Users Whose Data Is Provided Through a Health Plan, Provider, or Other Covered Entity

Where GlucoSense provides Services to a HIPAA-covered entity (such as a health plan, healthcare provider, or healthcare clearinghouse) under a written agreement to handle protected health information (“PHI”) on that covered entity's behalf, GlucoSense operates as a “business associate” as that term is defined under HIPAA, and executes a Business Associate Agreement with the covered entity governing our use and disclosure of PHI. For users whose information is provided to GlucoSense in this manner, HIPAA's Privacy, Security, and Breach Notification Rules apply to that information, and your rights under HIPAA flow through your relationship with the covered entity.

If you are unsure which category applies to you, or if you would like to confirm whether GlucoSense is acting as a business associate with respect to your information, please contact us at support@glucosense.ai.

Contact Information

To ask questions or provide comments about this Policy and our privacy practices, contact us at:

GlucoSense Inc.
Email: support@glucosense.ai