Privacy Policy

Allergy, Inflammation and the Microbiome Research Institute Inc. d/b/a Inlet Health ("Inlet Health," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and protect your information when you access or use our company website (www.inlet-health.com), the NIK app website (www.nowiknow.io), our mobile applications, including the NIK mobile application (“NIK” or the “App”) and related Services (collectively, the "Services"). This Privacy Policy applies to all Services, including the NIK mobile application.

By using the Services, you consent to the practices described in this Privacy Policy.

​

 

1. Applicability & Jurisdiction

 

This Privacy Policy applies to all users of the Inlet Health app and website, regardless of their country of residence. However, the Services are primarily directed to users in the United States. If you access the Services from outside the U.S., you understand that your data will be processed in the United States or other jurisdictions, and such processing may be subject to different data protection laws.

For residents of the EU, UK, or other regions with data protection laws, we rely on Standard Contractual Clauses and other safeguards for cross-border transfers. For California residents, your rights under the California Consumer Privacy Act (CCPA) are described in the ‘Your Rights’ section below.

 

2. Information We Collect

​

We may collect the following categories of information:

 

- Personal Information: Name, email address, phone number and contact preferences.

​

- Wellness and Physiological Data: Heart rate (including average heart rate trends) and observed indicators of physiological recovery and response derived from the heart rate collected via wearable devices or entered manually.

​

- Activity Information: We collect information about your activity on our Services, such as food or drink items logged by you, and how they affect you.

​

- Device and Usage Information: We may collect information about how you access our Services, including data about the device and network you use, such as your hardware model, operating system version, mobile network, IP address, unique device identifiers, browser type, and app version. We also collect information about your activity on our Services, such as access times, pages viewed, links clicked, clickstream data, and the page you visited before navigating to our Services. 

​

- Platform-Integrated Health Data: With your permission, we may access data from Apple HealthKit, Google Fit, or similar platforms.

 

3.  Information We Derive

​

We may derive or infer information about you based on the data we collect—for example, identifying associations between food choices and logged data or physiological responses or tracking physiological trends over time.

Note on Data Accuracy: The information we collect and derive is intended for personal wellness observation only. We rely on the accuracy of data provided by third-party platforms (like HealthKit) and user inputs. As such, derived insights represent observed correlations and trends rather than clinical measurements or medical diagnoses.

The Services are not intended to diagnose, treat, cure, or prevent any disease and do not provide medical advice. The Services do not diagnose food allergies, sensitivities or intolerance.

 

4. Use of Information

​

We use the information we collect to:

 

- Provide, operate, improve the Services, and develop new products and services; 

 

- Analyze and Visualize Data: We process your heart rate data and consumption logs to identify physiological trends. These analyses are based on proprietary calculations of heart rate averages during specific consumption phases to provide the Service's core visualization features;

 

- Improve and Develop our Services: We use anonymized and aggregated data to train and refine our proprietary physiological models. This internal processing is used solely to enhance the accuracy, features, and future methodologies of the Service.  We do not use your data to train third-party AI or Large Language Models (LLMs), nor do we share it with external parties for such purposes;

 

- Personalize your experience and deliver insights based on physiological and activity data as discussed above;

​

- Administer surveys and user experience improvements;

​

- Communicate with you about your account or technical issues;

​

- Ensure compliance with applicable laws and platform terms;

​

- Analyze usage trends and maintain security;

​

- Create de-identified or aggregated data sets for research and analytics;

​

- Carry out any other purpose described at the time of data collection or to which you consent and that is in compliance with Apple’s HealthKit, Google Fit, and other platform-specific requirements (you can revoke consent at any time - see “Your Choices” section).

​

5. Health Platform Compliance

​

We only use HealthKit, Google Fit, or similar platform data to provide health and wellness Services. We do not use such data for advertising, marketing, or resell such data. Our use complies with Apple’s HealthKit, Google Fit policies, and other platform-specific requirements. We further confirm that HealthKit and Google Fit data are used solely to provide and improve the app’s health and wellness features and are not used for data mining, advertising, marketing, or sale to third parties. Such data is processed only to provide the features you request and can be disabled at any time through your device settings.

​

6. Sharing of Information

​

We do not sell your personal or health data. We may share information:

• With vendors and service providers under strict confidentiality;

• In connection with legal obligations or to protect rights and safety;

• With your explicit consent for other purposes;

• Between affiliated companies under common ownership.

We do not sell your personal or health data to any third parties, including data brokers or advertising networks. We do not track users across third-party apps or websites and do not link your health data with third-party data for advertising purposes. We may also use or share aggregated or de-identified data that cannot reasonably identify you.

​

7. Legal Basis for Processing

​

We rely on the following legal bases to process personal data:

• Your consent (especially for sensitive health data);

• Contract performance (e.g., providing Services);

• Compliance with legal obligations;

• Legitimate interests (e.g., service improvement, fraud prevention).

 

8. Data Retention

​

We store personal data associated with your account for as long as your account remains active. We retain other data only as long as necessary for operational or legal purposes, including to provide the Services, comply with legal obligations, resolve disputes, and enforce our agreements. If you request account deletion, we will delete or de-identify your personal data within 30 days, unless retention is required by law.

​

9. Your Rights

​

Depending on your jurisdiction (e.g., California, Colorado, Connecticut, Utah, Virginia, EU/UK), you may have rights to:

• Access personal data we hold about you;

• Request correction or deletion of your data;

• Withdraw consent at any time (especially for health data);

• Object to or restrict processing;

• Opt out of targeted advertising or data sharing (Inlet Health does not sell or use HealthKit, Google Fit, or similar platform data for advertising or marketing);

• Appeal denial of privacy requests;

• Lodge a complaint with a data protection authority.

• To exercise these rights, contact support@nowiknow.io.

​

10. Your Choices

 

Account: Update or correct your account details directly in the app. To delete your account, you can do so within the app or by emailing support@nowiknow.io. You may disable or revoke Inlet Health’s access to Apple HealthKit or Google Fit at any time through your device settings.

Communications: Unsubscribe from promotional emails using the link provided. Essential service messages (e.g., account, billing, policy changes) will continue to be sent.

Push Notifications: Manage or turn off push notifications in your device settings without affecting core app functionality.

Access & Correction: You may request a copy of your personal data or corrections to inaccurate information by contacting us at support@nowiknow.io.

Deletion: You may request deletion of personal data by contacting us or doing so within the NIK app. Certain information may be retained as required by law or for legitimate business purposes.

 

11. Security

 

We implement technical and organizational measures to protect your information. Data is encrypted in transit and at rest. However, no method of transmission or storage is 100% secure.

 

12. Cookies and Similar Technologies

 

Although our mobile application does not use cookies in the traditional web browser sense, we may use similar tracking technologies within the app to enable functionality and improve performance. These technologies may include:

• Local Storage / Preferences: Used to remember your settings, keep you signed in, and support app functionality.

• Unique Device Identifiers: Used for device recognition and basic app operations. We do not use these identifiers for targeted advertising.

• Analytics and Performance SDKs (such as Firebase Analytics or Crashlytics): Used to help us understand how the Services are used, monitor performance, and diagnose crashes or errors.

• Other Similar Tools: Technologies that store or access information on your device for the sole purpose of providing and improving the Services. We do not use cookies, SDKs, or similar technologies to track you across third-party websites or applications.

You may disable or reset certain device identifiers or limit analytics tracking through your device settings. Please note that disabling these features may affect some functionality of the Services.

 

13. Children’s Privacy

 

Our Services are strictly limited to users 18 years of age and older, except where expressly part of an approved research study conducted under institutional review. We do not knowingly collect personal information from anyone under 18.

​

14. International Data Transfers

 

If you are located outside the U.S., your data may be transferred to and processed in the U.S. or other countries. We take steps to ensure adequate protections are in place for such transfers.

If personal data is transferred to a country not recognized as providing an adequate level of protection, we use Standard Contractual Clauses approved by the European Commission or UK ICO, or obtain your explicit consent, as required by law. In addition, we implement supplementary safeguards in line with the Schrems II ruling, including use of AWS UK/EU hosting, end-to-end encryption, audit logging, and access restrictions to minimize any risks from U.S. government access requests.

 

15. Third-Party Services

 

Our Services may link to or integrate with third-party platforms (e.g., Apple HealthKit, Google Fit). We are not responsible for their privacy practices. Please review their policies.

 

16. Changes to This Policy

 

We may update this Privacy Policy periodically. We will notify you of material changes via the Services or email. Continued use constitutes acceptance of the updated terms.

​

17. Contact Us

If you have any questions regarding these Terms or the Privacy Policy, please contact us:

• For App Support: support@nowiknow.io

• For Legal or Privacy Inquiries: legal@inlet-health.com

• Company Website: www.inlet-health.com

• App Website: www.nowiknow.io

       Mailing Address:  2040 Las Lunas St. Pasadena, CA 91107  (Allergy, Inflammation and the Microbiome Research Institute Inc. with trade name Inlet Health)        

      Telephone: +1 323 763 0712

We will review and respond to your request within a reasonable time and in accordance with applicable law. Depending on your jurisdiction, you may also have the right to contact your local data protection authority if you have concerns about how your data is handled.