Join our waitlist

Updated on December 9, 2025

Updated on December 9, 2025

Privacy policy

Bllod ("we," "our," or "us") respects your privacy and is committed to protecting your personal health data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application and related services.

Bllod ("we," "our," or "us") respects your privacy and is committed to protecting your personal health data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application and related services.

1. Information We Collect

When you use Bllod, we may collect the following categories of information:

1.1 Account Information

  • Full name

  • Email address

  • Age and date of birth

  • Gender (as provided by you)

1.2 Health Data

  • Medical files: PDFs, images, or other documents of your medical exams that you choose to upload

  • Health metrics: Weight, blood work results, glucose levels, sleep data, and other wellness indicators you manually enter or that are extracted from your documents

1.3 Usage Data

  • Information about how you interact with our app (e.g., features used, uploads, views, frequency of use)

  • App preferences and settings

1.4 Device and Technical Information

  • Device type and model

  • Operating system and version

  • App version

  • IP address

  • Unique device identifiers

  • Crash logs and performance data

We do not collect financial information, payment card details, or unrelated personal data.

When you use Bllod, we may collect the following categories of information:

1.1 Account Information

  • Full name

  • Email address

  • Age and date of birth

  • Gender (as provided by you)

1.2 Health Data

  • Medical files: PDFs, images, or other documents of your medical exams that you choose to upload

  • Health metrics: Weight, blood work results, glucose levels, sleep data, and other wellness indicators you manually enter or that are extracted from your documents

1.3 Usage Data

  • Information about how you interact with our app (e.g., features used, uploads, views, frequency of use)

  • App preferences and settings

1.4 Device and Technical Information

  • Device type and model

  • Operating system and version

  • App version

  • IP address

  • Unique device identifiers

  • Crash logs and performance data

We do not collect financial information, payment card details, or unrelated personal data.

2. Legal Basis for Processing (EU/EEA and UK Users)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Contract Performance: To provide you with our services as described in our Terms of Service

  • Consent: For processing your health data (which is considered "special category data" under GDPR) and for optional AI-powered features. You provide explicit consent when you create an account and upload health documents.

  • Legitimate Interest: For security, fraud prevention, service improvement, and analytics, where these interests do not override your fundamental rights

  • Legal Obligation: To comply with applicable laws and regulations

You may withdraw your consent at any time by deleting your account or contacting us at bllodhealth@gmail.com. Withdrawal of consent does not affect the lawfulness of processing conducted prior to withdrawal.

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Contract Performance: To provide you with our services as described in our Terms of Service

  • Consent: For processing your health data (which is considered "special category data" under GDPR) and for optional AI-powered features. You provide explicit consent when you create an account and upload health documents.

  • Legitimate Interest: For security, fraud prevention, service improvement, and analytics, where these interests do not override your fundamental rights

  • Legal Obligation: To comply with applicable laws and regulations

You may withdraw your consent at any time by deleting your account or contacting us at bllodhealth@gmail.com. Withdrawal of consent does not affect the lawfulness of processing conducted prior to withdrawal.

3. How We Use Your Data

We use your information to:

  • Provide secure storage and access to your medical exams and health records

  • Display, organize, and help you manage your health metrics

  • Improve our services through usage analysis and feedback

  • Develop and enhance features including AI/OCR parsing, search functionality, and data visualization

  • Communicate with you about updates, new features, security alerts, or support inquiries

  • Ensure the security and integrity of our platform

  • Comply with legal obligations

We do not sell your personal data to third parties.

4. Sensitive Health Data

The files and data you upload may contain sensitive medical information. We take this responsibility seriously:

  • Ownership: You remain the sole owner of your data at all times

  • Control: You control who accesses your files. We will not share them with any third party without your explicit consent

  • Purpose Limitation: Your health data is used only to provide and improve our services to you

  • Minimization: We only collect and process health data that is necessary for the functionality you use

5. AI and Automated Data Processing

To help you organize and understand your health data, we may process your files using:

  • Regex patterns: To identify and extract structured data from known document formats

  • Optical Character Recognition (OCR): To convert images and scanned documents into text

  • AI/Machine Learning models: To extract, categorize, and standardize health metrics from various document formats

Important notices about AI processing:

  • This processing is performed solely to improve your user experience

  • AI-powered features are optional and can be disabled in your settings

  • AI parsing may not be fully accurate; you should always verify extracted data

  • We do not use your personal health data to train general AI models shared with other users

  • Automated processing does not result in decisions that produce legal or similarly significant effects on you

6. Data Storage and Security

6.1 Storage Location

Your data is stored on secure servers provided by DigitalOcean, with data centers located in [SPECIFY REGIONS, e.g., "the United States and the European Union"].

6.2 Security Measures

We implement industry-standard security measures including:

  • Encryption in transit (TLS/SSL) and at rest (AES-256)

  • Secure authentication via Firebase Auth

  • Regular security audits and vulnerability assessments

  • Access controls limiting employee access to personal data

  • Secure backup procedures

6.3 Limitations

Despite our efforts, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee its absolute security. You use Bllod at your own risk and are responsible for maintaining the security of your account credentials.

6.1 Storage Location

Your data is stored on secure servers provided by DigitalOcean, with data centers located in [SPECIFY REGIONS, e.g., "the United States and the European Union"].

6.2 Security Measures

We implement industry-standard security measures including:

  • Encryption in transit (TLS/SSL) and at rest (AES-256)

  • Secure authentication via Firebase Auth

  • Regular security audits and vulnerability assessments

  • Access controls limiting employee access to personal data

  • Secure backup procedures

6.3 Limitations

Despite our efforts, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee its absolute security. You use Bllod at your own risk and are responsible for maintaining the security of your account credentials.

7. International Data Transfers

If you are located outside of Brazil, your data may be transferred to and processed in countries where our servers or service providers are located.

For EU/EEA and UK users: When we transfer your personal data outside the European Economic Area or the United Kingdom, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission

  • Transfers to countries with an adequacy decision from the European Commission

  • Other legally recognized transfer mechanisms

You may request a copy of the safeguards we use by contacting us at bllodhealth@gmail.com.

9. Third-Party Services

We use trusted third-party service providers to help operate our platform:

  • Firebase (Google)Authentication, analytics, crash reporting

  • DigitalOceanCloud infrastructure and file storageAll data (encrypted)

These providers:

  • Are bound by data processing agreements

  • Comply with industry security standards

  • Cannot access your data beyond what is strictly necessary to provide their services

  • Are required to protect your data in accordance with applicable laws

10. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

10.1 All Users

  • Access: Request a copy of the data we hold about you

  • Correction: Request correction of inaccurate or incomplete data

  • Deletion: Delete your account and all stored files at any time through the app

  • Export: Request your data in a portable, machine-readable format

10.2 EU/EEA and UK Users (GDPR)

In addition to the above, you have the right to:

  • Restrict processing: Request limitation of how we process your data

  • Object: Object to processing based on legitimate interests

  • Withdraw consent: Withdraw consent for processing at any time

  • Lodge a complaint: File a complaint with your local data protection supervisory authority

10.3 Brazilian Users (LGPD)

Under Brazil's Lei Geral de Proteção de Dados, you have equivalent rights including access, correction, anonymization, portability, and deletion. You may also request information about public and private entities with whom we have shared your data.

10.4 California Users (CCPA/CPRA)

California residents have the right to:

  • Know what personal information is collected and how it is used

  • Request deletion of personal information

  • Opt-out of the sale of personal information (we do not sell your data)

  • Non-discrimination for exercising your privacy rights

To exercise any of these rights, contact us at support@bllod.com or use the in-app account settings.

11. Data Breach Notification

In the event of a data breach that affects your personal information:

  • We will notify affected users via email within 72 hours of becoming aware of the breach

  • We will notify relevant supervisory authorities as required by applicable law

  • Our notification will include: the nature of the breach, likely consequences, measures taken to address it, and steps you can take to protect yourself

12. Children's Privacy

Bllod is not intended for use by children under 16 years of age (or under 16 in certain jurisdictions) without parental or guardian consent.

We do not knowingly collect personal information from children without appropriate consent. If we learn that we have collected data from a child without proper authorization, we will delete that information promptly.

If you believe a child has provided us with personal data without consent, please contact us at bllodhealth@gmail.com.

13. Do Not Track Signals

Our app does not currently respond to "Do Not Track" browser signals, as there is no industry standard for handling such signals in mobile applications.

14. Changes to This Policy

We may update this Privacy Policy as our services evolve or as required by law. When we make material changes:

  • We will notify you via email and/or a prominent notice within the app

  • We will update the "Last Updated" date at the top of this policy

  • Continued use of Bllod after changes take effect constitutes acceptance of the updated policy

We encourage you to review this policy periodically.

15. Contact Us

f you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: bllodhealth@gmail.com

For EU/EEA users, you may also contact your local data protection supervisory authority if you have concerns about how we handle your data.

We aim to respond to all inquiries within 30 days.

f you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: bllodhealth@gmail.com

For EU/EEA users, you may also contact your local data protection supervisory authority if you have concerns about how we handle your data.

We aim to respond to all inquiries within 30 days.

© 2024 Bllod. All rights reserved.