Privacy Policy
OzNauz by Humilitas Group Limited
nozless.com
Effective Date: March 29, 2026
Last Updated: March 29, 2026
1. Introduction
Humilitas Group Limited, Toronto, Canada (“we,” “us,” or “our”) operates OzNauz, a recipe and meal planning app for people on GLP-1 medications, accessible at nozless.com (the “Service”). OzNauz helps you find meals that work for you through our proprietary Gigi Score analysis.
We are committed to protecting your privacy and handling your personal information with the care and transparency it deserves. This Privacy Policy explains how we collect, use, disclose, retain, and protect your personal information when you use our Service.
This Privacy Policy complies with the Personal Information Protection and Electronic Documents Act (PIPEDA), British Columbia's Personal Information Protection Act (BC PIPA), and other applicable Canadian privacy legislation.
2. Information We Collect
Privacy-First Design
We do not store your meal descriptions or photos in our database by default. Your meal data is analyzed in real-time and discarded immediately after analysis. This minimizes privacy risk and protects your personal information.
2.1 Information You Provide Directly
- Account Information: Email address and basic profile information
- Meal Content: Meal descriptions or photos submitted for real-time analysis only (see Section 2.4 for storage exceptions)
- Preferences You've Shared with Gigi: GLP-1 medication type, dosage, and any preferences you choose to configure to personalize your Gigi Scores
- Payment Information: Processed by Stripe (we only receive transaction confirmations)
- Communications: Support requests and feedback
2.2 Information Collected Automatically
- Usage Data: Pages viewed, features used, timestamps
- Device Information: IP address, browser type, operating system
- Log Data: Server logs with request information
2.3 Medication-Related Information
Important: How We Handle Medication Preferences
OzNauz processes information you choose to share about your medication use and dietary habits. These preferences exist solely to personalize your Gigi Scores. We treat all such information with heightened care. OzNauz is an informational tool, not a medical device, and is not subject to health information legislation such as PHIPA or HIPAA.
Your Gigi Scores and analysis history are stored in your account. Your original meal descriptions and photos are not stored by default.
2.4 Meal Content Storage Exceptions
By Default: Your Meal Data is NOT Stored
When you submit a meal for analysis, we process it in real-time and immediately discard the meal description or image. We only store the Gigi Score results and recommendations, not your original meal content.
Limited Exceptions:
- Error Debugging (Automatic): If an analysis fails or errors occur, we may temporarily store your meal data for up to 48 hours to diagnose and fix the issue. This data is automatically deleted after 48 hours.
2.5 Community Contributor Feature (Optional)
You may optionally enable the Community Contributor feature in your settings. If enabled, you can submit simple feedback on whether a meal worked for you. This feedback is used in aggregate to improve Gigi Scores for all users.
This feature is entirely opt-in. We will never prompt you for feedback or send notifications about it. Your individual feedback is never shared with other users. Only aggregated, anonymized patterns are used to improve the scoring.
3. How We Use Your Information
Core Service Functions:
- Gigi Score Meal Analysis: Your meal description or photo is transmitted to a third-party parsing service to identify ingredients, then scored by our proprietary Gigi Score engine
- Account Management: Maintaining your account and analysis history
- Payment Processing: Processing payments via Stripe
Service Improvement:
- Analyzing aggregated usage data to improve features
- Maintaining security and performance
- Diagnosing technical issues
4. How We Share Your Information
We do not sell, rent, or trade your personal information.
We share your information only with trusted service providers necessary to operate the Service.
| Service Provider | Location | Data Transferred |
|---|---|---|
| OpenAI | United States | Meal descriptions/photos for ingredient parsing |
| Supabase | United States | Account data, Gigi Score results |
| Vercel | United States | Web requests, IP addresses, usage data |
| Stripe | United States | Payment transaction data |
Cross-Border Data Transfers
Your personal information may be transferred to and processed in the United States. When transferred to the U.S., your information becomes subject to U.S. laws and may be accessible to U.S. law enforcement and national security authorities.
By using the Service, you acknowledge and consent to the transfer of your personal information outside of Canada.
5. Confidentiality of Your Information
Everything you share with Gigi stays between you and Gigi. Your meal analyses, preferences, medication details, and Gigi Scores are confidential. We do not share your individual information with other users, advertisers, or any third party except the service providers listed above, who process data solely to operate the Service.
If you opt into the Community Contributor feature, only anonymized, aggregated data is used to improve scores. Your individual meals and feedback are never visible to anyone else.
6. Data Retention and Deletion
Retention Periods:
- Account Information: Duration of active account + up to 12 months
- Meal Content: NOT STORED (analyzed in real-time and discarded)
- Gigi Score Results: Stored for the duration of your account
- Debug Logs (Errors Only): Maximum 48 hours, then automatically deleted
- Payment Records: Minimum 7 years (Canadian tax law requirement)
- Usage & Log Data: Up to 12 months
Your Right to Deletion
You may request deletion of your account and associated personal information at any time. We will complete your deletion request within 30 days. Contact us at privacy@nozless.com to request deletion.
7. Security Measures
We implement reasonable security safeguards including:
- Encryption in Transit: All data encrypted using TLS/HTTPS
- Encryption at Rest: Database encryption using industry-standard protocols
- Authentication Security: Secure passwordless authentication via Supabase Auth
- Access Controls: Restricted access on need-to-know basis
- API Security: Encrypted and authenticated third-party communications
8. Your Privacy Rights
Under PIPEDA and BC PIPA, you have the right to:
- Access: Request access to your personal information
- Correction: Request correction of inaccurate information
- Withdraw Consent: Withdraw consent to data collection/use
- Deletion: Request deletion of your personal information
- Complain: File a complaint with the Privacy Commissioner
To exercise any of these rights, contact us at privacy@nozless.com. We will respond within 30 days.
9. Contact Our Privacy Officer
Humilitas Group Limited
Attention: Privacy Officer
Email: privacy@nozless.com
This Privacy Policy was last updated on March 29, 2026.
Humilitas Group Limited. All rights reserved.