Shotlee LogoShotlee
Skip to main content

YOUR PRIVACY IS IMPORTANT TO US

This Privacy Policy explains how Shotlee Health Technologies ("we," "us," or "our") collects, uses, discloses, and protects your personal information and health data. By using our Service, you consent to the practices described in this Privacy Policy. Please read this document carefully to understand how we handle your information.

1. Introduction and Scope

1.1 Controller and Processor

Shotlee Health Technologies acts as the data controller for personal information collected through the Service. This means we determine the purposes and means of processing your personal data. For users in the European Union, we comply with the General Data Protection Regulation (GDPR). For California residents, we comply with the California Consumer Privacy Act (CCPA).

1.2 Scope of This Policy

This Privacy Policy applies to all information collected through:

  • Our website at www.shotlee.app
  • Our mobile applications for iOS and Android
  • Email, text, and other electronic communications
  • Interactions with our advertising and applications on third-party websites and services
  • Any other means through which you interact with our Service

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide when using the Service:

Account Information:

  • Email address and password
  • Username and display name
  • Profile picture or avatar
  • Date of birth
  • Gender and demographic information (optional)
  • Time zone and language preferences

Health Data:

  • Medication information (names, dosages, schedules, injection dates, administration routes)
  • Health metrics (weight, height, BMI, body measurements, blood pressure, glucose levels, heart rate)
  • Progress photos and images
  • Health goals and targets
  • Side effects, symptoms, and health notes
  • Activity levels and exercise data
  • Dietary information and nutrition logs (if provided)
  • Medical conditions and health history (if provided)

User-Generated Content:

  • Forum posts and comments
  • Chat messages and direct messages
  • Reviews and feedback
  • Survey responses
  • Customer support inquiries

See our Community Guidelines for rules about user-generated content.

Payment Information:

  • Payment card information (processed by third-party payment processors; we do not store full card numbers)
  • Billing address and contact information
  • Transaction history and purchase records

2.2 Information Collected Automatically

When you access or use the Service, we automatically collect certain information:

Device and Usage Information:

  • Device type, model, and operating system
  • Unique device identifiers (UDID, IDFA, Android Advertising ID)
  • IP address and approximate geographic location
  • Browser type and version
  • Pages viewed, features used, and actions taken
  • Date and time of access
  • Referring URL and search terms used
  • App version and configuration settings
  • Crash logs and error reports
  • Performance metrics and analytics data

2.3 Information from Third-Party Sources

We may receive information about you from third-party sources:

  • Social media platforms (if you choose to connect your accounts)
  • Authentication services (Google, Apple, Facebook)
  • Analytics providers
  • Advertising partners
  • Health data integrations (if you authorize connections with other health apps)

2.4 Cookies and Tracking Technologies

We use various tracking technologies to collect information:

Cookies

Small data files stored on your device that enable us to recognize you and remember your preferences

Web Beacons

Small electronic images that track page views and email opens

Local Storage

Browser-based storage for user preferences and session data

Analytics Tools

Third-party analytics services (Google Analytics, Mixpanel, etc.) that collect usage statistics

You can control cookies through your browser settings, but disabling cookies may affect your ability to use certain features of the Service.

3. How We Use Your Information

3.1 Primary Purposes

We use the information we collect for the following purposes:

Service Provision and Maintenance

  • • Provide, operate, and maintain the Service
  • • Process your transactions and manage subscriptions
  • • Send medication reminders and notifications
  • • Enable community features and user interactions
  • • Provide customer support and respond to inquiries

Personalization and Improvement

  • • Generate personalized health insights and recommendations
  • • Create customized analytics and reports
  • • Improve and optimize the Service based on usage patterns
  • • Develop new features and functionality
  • • Train and improve our AI models and algorithms

Communication

  • • Send you technical notices, updates, and security alerts
  • • Provide information about new features and services
  • • Send promotional communications (with your consent)
  • • Respond to your comments, questions, and requests
  • • Conduct surveys and gather feedback

Analytics and Research

  • • Monitor and analyze usage trends and patterns
  • • Conduct statistical analysis and research (using anonymized data)
  • • Measure the effectiveness of marketing campaigns
  • • Generate aggregate insights about user behavior

Advertising and Marketing

  • • Display targeted advertisements based on your interests
  • • Show relevant content and recommendations
  • • Measure ad performance and engagement
  • • Conduct A/B testing and marketing optimization

Security and Compliance

  • • Detect, prevent, and address fraud, abuse, and security incidents
  • • Protect against malicious, deceptive, or illegal activity
  • • Enforce our Terms of Service and other policies
  • • Comply with legal obligations and respond to legal requests
  • • Protect the rights, property, and safety of our users and the public

3.2 Legal Basis for Processing (GDPR)

For users in the European Union, we process your personal data based on the following legal bases:

  • 1.Consent: When you have given explicit consent for specific processing activities (e.g., marketing communications, AI-powered insights)
  • 2.Contractual Necessity: Processing necessary to perform our contract with you (i.e., providing the Service)
  • 3.Legitimate Interests: Processing necessary for our legitimate business interests (e.g., improving the Service, fraud prevention) that do not override your privacy rights
  • 4.Legal Obligation: Processing required to comply with applicable laws and regulations

4. How We Share Your Information

We may share your information in the following circumstances:

With Your Consent

We share your information when you explicitly authorize us to do so, such as when you choose to share data with third-party health applications or connect your social media accounts.

Service Providers and Business Partners

We share information with third-party vendors and service providers who perform services on our behalf:

  • • Cloud hosting providers (AWS, Google Cloud, etc.)
  • • Payment processors (Stripe, PayPal, etc.)
  • • Analytics providers (Google Analytics, Mixpanel, etc.)
  • • Email and communication services
  • • Customer support platforms
  • • AI and machine learning service providers
  • • Advertising networks and partners

These service providers are bound by contractual obligations to keep your information confidential and use it only for the purposes for which we disclose it to them.

Legal Requirements and Protection

We may disclose your information if required to do so by law or in response to:

  • • Valid legal requests (subpoenas, court orders, warrants)
  • • Government investigations or regulatory inquiries
  • • Legal processes and proceedings
  • • Protection of our rights, property, or safety
  • • Protection of our users or the public
  • • Prevention of fraud, abuse, or illegal activity

Business Transfers

In connection with any merger, sale of company assets, financing, acquisition, or similar transaction, your information may be transferred to the successor entity. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.

Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you. This may include:

  • • Statistical information about platform usage
  • • Aggregated health trends and insights
  • • Research data for scientific studies
  • • Industry reports and benchmarks

Public Information

Information you choose to make public through the Service (such as forum posts, public profile information, or community content) may be visible to other users and potentially indexed by search engines.

4.1 We Do Not Sell Your Personal Information

Important: We do not sell your personal information or health data to third parties. While we may share data with service providers and partners as described above, we do not engage in the sale of personal information as defined by privacy laws such as the CCPA.

5. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country.

5.1 Transfers from the European Union

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we will ensure that transfers of your personal data to countries outside the EEA are protected by appropriate safeguards, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Binding Corporate Rules
  • Your explicit consent

5.2 Primary Data Processing Locations

Our primary data processing and storage facilities are located in:

  • United States of America
  • European Union member states (for EU users)

6. Data Security

We implement comprehensive security measures to protect your personal information and health data:

🔐

End-to-End Encryption

Sensitive health data is encrypted both in transit and at rest using industry-standard AES-256 encryption

🛡️

Secure Transmission

All data transmitted between your device and our servers uses TLS/SSL encryption protocols

🔍

Regular Security Audits

We conduct regular security assessments, penetration testing, and vulnerability scans

👤

Access Controls

Strict access controls ensure only authorized personnel can access your data on a need-to-know basis

⚙️

Infrastructure Security

We use enterprise-grade cloud infrastructure with built-in security features and redundancy

📝

Security Policies

Comprehensive security policies and employee training programs ensure best practices

Important Security Notice

While we implement robust security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information. You are responsible for maintaining the confidentiality of your account credentials and for all activities under your account.

If you become aware of any security breach or unauthorized access to your account, please contact us immediately at info@shotlee.app.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

7.1 Retention Periods

Active Accounts

We retain your information for as long as your account is active or as needed to provide you with the Service.

Closed Accounts

After account deletion, we may retain certain information for up to 90 days for backup purposes, and up to 7 years for legal, tax, and regulatory compliance purposes.

Marketing Data

Marketing communications data is retained until you opt out, or for a maximum of 3 years from your last interaction.

Anonymized Data

We may retain anonymized and aggregated data indefinitely for research and analytics purposes.

7.2 Legal Holds

We may retain information for longer periods if required for legal proceedings, investigations, or to comply with legal obligations, even after account deletion.

8. Your Privacy Rights

Depending on your location, you have certain rights regarding your personal information:

8.1 Rights for All Users

  • 1.

    Access

    Request access to your personal information and receive a copy of the data we hold about you

  • 2.

    Correction

    Request correction of inaccurate or incomplete personal information

  • 3.

    Deletion

    Request deletion of your personal information (subject to legal retention requirements)

  • 4.

    Data Portability

    Request a copy of your data in a structured, commonly used, machine-readable format

  • 5.

    Opt-Out

    Opt out of marketing communications, personalized advertising, and certain data processing activities

8.2 Additional Rights for EU Users (GDPR)

If you are located in the European Union, you have additional rights under GDPR:

  • Right to Restrict Processing: Request restriction of processing in certain circumstances
  • Right to Object: Object to processing based on legitimate interests or for direct marketing purposes
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
  • Right to Lodge a Complaint: Lodge a complaint with your local data protection authority
  • Automated Decision-Making: Not be subject to decisions based solely on automated processing that significantly affect you

8.3 Additional Rights for California Residents (CCPA)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Know: Know what personal information is collected, used, shared, or sold
  • Delete: Request deletion of personal information (subject to exceptions)
  • Opt-Out of Sale: Opt out of the sale of personal information (we do not sell personal information)
  • Non-Discrimination: Not be discriminated against for exercising your privacy rights

8.4 How to Exercise Your Rights

To exercise any of your privacy rights:

  • • Email us at info@shotlee.app
  • • Use the data management tools in your account settings
  • • Contact our Data Protection Officer (for EU users)
  • • Submit a request through our privacy portal (if available)

We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

9. Children's Privacy

IMPORTANT: Children Under 13

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on the Service.

If we learn that we have collected personal information from a child under 13 without verification of parental consent, we will delete that information immediately. If you believe we might have information from or about a child under 13, please contact us at info@shotlee.app.

9.1 Users Ages 13-17

Users between 13 and 17 years of age may only use the Service under the supervision of a parent or legal guardian who agrees to be bound by our Terms of Service. Parents and guardians are responsible for monitoring and supervising their child's use of the Service.

10. Do Not Track Signals

Some web browsers have a "Do Not Track" feature that signals to websites that you do not want your online activities tracked. Currently, there is no industry standard for how to respond to Do Not Track signals. At this time, the Service does not respond to Do Not Track signals. However, you can manage cookie preferences through your browser settings.

11. Third-Party Links and Services

The Service may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices of these third parties. We encourage you to read the privacy policies of every website and service you visit.

If you choose to connect your Shotlee account with third-party services (such as health apps or social media platforms), those services will have access to certain information as authorized by you. Please review the privacy policies of those services before connecting them.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting a prominent notice on the Service
  • Sending you an email notification
  • Displaying an in-app notification
  • Updating the "Last Updated" date at the top of this policy

Your continued use of the Service after the effective date of the updated Privacy Policy constitutes your acceptance of the changes. If you do not agree to the updated Privacy Policy, you must stop using the Service.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Privacy Email:info@shotlee.app

General Support:info@shotlee.app

Security Issues:info@shotlee.app

DPO (EU Users):info@shotlee.app

Website:https://www.shotlee.app

Company:Shotlee Health Technologies

Address:Available upon request for legal correspondence

13.1 EU Representative

For users in the European Union, our EU representative for data protection matters can be contacted at info@shotlee.app.

13.2 Supervisory Authority

If you are located in the European Union and believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection supervisory authority.

By using the Shotlee Service, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy.

Ready to Start Tracking?

Your data is protected with industry-leading security. Start your health journey with confidence.

Get Started - Free Forever

Shotlee Health Technologies - Your Privacy, Our Priority

© 2026 Shotlee. All rights reserved.

Terms of ServiceCommunity GuidelinesRefund Policy