Privacy Policy

Last updated: April 21, 2026

This policy explains how the Nurelio app (iOS/Android) and the website at nurelio.net handle your data.

1. Controller

Helge Lange / PrettyLights Software. Contact: PrettyLightsSoftware@gmail.com.

2. Principle: Data Minimization

Nurelio is designed so that sensitive health information stays on your device. Anything that crosses our server is end-to-end encrypted and cannot be decrypted by us.

3. Data kept locally on your device

• Medications, intake schedules, containers, supply info
• Doctor appointments and contacts
• Health values (glucose, heart rate, blood pressure) — optionally synced with Apple Health / Health Connect
• Notes and intake photos (if used)
• Local notification settings

These live in a local database on your device and only leave it if you actively enable backup or family sharing.

4. Sign-in (Google / Apple)

To use family sync and the dead-man-switch, you sign in with your Google or Apple account. We store only:

• your provider subject ID (google_sub or apple_sub)
• a public key generated locally on your device
• timestamps (created / updated)

We do not store your email, name or profile picture from Google/Apple. Legal basis: contract performance (GDPR Art. 6(1)(b)).

5. Family sync (end-to-end encrypted)

When you explicitly pair with a family member, the categories you share are transmitted to our server as encrypted records and distributed to your paired members.

• Encryption and decryption happen only on the participating devices.
• The server holds only: random ID, patient ID, category, nonce, ciphertext, timestamp — no plaintext.
• The symmetric key is wrapped separately for each recipient using their public key.
• When a pairing is removed, the associated key wrappings are deleted on the server.

6. Push notifications

If you grant permission, the app registers a push token (Apple APNs / Google FCM) with our server. We store the device token, platform (ios/android), your user ID, and timestamps. Pushes are sent for event-driven purposes only (e.g. a pairing was revoked, a watch event fired). Delivery is handled by Apple/Google. Legal basis: consent (GDPR Art. 6(1)(a)). You can revoke it anytime in your device settings.

7. Optional cloud backup

You may back up your local data to your own iCloud or Google Drive private app folder. We do not have access to this backup.

8. Health integration

If you grant permission, Nurelio reads health values (e.g. glucose, heart rate) from Apple Health / Health Connect. Processing is local; no health data is transmitted to our server unless you explicitly share it via family sync (in which case it is end-to-end encrypted).

9. Website nurelio.net

Our web server logs connection metadata (IP, timestamp, URL, user-agent) for up to 14 days for operational and debugging purposes. The website sets no cookies, uses no tracking, and embeds no third-party resources.

10. Server location

The Nurelio server runs on infrastructure in Germany (Strato). We do not process data outside the EU. Apple (APNs) and Google (FCM) may process push delivery globally under their own terms.

11. Retention

• User record + public key: until you revoke / delete your account.
• Push tokens: until invalidated by APNs/FCM or revoked.
• Encrypted records: until you delete them on your device (a tombstone then marks deletion on the server).
• Pairing invitations (QR): automatically expire after a few minutes.
• Web access logs: ≤ 14 days.

12. Your rights

You have the right to access, rectify, erase, restrict, export or object to processing of your personal data (GDPR Arts. 15–21), and to file a complaint with a supervisory authority (Art. 77). To delete your account and all related server-side data, email us at PrettyLightsSoftware@gmail.com.

13. No sharing for advertising

We do not sell data, do no profiling, and use no ad IDs or third-party analytics.

14. Children

Nurelio is not directed at children under 13. We do not knowingly collect data from children.

15. Changes

We update this policy when features or legal requirements change. The current version is always available at this URL.