1. Who we are
MOINEX Ltd
5 Brayford Square, London E1 0SG, United Kingdom
Email: business@moinex.org
MOINEX Ltd ("MOINEX", "we", "our", "us") is the controller of your personal data when you use the mobile application Zenar Tracking ("Zenar", the "App").
2. Quick summary
| What? | Why? | Where? |
|---|---|---|
| Profile data (name, age, gender, weight, height, activity level) | To calculate personalised hydration, calorie and activity goals | Stored locally on your device and—if you create an account—securely in Supabase (Frankfurt, EU-central-1) |
| Drink, food and activity logs; achievements; notification settings | To display history, analytics, goals and rewards | Same as above |
| Apple HealthKit data you allow us to read (e.g., Steps, Workouts) | To import your activity into Zenar | Stored on your device; if you are signed in, also uploaded securely to our server |
| Apple Sign-In token | To authenticate your account | Kept in Supabase (EU-central-1), encrypted at rest |
| Local push-notification schedule | To remind you to hydrate / eat / move | Stays on your device; no third-party sends these alerts |
We do not collect your location, contacts, advertising IDs, or raw payment details. In-app purchases are processed securely by Apple.
3. Data you provide
- Account (optional): If you choose Sign in with Apple, we receive the private relay e-mail address Apple creates for you.
- Profile & goals: Name (nickname), age, gender, weight, height, activity level.
- Logs: Every drink you add (quantity, category, sugar, milk, calories), plus any future food or workout entries.
- Preferences: Units, daily targets, notification schedule, favourite drink presets.
- Feedback: Any messages you send to our support e-mail.
You may use the App without an account; all data then remain on your device only.
4. Data from Apple HealthKit
With your explicit consent, Zenar reads the metrics you select (e.g., steps, distance, workouts) to refine goal calculations and analytics.
If you are signed into your Zenar account, imported HealthKit data are uploaded to our server with your other activity data.
Zenar never writes data back to HealthKit and never shares HealthKit data with third parties.
5. How we use your information
| Purpose | Legal basis (UK GDPR / EU GDPR) |
|---|---|
| Provide core tracking features, sync and analytics | Performance of a contract (Art. 6 (1)(b)) |
| Show local reminders | Legitimate interests (Art. 6 (1)(f)); you can disable notifications at any time |
| Optional HealthKit import | Explicit consent (Art. 9 (2)(a)) |
| Customer support & troubleshooting | Legitimate interests |
| Future paid features | Performance of a contract; payments handled by Apple In-App Purchase |
We do not use your data for advertising or profiling beyond the functions described above.
6. Retention & deletion
| Scenario | What happens? |
|---|---|
| Delete account (Settings → Account → Delete) | All server-side records (profile, logs, achievements) are erased immediately and irreversibly. |
| Keep data local, drop sync ("Delete cloud only") | Cloud copy is erased; data stay on your device until you delete the App or wipe data from Settings. |
| No account ever created | Data live only on your device; uninstalling the App removes them. |
Server backups held by Supabase are automatically overwritten within 7 days.
7. Security
- All network traffic uses TLS 1.2+ encryption.
- Supabase stores data encrypted at rest in an ISO 27001–certified EU data centre (Frankfurt).
- Access to production databases is limited to authorised MOINEX staff via role-based access-control.
- Sign-in with Apple provides token-based authentication; we never store plaintext passwords.
8. International transfers
Your data are hosted in the European Economic Area (EEA). If we ever need to transfer data outside the EEA/UK (for example, to support users overseas), we will rely on an adequacy decision or the EU Standard Contractual Clauses (SCCs) to safeguard your information.
9. Children
Zenar is intended for users aged 13 and over. We do not knowingly collect data from children under 13. If you believe a child has provided us with personal data, contact us and we will delete it.
10. Your rights
If you are in the UK, EU or a territory with similar laws, you can:
- Request a copy of your data (right of access)
- Ask us to correct or erase data
- Object to processing or request restriction
- Withdraw HealthKit or notification consent at any time
- Port your data to another service (Export → CSV in Settings)
To exercise any right, email business@moinex.org from the email linked to your Apple ID and we will respond within 30 days.
11. Changes to this policy
We may update this policy from time to time. The latest version is always available in the App (Settings → Privacy Policy).
12. Contact us
MOINEX Ltd
5 Brayford Square
London E1 0SG
United Kingdom
Email: business@moinex.org
If you are in the EU/EEA, you also have the right to lodge a complaint with your local data-protection authority.