Skip to main content

Introduction

This Privacy Policy explains how the Orea health app collects, uses, stores, and protects your personal information, and outlines your rights. We comply with applicable data protection laws in China (including the PIPL and Cybersecurity Law) and common international standards such as the GDPR and CCPA. By using Orea, you acknowledge that you have read and agreed to this Privacy Policy. Scope: This Policy applies to all services provided by Orea. Orea is not intended for children under 14 and we do not knowingly collect personal information from children under 14. If we discover such data, we will delete it promptly.

Data We Collect

We follow the principle of data minimization and collect only what is necessary to provide the service, based on what you provide or authorize:
  • Apple Health (HealthKit) Data: With your explicit permission, we read/write the HealthKit data types you authorize (e.g., steps, active energy, heart rate, sleep) to display insights, analyze trends, and calculate metrics. You can manage or revoke access anytime in the Apple Health app.
  • Food Photos & Recognition Data: You may take meal photos for calorie and nutrition recognition. We extract only necessary information (food items, portions, calories). We do not use photos for unrelated purposes and do not share them with third parties.
  • Workout Logs: Activity/workout information you enter manually or sync (duration, distance, etc.) to show history, calories burned, and progress.
  • Weight Management Data: Weight data you enter or sync from Apple Health, used for trend charts, BMI calculations, and relevant tips.
  • App Usage Data: Device model, OS version, crash logs, feature usage frequency, etc., used for diagnostics and service improvement (typically de-identified/aggregated).
What We Do Not Collect: Government IDs, payment details, precise location, contacts/address book data, biometric identifiers, or other non-essential categories. If a future feature requires additional data, we will ask for your explicit consent separately.

How We Use Your Data

We use your data only to:
  • Provide core features (health insights, calorie calculations, weight trends, workout stats, etc.);
  • Generate calorie/nutrition analyses and progress feedback (informational only, not medical advice);
  • Maintain and improve the service (bug/crash fixes, UX improvements);
  • Comply with legal obligations when required or permitted.
We do not use Apple Health data for advertising and we do not sell personal information to data brokers.

Sharing and Disclosure

  • No Third-Party Sharing/Sale: We do not share, sell, rent, or disclose your personal information to third parties without your consent.
  • No Cross-Border Transfers (Current): We currently do not transfer your personal data across borders. If cross-border transfer becomes necessary in the future, we will inform you and obtain separate consent as required by law.
  • Legal Requirements: We may disclose information when required by law or valid legal process, and will notify you where permitted.
  • Business Transfers: In mergers, acquisitions, or similar transactions, data may be transferred as an asset; we will notify you and require equivalent protection by the recipient.
  • Anonymous/Aggregated Data: We may publish or share anonymized or aggregated statistics that do not identify individuals.

Your Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, withdraw consent, data portability, restrict processing, and more. You can exercise these rights via in-app settings (where available) or by contacting us. We respond after identity verification within the legally required timeframe (typically within 30 days). California residents also have the right not to be discriminated against for exercising privacy rights.

Data Storage and Security

We use encryption in transit and at rest, access controls, security audits, and incident response procedures to protect your data. We retain data only as long as necessary for the purposes described, unless a longer retention period is required by law. If you delete data or close your account, we will delete or anonymize it upon request, except where legal retention obligations apply. No security method is perfect; please keep your account credentials secure and contact us if you suspect unauthorized activity.

Changes to This Policy

We may update this Policy from time to time. For material changes, we will obtain your renewed consent when required. We will display the “Last Updated” date on the latest version.

Contact Us

If you have questions or want to exercise your rights, contact: Last Updated: January 23, 2026