Privacy Policy

1. Controller and contact details

The controller responsible for Lulnara is Praelion Health LTD, a company registered in England and Wales with company number 17209225. Our registered office is First Floor, Swan Building, 20 Swan Street, Manchester, M4 5JW, United Kingdom.

You can contact us about privacy, data protection or your rights at privacy@lulnara.com. Product support requests can be sent to support@lulnara.com.

We do not currently have a statutory data protection officer. We keep that position under review as Lulnara, our user base and our processing activities develop.

2. Scope of this policy

This policy applies to Lulnara, including the mobile app, public website, account services, early access, support channels, transactional and lifecycle emails, subscriptions, exports, widgets, Apple Watch features, notifications and related family-care features. It should be read alongside our Terms and Conditions.

Lulnara is intended for adults and authorised caregivers managing family care. If we release a child-facing version or materially change how children interact with the service, we will provide appropriate age-assurance, parental involvement and child-facing privacy information before doing so.

3. Personal data we collect

Account, identity and authentication data

This may include your name, email address, password hash, Apple or Google sign-in identifier, parent or caregiver role, date of birth where provided, account settings, language and theme preferences, legal acceptance records, onboarding status, email verification status, account status, support history and security records.

Child and family profile data

This may include a child's name, date of birth, age category, sex or gender where provided, profile image, avatar settings, premature-birth context, gestational age, twin or sibling group information, family relationships, caregiver permissions, invitations and sharing activity.

Care, wellness and health-adjacent records

You may choose to record sleep, feeds, breastfeeding, pumping, nappies, potty training, growth, weight, symptoms, temperature, blood pressure, medication notes, vaccinations, appointments, milestones, mood, behaviour, teething, routines, development, allergies, emergency information, emergency contacts, caregiver notes, handoff notes, reports and exports.

Special-category data

Some data you enter may reveal or concern physical or mental health, development, disability, medication, pregnancy or care needs. Under UK data protection law, health data is special-category data and receives extra protection. We process special-category data only where a lawful basis and an Article 9 condition apply.

AI, chat, voice and generated content

If you use AI chat, voice logging, text-to-speech, generated summaries, sleep predictions or insight features, we may process prompts, transcripts, selected profile context, generated outputs, consent records, usage limits, correction history and safety or quota events. Voice logging may process audio or already transcribed text long enough to extract and confirm the requested log.

Photos, audio and uploaded files

If you upload photos, audio or other media, we process the file, storage metadata, file type, file size, storage path, public identifier, thumbnails, delivery URLs and deletion records. You should avoid uploading information that is not needed for the family-care purpose.

Subscription and purchase data

We may receive information from Apple, Google, RevenueCat or other authorised payment providers about your subscription status, entitlement, trial, renewal, cancellation, refund, product identifier, store account reference and transaction events. We do not receive full card numbers from app-store purchases.

Device, app, notification and technical data

This may include device type, operating system, app version, browser, IP address, approximate location derived from technical data, timezone, language, locale, crash logs, diagnostic events, performance data, security logs, session identifiers, rate-limit records, audit logs, push notification tokens and cookie or local-storage identifiers.

Website, cookie and local-storage data

Our website may process information about page visits, theme or language preference, device/browser details and essential cookies or local storage. Where we introduce non-essential analytics, advertising or similar storage technologies requiring consent, we will ask for consent before using them.

4. How we collect data

We collect personal data:

• directly from you when you create an account or enter records;
• from people you invite, where they add information to a shared family space;
• automatically from your device, app, browser and interactions with Lulnara;
• from authentication, app-store, subscription, payment, email, notification, media, AI, hosting and diagnostics providers where you use those services; and
• from support messages, feedback, surveys and email interactions.

5. How we use personal data

We use personal data to:

• create, authenticate, maintain and secure accounts;
• provide family spaces, child profiles, care logs, timelines, reminders, exports, caregiver sharing, handoff notes, widgets, Apple Watch features and sync;
• provide AI chat, voice logging, text-to-speech, sleep predictions, pattern insights and summaries where you choose to use those features and the relevant consent is in place;
• send service emails, verification links, password resets, subscription notices, support replies, lifecycle emails and important product notices;
• process subscriptions, entitlements, trials, renewals, cancellations, restores, refunds and billing status;
• monitor reliability, investigate bugs, redact sensitive data from logs, prevent abuse and protect the service;
• maintain audit trails for legal acceptance, AI consent, security, account deletion, exports and important account events;
• understand aggregated or minimised usage patterns so we can improve Lulnara; and
• comply with legal, accounting, tax and regulatory duties.

6. Lawful bases and special-category conditions

UK data protection law requires us to identify a lawful basis for each purpose. Where special-category data is involved, we must also identify an additional condition under Article 9 UK GDPR.

Where we rely on consent, you can withdraw it at any time. Withdrawal does not affect processing that took place before withdrawal and may mean that some optional features can no longer be provided.

If you do not provide information needed to create an account, secure the service, process a subscription, provide a requested export or run a feature you choose to use, we may be unable to provide that part of Lulnara.

7. AI, voice and automated features

Lulnara may use AI service providers, including OpenAI, to provide requested chat responses, voice-log extraction, summaries, insights, transcripts or text-to-speech. Lulnara's current AI consent record uses OpenAI as the named provider and requires you to acknowledge that AI is not for medical advice, diagnosis, treatment or emergency use.

You may choose general AI mode or personalised AI mode where the app offers those controls. General mode avoids sharing profile context. Personalised mode may use selected, minimised family context such as age category, gender where provided, recent care summaries, sleep patterns or notes. The app and backend are designed to avoid sending names and exact dates of birth in personalised AI context.

Voice logging may use on-device speech recognition, device dictation or backend AI processing depending on the feature and platform. The current launch guardrails block AI voice extraction for medication, vaccination, symptom, diagnosis, treatment and emergency records; you should enter those records manually.

We maintain AI consent records in your account preferences and audit logs. You may revoke or change AI consent where the app provides that control. If you revoke consent, previously generated outputs may remain in your account unless deleted, or unless we need to retain limited records for security, audit, legal or dispute reasons.

OpenAI's API platform states that API inputs and outputs are not used to train OpenAI models by default, unless the API customer opts in. OpenAI may retain API content for abuse monitoring for a limited period unless different retention controls are approved and enabled. We do not make unsupported claims about zero data retention, HIPAA compliance or guaranteed regional data residency.

AI, prediction and insight features do not make solely automated decisions with legal or similarly significant effects about you or a child. They are assistive outputs that require human review.

8. How we share personal data

People you invite

If you invite family members or caregivers, they may see, add, edit or export information according to the permissions available in Lulnara. You should only invite people who need access and who you trust with the relevant child and family information.

Service providers

We use service providers to operate Lulnara. These may include hosting and database providers such as Railway or similar providers, Vercel for the website, Cloudinary for media storage and delivery, Resend for email, RevenueCat and app stores for subscriptions, OpenAI for AI features, Sentry for error monitoring, Expo and Apple Push Notification service for notifications, Redis or equivalent services for rate limiting, and Apple or Google for sign-in and app platform services. Providers may process personal data only for instructed purposes and under appropriate contractual safeguards.

Analytics and diagnostics

We use diagnostic and reliability tools to understand crashes, performance and product health. Lulnara is designed to minimise analytics data, hash user identifiers where appropriate and redact personal health information from logs. Mixpanel code exists in the app and, where enabled, is designed for product interaction analytics rather than health-content tracking.

Legal, safety and protection disclosures

We may disclose data if required by law, court order, regulator, tax authority, app-store process, legal claim, security incident, safeguarding concern, or to protect the rights, safety and security of users, children, families, Praelion, our providers or others.

Business changes

If Praelion is involved in a merger, acquisition, restructuring, financing, due diligence process or sale of assets, personal data may be shared with advisers and potential successor organisations under confidentiality and data protection safeguards.

9. What we do not do

• We do not sell personal data.
• We do not share child health or care data with advertisers.
• We do not use family care logs for targeted advertising.
• We do not knowingly allow children to create independent accounts in the current version of Lulnara.
• We do not intentionally include personal health information in analytics events, diagnostic breadcrumbs or production logs.
• We do not use Lulnara AI outputs to make legal, medical, emergency or safeguarding decisions for you.

10. International transfers

We operate from the United Kingdom, but some providers may process personal data in other countries. Where UK data protection law requires safeguards for international transfers, we use appropriate mechanisms such as UK adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to EU Standard Contractual Clauses, EU Standard Contractual Clauses where relevant, or other lawful transfer mechanisms. You can contact us for more information about relevant safeguards.

11. Retention, deletion and backups

We keep personal data only for as long as needed for the purposes described in this policy, unless a longer period is required for legal, accounting, security, dispute, safeguarding or compliance reasons.

• Account and family data is usually retained while your account is active.
• Care logs may be retained according to your account settings, product retention controls and legal requirements. Lulnara includes archive and export controls for older records where available.
• AI chat history is subject to product retention controls. The current backend includes a cleanup route intended to remove chat messages older than 90 days.
• Deleted accounts trigger deletion of the core account and cascading app records, plus best-effort cleanup or deidentification of relevant external processor records such as Cloudinary media, RevenueCat subscriber identifiers and Mixpanel profile identifiers where configured and supported.
• Some audit, security, email, subscription, transaction, deletion, processor-cleanup and compliance records may be retained in minimised or hashed form where needed to protect rights, investigate misuse, handle disputes or meet legal duties.
• Deleted records may remain in encrypted backups or disaster recovery systems for a limited period before final removal.
• Aggregated or anonymised analytics may be retained where it no longer identifies you or a child.

You can request deletion through available in-app controls or by contacting us at privacy@lulnara.com. Deleting your Lulnara account may not cancel an app-store subscription; subscriptions must be managed through the relevant store where required.

12. Export and portability

Lulnara includes export features for account records and doctor-visit reports. Exports may contain sensitive child and family health information. Once you download, email or share an export, you are responsible for storing it securely and sharing it only with people who should receive it.

You may also request a copy of personal data we hold about you, or portable data where the legal right applies, by contacting us.

13. Security

We use technical and organisational measures designed to protect personal data, including encryption in transit, access controls, least-privilege internal access, authentication safeguards, production configuration checks, rate limiting, audit logging, monitoring, backups, vulnerability management and supplier review.

Lulnara supports optional device security features such as biometric unlock where available. Biometric verification is handled by your device operating system; Lulnara does not receive your Face ID, fingerprint or biometric template.

No online service can be guaranteed completely secure. You should use a strong password, protect your devices, keep your app updated, review invited caregiver access, remove access when it is no longer needed, and tell us promptly if you suspect unauthorised access.

14. Children and family privacy

Lulnara handles information about children because parents, guardians and authorised caregivers choose to create records about their care. Adults using Lulnara should consider the child's best interests, minimise what they enter, invite only appropriate people, correct inaccurate information and delete information that is no longer needed.

We recognise the UK Children's Code and the need for high privacy protection by default where children's data is involved. The current service is adult-account-led and is not intended to encourage children to disclose data directly to us.

If you believe someone has created a child profile or entered child information without proper authority, contact us promptly at privacy@lulnara.com.

15. Cookies, local storage and similar technologies

Our website and app may use cookies, local storage, device identifiers or similar technologies to remember language, theme and session preferences, keep accounts secure, operate the service, understand reliability and improve the product. Strictly necessary technologies may be used without consent where the law permits.

Where we introduce non-essential cookies, tracking pixels, analytics SDKs, advertising technologies or other storage/access technologies that require consent, we will provide clear information and ask for a clear positive choice before using them.

16. Marketing communications

We may send service messages that are necessary for your account or the operation of Lulnara. If we send marketing emails, we will use an appropriate lawful basis and provide an unsubscribe route. We will not use children's care records, health information or family notes to target advertising.

17. Your rights

Depending on your circumstances and applicable law, you may have the right to:

• access personal data we hold about you;
• correct inaccurate or incomplete personal data;
• request deletion of personal data;
• restrict certain processing;
• object to processing based on legitimate interests;
• receive portable data where the right applies;
• withdraw consent where processing is based on consent;
• challenge solely automated decisions with legal or similarly significant effects, if any are introduced; and
• complain to a data protection authority.

The right to object to processing based on legitimate interests is brought to your attention separately here. You can object by contacting us at privacy@lulnara.com.

To exercise rights, contact us at privacy@lulnara.com. We may need to verify your identity and authority before responding, especially where child or family data is involved. If a request concerns a child, we may ask for information showing parental responsibility, guardianship, caregiver authority or other lawful basis for the request.

18. Complaints

We would appreciate the chance to resolve privacy concerns first. You also have the right to complain to the UK Information Commissioner's Office.

• Website: ico.org.uk/make-a-complaint
• Telephone: 0303 123 1113

19. Changes to this policy

We may update this policy as Lulnara develops or as legal, technical or operational requirements change. If a change is material, we will take reasonable steps to notify you, such as by email, in-app notice or prominent website notice. The date at the top shows when this version took effect.