Privacy Policy – intidor.app

Terms of Use

1.1 Who we are

1.2 These Terms of Use (the “Terms”) govern your use of the Intidor MEN mobile application and related websites, content, and services (collectively, the “Service”). The Service is operated by Intidor health group, UAB, a private limited liability company registered in the Republic of Lithuania, company number 307406526, registered office: Vilkiškės g. 34, LT-02238 Vilnius, Lithuania (hereinafter – “Intidor”, “we”, “us”).

1.3 By using, installing, or accessing the Service, you agree to be bound by these Terms and by our Privacy Policy, which forms part of these Terms. If you do not agree to these Terms, you must not use the Service.

1.4 Service description (informational nature)

1.5 Intidor MEN provides lifestyle guidance, educational content, and self-monitoring tools related to men’s health and well-being (e.g., libido, erectile health, hormone balance, and general well-being). We do not provide medical care or medical consultations. The App is not a medical device and is not intended to diagnose, treat, cure, or prevent any disease or disorder. Always consult a qualified healthcare professional for medical questions or decisions.

1.6 Research-type outputs – informational only (not clinical conclusions). All metrics, “results”, charts, insights, recommendations, assessments, trend analyses, or other generated data produced by the Service are provided solely to convey information grounded in scientific research. They are not laboratory or clinical test results and are not considered physician-determined findings, medical decisions, or diagnostics. Before interpreting any information presented in the App or changing your treatment, medication, or lifestyle, you must consult a qualified physician or medical facility.

1.7 No clinical use. You agree not to rely on the Service to diagnose disease, assess a condition, monitor the course of an illness, make decisions on medication use, or resolve critical situations. If you experience new or worsening symptoms, promptly contact a physician or emergency medical care.

1.8 Device readings and calculations. If the App displays data obtained from external devices or generates certain numerical estimates, such data are provided for your convenience only. We do not endorse or independently verify the clinical accuracy of such data; therefore, they are not a substitute for laboratory or clinical testing.

1.9 Eligibility and accounts

1.10 The Service may be used only by persons of sufficient age under their place of residence’s laws and the applicable app store rules (for example, commonly 16 years or older, and in some places – 18 years). By using the Service, you confirm you are legally capable of concluding a binding contract.

1.11 You are responsible for keeping your login credentials confidential and for all activity carried out under your account. Notify us immediately if you become aware of any unauthorized access to your account or loss of password.

1.12 By confirming a purchase in our App, you agree that the service will be provided immediately and acknowledge that the right of withdrawal does not apply to these digital services. Therefore, funds paid for digital services already provided are not refundable, except in cases provided by law, for example, if the service is not provided as agreed or material defects arise due to the App’s fault. This provision complies with applicable EU consumer protection legislation and the requirements of Directive 2011/83/EU.

1.13 Subscriptions, payments, trials, and refunds

1.14 Certain Service features are available only by paid subscription – with automatic renewal of a periodic fee (hereinafter – the “Subscription”). The subscription terms are as follows:

Automatic renewal. The Subscription renews automatically at the end of each paid period unless you cancel at least 24 hours before the end of the current period. Note that uninstalling (removing) the App does not terminate the Subscription – to stop payments you must cancel the subscription in your Apple App Store or Google Play account settings;
Free trials and promotions. If a free trial or special promotion is offered, information about the trial duration and the price after the trial will be shown clearly before you confirm the purchase. As a rule, one free trial is granted per user unless we state otherwise;
Billing and refunds. Subscription payments are processed by the relevant platform (Apple or Google). Intidor does not directly receive or process your payment card data – all payments are handled via the app store systems. Refunds are also handled under the relevant store’s rules (and not directly by Intidor). If you wish to request a refund, use Apple’s tool or follow Google Play’s refund rules. Note that taxes or currency conversion may apply depending on your location;
Price changes. We reserve the right to change Subscription prices for future billing periods. We will notify you in advance of upcoming price changes – new prices will be shown in the App or by the relevant store before they take effect so that you can decide whether to continue the Subscription at the updated price;
Right of withdrawal. When purchasing digital content or a service (e.g., a Subscription) that begins to be provided immediately after purchase, you expressly consent to the service starting before the end of the 14-day cooling-off period and acknowledge that you therefore lose the right to withdraw within the 14-day period provided by consumer law. (This provision complies with Article 16(m) of Directive 2011/83/EU on the supply of digital content.) This waiver of the right of withdrawal does not affect your right to cancel future automatic renewals of the subscription at any time, as described above;
Price transparency. We commit to fair and transparent price presentation. If we apply a discount, we will clearly indicate the prior price (i.e., the standard price that applied for at least 30 days before the discount). We will present the original price and the reduced price so that the discount is clear to the consumer. All final consumer prices will be displayed inclusive of all applicable taxes – with no hidden fees or charges. We comply with EU consumer protection requirements, including Directive 2005/29/EC, to ensure pricing information is not misleading;

1.15 Permitted use

1.16 By using the Service, you agree not to use it for unlawful or harmful purposes and undertake not to permit others to do so;

1.17 Security violations. You will not attempt to interfere with or disrupt the operation of the Service, circumvent any security measures, reverse engineer, decompile, or disassemble the App without authorization. You will also not use the Service to distribute viruses, malware, or similar threats.

1.18 Prohibition on providing medical services. You will not use the Service to provide emergency care or diagnoses to others, to generate or present to others “clinical findings,” “diagnoses,” or “medical test results,” nor to substitute for professional medical assessment.

1.19 System protection. You will not use the Service in a manner that could damage, disable, overload, or impair our systems (e.g., by automated queries, attempts to hack, etc.).

1.20 We reserve the right to remove content or suspend your account if your actions violate these Terms or applicable law.

1.21 Third-party services and more

1.22 The Service may integrate or link certain third-party components (e.g., analytics tools, payment processing, user authentication, etc.). By using such components, you agree that, in addition to these Terms, those third parties’ terms may also apply to you. For details on what data may be transmitted to such third parties and for what purposes, see the Privacy Policy section below.

1.23 Intellectual property and license

1.24 Intidor grants you a personal, limited, revocable, non-exclusive, and non-transferable license to use this App on devices you own or control, subject to the applicable app store (Apple App Store or Google Play) rules. All intellectual property rights in the Service (including, without limitation, software code, text, images, logos, trademarks) belong to Intidor or our licensors. You have no right to copy, modify, create derivative works, distribute, sell, or rent any part of the Service, except where expressly permitted by law or with our prior written consent.

1.25 App store terms

1.26 If you download the App from the Apple App Store or Google Play store, your use of the App is also governed by the respective store’s rules and policies. Note that Apple and Google are not responsible for the App’s maintenance or support. To the extent permitted by law, Apple/Google also provide no additional warranties for the App and are not responsible for any defects in the App.
Note: Under the App Store requirements, Apple Inc. is deemed a third-party beneficiary of these Terms with respect to your use of the iOS app – i.e., Apple has the right to enforce these Terms insofar as they relate to iOS use. For Google Play, your use of the Android app is subject to the Google Play Terms of Service and refund policy.

1.27 Disclaimers

1.28 The Service is provided “as is” and “as available,” without any express or implied warranties. To the extent permitted by applicable law, we disclaim all warranties, including (without limitation) implied warranties of merchantability, fitness for a particular purpose, accuracy, non-infringement, or uninterrupted operation. We do not warrant that the Service will operate without interruption, securely, or error-free, or that any defects will be remedied promptly.

1.29 Informational-only outputs. Again, any assessments, “results,” insights, or recommendations generated by the Service may be incomplete, inaccurate, or outdated and are not physician-determined findings or clinical evaluations. They must not be relied upon to make medical decisions – such data must always be reviewed and evaluated by a qualified physician.
Note: Under App Store requirements, Apple Inc. is considered a beneficiary of these Terms in relation to your use of the iOS app – i.e., Apple has the right to require compliance, insofar as it concerns iOS use. In the case of Google Play, the use of the Android app is subject to Google Play’s terms of service and refund policy.

1.30 Limitation of liability

1.31 To the extent permitted by applicable law, Intidor and its officers, employees, and agents shall not be liable for any indirect, incidental, special, or consequential losses, nor for any lost profits, loss of revenue, loss of data, harm to reputation, or other non-pecuniary damage arising from your use of or inability to use the Service. Our total aggregate liability for all claims related to the Service shall not exceed the amount you paid us for the Service in the 12-month period preceding the event giving rise to the claim (if you paid nothing – Intidor’s liability is limited to zero). Nothing in these Terms seeks to exclude or limit Intidor’s liability where such exclusion or limitation is not permitted by law.

1.32 Indemnification

1.33 You agree to indemnify and hold harmless Intidor, its parent and affiliates, officers, employees, and representatives from any claims, liabilities, losses, or expenses (including reasonable attorneys’ fees) arising out of: (a) your breach of these Terms; (b) your improper or unlawful use of the Service; or (c) your actions violating third-party rights or laws. Where necessary, we are entitled to participate in defending our interests in any matter covered by your indemnification obligation.

1.34 Suspension and termination of the Service

1.35 Intidor reserves the right to temporarily suspend or permanently terminate your access to the Service at any time if we have reasonable grounds to believe that you have violated these Terms or the law. Where feasible, we will endeavor to notify you in advance (e.g., by email or through the App), but in critical cases we may act immediately.

1.36 You have the right to stop using the Service and delete the App at any time. If you have an active paid Subscription, merely ceasing use does not automatically cancel it – if you do not want further service, you must separately cancel the subscription, as described earlier in these Terms (see 1.13).

1.37 Changes

1.38 Service changes – we reserve the right to change, suspend, or discontinue all or any part of the Service at any time. This may include adding new features, modifying or disabling existing features, as well as substantially discontinuing the Service. We will strive not to impair your legitimate expectations without good cause; however, in some cases significant changes may be necessary for security, legal, or business reasons.

1.39 Changes to the Terms – we may from time to time review or update these Terms of Use. If changes are material, we will provide appropriate notice (e.g., by displaying a clear notice in the App or on the website, or by emailing you if we have your email address). Updated Terms will take effect on the effective date indicated at the beginning of the document unless the notice specifies a different date. By continuing to use the Service after the changes take effect, you confirm your agreement to the updated Terms. If you do not agree to the changes, you must cease using the Service before the new Terms take effect.

1.40 Governing law and dispute resolution

1.41 These Terms and any disputes or claims arising out of or in connection with them are governed by the laws of the Republic of Lithuania, without regard to its conflict-of-laws rules. For consumers in EU countries, mandatory consumer protection provisions of your country of residence also apply – nothing in this choice of law deprives you of such protection where applicable.

1.42 All disputes are subject to the jurisdiction of the courts of Vilnius, Lithuania (our registered office’s location). However, if you are an EU consumer residing in another Member State, you may rely on mandatory dispute resolution rules in that State (e.g., your national consumer protection authority or courts) where required by law.

1.43 Privacy

1.44 To learn how we collect, use, and share information about you, including information that may be considered “health data” or special category data under applicable law, please review the Privacy Policy below (Section II). The Privacy Policy is an integral part of these Terms and its provisions apply to your use of the Service.

1.45 Contacts

Data Controller / Service Provider: Intidor health group, UAB (company number 307406526).
Registered office: Vilkiškės g. 34, LT-02238 Vilnius, Lithuania.
Customer support email: support@intidorhealthgroup.com (or via the App’s help section); data protection contacts: (if appointed, you may write to privacy@intidorhealthgroup.com)

Apple App Store: These Terms are concluded between you and Intidor, not with Apple. Apple is a third-party beneficiary of these Terms with respect to your use of the iOS App and has the right to enforce them against you.
Google Play: When using the Android App, the Google Play Terms of Service and Google’s refund rules also apply.

Privacy Policy

1.46 Your personal data controller is Intidor health group, UAB, company number 307406526, registered office: Vilkiškės g. 34, LT-02238 Vilnius, Lithuania.

1.47 If you have questions about the processing of your personal data, you may write to the address above or contact us by email: support@intidorhealthgroup.com. You may also use the contact forms available in the App or on our website.

Scope

1.48 This Privacy Policy explains how we process personal data related to the Intidor MEN mobile application and related services (the “Service”). The Privacy Policy applies to all information we collect from you or that is generated while you use the Service. It does not apply to data of any other sites or services unrelated to Intidor MEN.
Note: Intidor MEN services are intended for adults for their personal wellness purposes. The Service is not intended for use by healthcare institutions in directly delivering services to patients; therefore, we act as the controller when processing the data you provide in this App for personal purposes. If Intidor’s services were used differently (e.g., a healthcare institution cooperating with Intidor), additional legal requirements (e.g., HIPAA in the US) or different roles may arise. This policy focuses on ordinary use of the Service by individual users.

1.49 We do not use collected personal data for any other commercial purposes (e.g., we do not sell or rent your email for advertising to third parties). We also will not send you marketing messages without your consent. If in the future we plan to use data for a new purpose incompatible with the original ones, we will inform you in advance and (if necessary) obtain your consent.

Categories of data processed

1.50 We process the following main categories of personal data that you provide or that are generated when using the Service:

Account and profile data: information you provide when creating an account or filling in a profile, such as your name (or nickname), email address, contact details, profile photo (if you choose to upload one), account settings.
Device and technical data: information about the device and the App’s performance – this may include unique device identifiers, installed App version, operating system, login IP address, diagnostic logs about App errors (e.g., crash reports), basic telemetry needed to ensure the functioning and security of the Service (e.g., login times, frequency of feature use).
User-entered responses and data – information you provide when answering questionnaires, entering certain metrics or data in the App (e.g., wellness questionnaire answers, notes about well-being, self-monitoring data). This category may include some health information if you voluntarily choose to provide it (e.g., information about erectile function, well-being, medical history, lifestyle habits, etc.).
Communications or chats within the Service – for example, if the Service has AI chat functionality, we may store chat text to provide the service and improve quality. Other communications with us may also be stored – for example, your requests to customer support (emails, queries), their content, submission date and time, and related metadata.
Clerk (sign-in via Google/Apple). We implement social sign-in (“Sign in with Apple” and “Sign in with Google”) using the third-party service Clerk, which acts as an authentication intermediary and processes only minimally necessary authentication data (e.g., email address, social sign-in identifier, login metadata, OAuth/OpenID Connect session tokens) on our behalf. Clerk does not process medical data – none of your health information (e.g., symptoms, questionnaire answers, GPT queries or responses) are transmitted to Clerk. Apple and Google, within their services, act as independent controllers and transmit to us only the minimal account information needed to verify your identity (where available – email address). We integrate Clerk in compliance with its standard privacy and data processing terms (GDPR compliance), publicly available at: https://clerk.com/legal/privacy and https://clerk.com/legal/dpa. This Intidor Privacy Policy governs how we use your data via Clerk; Clerk’s privacy policy governs how Clerk processes data in its system when providing authentication. Clerk has no right to use your personal data for any purposes other than those necessary for authentication and as set out in its legal terms.

1.51 Special categories of data. Note that some data you provide may be considered special category personal data under the GDPR, specifically health data (e.g., information about the nature of your erectile dysfunction, health status, sexual life, or medical indicators, if you provide it). We process such data only with your explicit consent, as explained below. We understand the sensitivity of these data and apply additional safeguards (see Security section below).

Purposes and legal bases for processing

1.52 We use the above personal data for the following purposes and rely on the legal bases set out below:

Provision and operation of the Service. The primary purpose is to ensure the functionality and proper operation of the Service. This includes creating and managing your account, displaying your entered data in the App (e.g., generating charts), providing features of the App, and customer support (responding to inquiries, troubleshooting), etc. Legal basis – performance of a contract (GDPR Art. 6(1)(b)), since by registering you enter into a service contract with us and we cannot properly perform it without these data;
Use of health data you provide. If you provide information related to your health in the App (e.g., respond to health-related questions, enter health metrics), we process such data only with your explicit consent. Legal basis – GDPR Art. 6(1)(a) (data subject’s consent) together with Art. 9(2)(a) (explicit consent for special category data). You have the right to withdraw your consent at any time – you can do so in the App settings (if available) or by contacting us. Note: withdrawal has no retroactive effect – it does not affect processing lawfully carried out before withdrawal. However, after withdrawal, we will no longer process your health data for new purposes and, absent another legal basis, we will delete them securely (see deletion section);
Security, fraud prevention, and compliance with legal obligations. To protect users of the Service, our systems, and to comply with legal obligations, we may process certain data based on legal obligation (GDPR Art. 6(1)(c)) or our legitimate interests (GDPR Art. 6(1)(f)). For example, we may store log data about logins to detect unlawful access or protect accounts; we may process data to comply with lawful requests from authorities or court orders. Our legitimate interest also includes maintaining the integrity of the Service, defending our rights in litigation, fraud prevention, etc.;
Analytics and Service improvement. We seek to understand how users use our Service to improve it. For this, we may analyze certain usage data (e.g., which sections are most popular, which features may be failing). Where possible, we use aggregated or anonymized data that are no longer attributable to a specific user. If analytics involve personal data, we rely on our legitimate interest (GDPR Art. 6(1)(f)) in improving quality and product understanding. In certain cases, if required by law (e.g., use of cookies or tracking technologies), we will ask for your consent for analytics (GDPR Art. 6(1)(a)). You have the right to object at any time, as described below;
Marketing and notices (if applicable). Currently, Intidor MEN does not send any commercial newsletters or advertising messages unrelated to the direct function of the service, except possibly in-app informational messages about new features or reminders. If in future we plan to send newsletters or offers by email, we will do so only after obtaining your prior consent under electronic communications laws. With consent, the legal basis would be GDPR Art. 6(1)(a); if you do not consent or withdraw consent, we will not send such messages.

1.53 Automated decisions. We use automated means in the Service to generate content and recommendations. These processes are informational and do not produce legal effects or similarly significant effects on you within the meaning of GDPR Article 22. We do not use solely automated decisions that would automatically determine your rights or significantly affect you (e.g., granting/denying a subscription, setting individualized pricing, restricting legal rights). If in the future we implement features that could have such effects, we will clearly inform you and, where required, obtain your explicit consent and ensure your right to human intervention, to express your view, and to contest the decision.
Note: If later an automated decision with significant effect arises (e.g., automatic account blocking, dynamic pricing by profile, automatic refusal of refund), that would be a GDPR Art. 22 situation and would require a human review process and other safeguards. If you do not plan this – the formulation above is sufficient.

1.54 Health information disclaimer

1.55 The Service may present informational insights or results obtained by analyzing your questionnaire answers, smart device signals (if integrated), or statistical data. These results are for educational and informational purposes only – they do not constitute medical advice, diagnosis, or treatment, nor are they clinical evaluations or physician-approved findings. You should not rely on any results provided in the App when making decisions about your health condition or treatment. For all health matters or treatment changes, always consult a physician or qualified healthcare professional. In urgent or critical situations, call emergency medical services.

1.56 Recipients and processors

1.57 We do not sell or otherwise distribute your personal data to third parties for commercial purposes. We use solutions from trusted service providers to deliver the Service. These providers act on our instructions and on our behalf as necessary for the relevant function, under their standard data processing terms (DPA) that apply upon onboarding. Below we describe the main providers and link to their legal documents:

Platform.sh (infrastructure, servers). Purpose: our App’s back-end and databases are hosted on Platform.sh infrastructure; we select EU regions so that personal data are stored in the EU/EEA (privacy policy https://platform.sh/trust-center/privacy/privacy-policy-summary/); (data processing agreement (DPA) https://platform.sh/trust-center/privacy/dpa/);
Clerk (intermediary for “Sign in with Apple/Google” authentication). We use Clerk only as a third-party authentication intermediary for Apple and Google sign-ins. This means that, at registration/login, Clerk processes user authentication data (e.g., email, login times, social sign-in identifiers) necessary to confirm your account and manage sessions. Importantly, Clerk does not receive any medical, chat (AI), or symptom data – such data are neither transmitted via nor processed by Clerk (Privacy Policy: https://clerk.com/legal/privacy; DPA – https://clerk.com/legal/dpa);
OpenAI – automated content formulation (e.g., generating recommendations/chats). Inputs sent to the API are pseudonymized where possible; per provider policy, API content is not used to train models without a separate opt-in; logs may be retained for up to 30 days for abuse prevention. Policies/DPA: https://openai.com/policies (including API data use);
Sentry – error tracking and performance monitoring. Configured so that identifying data do not enter logs; technical metadata are transmitted. Privacy policy: https://sentry.io/privacy/; DPA: https://sentry.io/legal/dpa/;
PostHog – product analytics (Cloud EU – Frankfurt). Privacy policy: https://posthog.com/privacy; DPA: https://posthog.com/dpa; GDPR guidance: https://posthog.com/docs/privacy/gdpr-compliance. We provide an in-App opt-out – if you opt out, the SDK is disabled;
Better Stack (Better Uptime, Logtail) – availability/log monitoring in the EU region. Privacy policy: https://betterstack.com/privacy; DPA: https://betterstack.com/dpa; Security: https://betterstack.com/security.

1.58 Where personal data are transferred to third countries (outside the EEA), we ensure appropriate safeguards under GDPR Chapter V. These may include: additional technical and organizational measures where necessary – e.g., encryption, pseudonymization, data minimization before transfer to a foreign provider – to reduce risk.

1.59 Retention period (data retention and deletion)

1.60 We retain your personal data no longer than necessary for the purposes for which they were collected, or for as long as required by law. Specific retention periods:

Active accounts: While you have an active account and use the Service, your data will be retained in our system. This is needed so that you can use the Service continuously (e.g., to see your previously entered data, history, etc.);
Deletion of an account at the user’s request: You have the right to delete your account at any time. You can do this in the App settings or by submitting a request to us. Upon receipt of your confirmed account deletion request, we will delete or anonymize all personal data associated with your account within 30 days (unless an exception below applies) – i.e., within 30 days of account deletion all your data will be removed from active systems. This period is needed to ensure smooth removal and (where applicable) deletion of backup copies;
Legal obligations and disputes: In some cases, we may need to retain certain data for a longer period even if you delete your account, if necessary to fulfill legal obligations or protect our legitimate interests. For example, financial transaction records (if there were direct payments) may be retained as required by accounting or tax laws. We may also retain certain basic information where needed to assert, exercise, or defend legal claims (e.g., if we have unresolved disputes with you, we may retain necessary data until the dispute ends). Even then, the principle of limitation applies – data will be retained solely for that purpose and, once the need ends, they will be promptly deleted or anonymized;
Backups: Our systems periodically create backup copies for disaster recovery. Backups are retained for a short period and are set to be overwritten (rotated). Thus, even after account deletion, your data may remain in encrypted backups for up to 30 days until overwritten by newer copies. Strict access controls apply to such backups, and they are used only for emergency restoration.

1.61 After the retention period ends, we securely delete, anonymize, or aggregate your data. Anonymization means removing all information that identifies you, so the remaining anonymous data are no longer personal data and may be used for statistics, research, or service improvement.

1.62 If you wish to know specifically whether certain data of yours are still retained, or you want them deleted earlier than the standard period, please contact us – we will assess your request in line with your rights discussed below.

1.63 Security

1.64 We have implemented appropriate technical and organizational measures to protect your personal data. These include:

Access control: data access is granted only to authorized persons on a “need-to-know” basis, i.e., only to those employees or service providers who require it to perform their task. All our staff/team members are bound by confidentiality obligations and are trained on data protection;
Encryption: we use encryption protocols (HTTPS/TLS) to protect sensitive data transmitted between your device and our servers from interception. Certain particularly sensitive data (e.g., passwords) are stored only in encrypted (hashed) form;
Firewalls and monitoring: our servers are protected; we continuously monitor systems for signs of intrusion or unusual activity. We employ protection against DDoS attacks and malicious requests;
Backups and recovery: as noted, we regularly create encrypted backups so that data are protected in case of failures. We also periodically test data restoration procedures to ensure we can restore data if lost;
Logging: we log system events (logs) of data access, especially administrative. This allows us to trace who may have accessed personal data and when, and to detect unusual activity;
Least privilege principle: we enforce strict permission levels in systems and services – both for our staff and for used services we grant only such access as is necessary for their function (e.g., providers do not have access to data they do not need).

1.65 In the event of a personal data breach likely to result in a high risk to your rights or freedoms (e.g., a data leak from our systems), we will comply with GDPR requirements – notify the supervisory authority within 72 hours of becoming aware, and where the breach may pose a high risk to you – we will also notify you without undue delay (via the App, email, or other direct means) so that you can take appropriate steps.

1.66 Your rights

1.67 The GDPR and other data protection laws grant you certain rights regarding your personal data. We respect these rights and ensure you can exercise them.

1.68 To exercise any GDPR rights, you may contact us indicating which right and which data you wish to exercise it for. We recommend writing by email to support@intidorhealthgroup.com (or privacy@intidorhealthgroup.com), stating your account identifiers and the essence of your request. We may ask you to confirm your identity (to protect your data from unlawful disclosure – e.g., we may request that the query be sent from the same email linked to your Intidor account, or ask for certain information to identify the account).

1.69 We endeavor to respond to your GDPR requests no later than one month from receipt. In exceptional cases, if the request is very complex or we have received many requests, this period may be extended by up to two months – in such a case, within the first month we will inform you about the extension and the reasons.

1.70 Individuals

1.71 The Service is not intended for children and persons under 16 years of age. We do not knowingly collect or process children’s (i.e., persons under 16) personal data without appropriate parental or guardian consent. If you are under 16, you should not use this App and should not provide us with any of your personal data.
Note: In certain jurisdictions the age threshold for children may differ; we comply with applicable requirements. For example, if a different child age threshold applies in your residence for consent, we will apply that threshold.

1.72 If we learn that we have received a child’s personal data without a proper basis, we will take steps to remove such data. Parents or guardians who observe that a child may have used our Service and submitted data are encouraged to contact us – we will promptly delete the relevant information.

1.73 Cookies and other tracking technologies

1.74 Our mobile App and related website may use cookies, software development kits (SDKs), and similar technologies to ensure the Service operates and to improve your experience. Key aspects:

Strictly necessary cookies/technologies: elements essential for the Service to function. For example, authentication mechanisms to maintain your session, settings necessary for App operation, etc. Without these technologies the Service could not function properly; therefore they are used under the legitimate interest to provide the service (or contract performance where necessary);
Analytics and performance cookies/SDKs: with your consent we may use additional analytics libraries (e.g., the PostHog SDK mentioned) to understand App usage. These tools may collect certain information about your device and App use (e.g., which screens you opened, how long you spent). This helps improve the product. We use such technologies only after obtaining your express consent (e.g., on first launch we may ask “Do you agree to share anonymous usage data?”). If you do not consent or withdraw consent – these analytics tools will not be active;
Messaging and user-experience SDKs: sometimes we integrate third-party components to improve user experience – e.g., services allowing us to send you push notifications about important updates, or error-reporting services (Sentry). These components may use cookies or identifiers to function. We ensure that such data are processed according to our instructions and solely for the relevant purpose.

1.75 You have control over most non-essential cookies/SDKs. For websites – we display a cookie consent banner where you can choose which cookies/trackers you consent to. For the mobile App – there may be a “Privacy settings” section in the App settings or consent dialogs when first using a feature. In addition, you can always manage certain tracking preferences at the device level: both iOS and Android allow you to restrict certain tracking (e.g., disable advertising identifiers, limit background data collection by apps, etc.).

1.76 We commit to transparency about tracking used in the App – we will inform you in advance about their use and obtain consent where required by law (e.g., analytics or marketing trackers). We will also ensure that the privacy information published for the App in the Apple App Store and Google Play matches actual data practices so you can see a clear summary.

1.77 Changes to this policy

1.78 From time to time we may update this Privacy Policy. Reasons may include legal changes, the introduction of new Service features, or changes in our data processing practices.

1.79 If we make material changes (e.g., begin processing data for new purposes requiring consent), we will clearly notify you. The notice may be provided in the App (a pop-up or notice), on the website, or – in certain cases – by email (if we have your email address). The notice will state the effective date of the new policy and, if necessary, we will seek your consent where required by law.

1.80 The effective date is always indicated at the top of this Privacy Policy so that you can see when it was last changed. We recommend reviewing this policy periodically to stay informed about how we protect your data.

1.81 How to contact us

1.82 If you have questions, requests, or comments related to this Privacy Policy or your personal data, please contact us.

By email: support@intidor.com (general issues) or privacy@intidor.com (data protection matters).

1.83 If you have complaints about how we process your data and you believe our response is unsatisfactory, in addition to the right to contact the supervisory authority, you may also use consumer protection remedies. For example, for disputes related to personal data you can apply directly to a court in your place of residence or to the court at our registered office. We always welcome the opportunity to resolve issues amicably, so please communicate with us directly.

1.84 Compliance with law and compliance statement

1.85 The Intidor MEN App and our activities comply with all applicable European Union legislation relating to personal data protection and the provision of digital services. We fulfill our obligations under the GDPR (Regulation (EU) 2016/679), including protection of special categories of data (health), and we also follow EU consumer rights directives (Directive 2011/83/EU on consumer rights, Directive 2005/29/EC on unfair commercial practices, etc.).

1.86 By this document we confirm that we have implemented appropriate procedures and measures to ensure compliance with the above legislation. We periodically review and, where necessary, update our data protection practices, cooperate with supervisory authorities, and take steps to ensure that your data and rights are fully protected.

1.87 International data transfers. Since some third parties mentioned above are outside the European Economic Area (EEA) (e.g., OpenAI and Clerk are US-based), we ensure that any transfer of your personal data to a third country complies with GDPR Chapter V. This means that data are transferred only where appropriate safeguards apply: either the recipient is in a country recognized by the European Commission as providing an adequate level of protection, or standard contractual clauses are concluded, or the recipient is certified under the EU-US Data Privacy Framework, where applicable. Our goal is to protect your data regardless of where they are processed; therefore we apply equally strict standards both inside and outside the EU.