Privacy Policy
Effective date: 1 April 2026
Awra (“we”, “us”, “our”) is a personal health intelligence application operated by Roman Leinwather, OSVČ, Praha, Czech Republic. This Privacy Policy explains what data we collect, where it is stored, how it is used, and what rights you have.
1. What data we collect
| Data | Storage | Purpose |
|---|---|---|
| Health data (nutrition, sleep, hydration, activity, habits) | Your device only (SQLite) | Core app functionality |
| User ID | Our server | Authentication |
| Session token | Our server | Access control |
| Anonymous 7-day health snapshot | AI engine (transient) | AI narrative generation |
| Payment data | App Store / Google Play | Managed by platform, not Awra |
We do not collect or store your health history on our servers. Your health data lives on your device.
2. AI processing
To generate your daily health narrative, Awra sends an anonymised 7-day snapshot of your health data to an AI language model (OpenAI). This snapshot does not include your name, email address, or any direct identifier. OpenAI processes this data under its API data handling policy and does not retain input data for training. Data sent to OpenAI may be transferred to and processed in the United States.
3. Legal basis for processing (GDPR)
We process your data under the following legal bases:
- Contract performance — processing your account data (user ID, session) is necessary to provide the service you signed up for.
- Legitimate interests — sending anonymised health snapshots for narrative generation is necessary for the core product functionality and is proportionate to the privacy impact given the anonymisation applied.
- Consent — where we ask for your consent (e.g. notifications), you may withdraw it at any time.
4. Data retention
| Data | Retention |
|---|---|
| Health data | Stored on your device; deleted when you delete the app or your account |
| User ID and session | Deleted within 30 days of account deletion request |
| AI snapshot (OpenAI) | Not retained after processing (per OpenAI API policy) |
5. Your rights (GDPR Articles 15–22)
If you are in the European Economic Area, you have the right to:
- Access — request a copy of your data
- Erasure — delete your account and all associated data
- Restriction — pause AI processing of your health data
- Data portability — export your health data in a readable format
- Object — object to processing based on legitimate interests
To exercise any of these rights, contact us at support@awra.info. We will respond within 30 days.
6. Third-party transfers
We share anonymised health data with OpenAI (USA) for AI processing. No other health data is shared with third parties. We do not sell your data.
7. Data controller
Roman Leinwather Praha, Czech Republic support@awra.info
8. Cookies
The Awra app and website do not use tracking cookies or third-party advertising cookies. We do not run ad networks on this site.
9. Children
Awra is not intended for users under 18. We do not knowingly collect data from minors. If you believe a minor has provided us data, contact us at support@awra.info and we will delete it.
10. Changes to this policy
We will post updates here with a revised effective date. Continued use of Awra after changes constitutes acceptance of the updated policy.
11. Complaints
If you believe we have handled your data unlawfully, you have the right to lodge a complaint with the Czech supervisory authority, the Office for Personal Data Protection (ÚOOÚ): www.uoou.cz.
This is not medical advice. Awra is a wellness tool, not a medical device.