top of page

PRIVACY POLICY

  • Last Updated: June 9th, 2026

    Nabuz Systems AB ("Nabuz", "we", "us", or "our") respects your privacy and is committed to protecting your personal data.

    This Privacy Policy ("Privacy Policy") explains how we collect, use, store, share, and protect your personal data when you use the Nabuz mobile application, website, AI-powered features, premium services, and related products and services (collectively, the "Service").

    We process personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 ("GDPR").

    The Service is intended for individuals who are at least 18 years old. By creating an account, you represent and warrant that you meet this age requirement. If we become aware that an account belongs to a person under the age of 18, we reserve the right to suspend or delete that account.

  • The data controller responsible for the processing of personal data under this Privacy Policy is:

    Nabuz Systems AB
    Company Registration Number: 559306-7159
    Skolvägen 3, Dalarna, Sweden
    Email: info@nabuzsystems.com

  • We may collect the following categories of personal data:

    Account Information

    When you create an account, we may collect:

    • name

    • email address

    • password (stored in encrypted or hashed form)

    • profile information you choose to provide

    Fitness, Nutrition, and Health-Related Information

    If you use fitness, nutrition, or health-tracking features, we may process information such as:

    • workout sessions

    • workout history

    • exercises

    • training programs

    • body measurements

    • weight

    • nutrition logs

    • meals

    • recipes

    • goals and progress

    • other information you choose to record

    Some of this information may constitute special category personal data under GDPR because it may reveal information about your health.

    Communications and AI Features

    We may process:

    • customer support communications

    • feedback

    • questions submitted to AI-powered features

    • content generated through AI interactions

    User-Generated Content

    We may process content that you create, upload, or share through the Service, including:

    • workout programs

    • recipes

    • comments

    • profiles

    • achievements

    • images

    • other content you choose to share

    Technical Information and Usage Data

    We may automatically collect:

    • IP address

    • device information

    • operating system information

    • application version

    • language preferences

    • session information

    • usage statistics

    • crash reports and diagnostic data

  • We process personal data for the following purposes:

    Providing the Service

    To create and manage user accounts, provide functionality, administer subscriptions, and fulfill our contractual obligations.

    Legal Basis: Performance of a contract.

    Fitness, Nutrition, and Health Features

    To enable the collection, storage, and display of fitness, nutrition, and health-related information.

    Legal Basis: Explicit consent.

    When you choose to use features involving health-related data, we may request your explicit consent for such processing.

    You may withdraw your consent at any time.

    AI-Powered Features

    To generate workout plans, recipes, recommendations, analyses, and other content based on information provided by the user.

    Legal Basis: Performance of a contract and, where applicable, legitimate interests.

    Product Development and Improvement

    To analyze usage, develop new features, improve user experience, prevent misuse, and ensure technical functionality.

    Legal Basis: Legitimate interests.

    Communications

    To communicate with users regarding accounts, support requests, security notices, product updates, and other relevant information.

    Legal Basis: Performance of a contract and legitimate interests.

    Marketing

    We may use email, push notifications, SMS, or similar communication channels to provide information about the Service, updates, promotions, offers, and related content.

    Legal Basis: Consent or legitimate interests, depending on the circumstances and applicable law.

    You may opt out of marketing communications at any time.

  • Data Retention

    We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy, comply with legal obligations, or establish, exercise, or defend legal claims.

    Account information is generally retained for as long as the account remains active.

    Workout data, nutrition information, and other user-generated content are retained until you delete the information, delete your account, or request deletion, unless retention is required by law.

    Communications with customer support and AI-powered features may be retained for a limited period for troubleshooting, security, quality improvement, and service development purposes.

    Anonymized or aggregated information that can no longer be linked to an identifiable individual may be retained for longer periods.

  • Sharing of Personal Data

    We never sell your personal data.

    We may share personal data with trusted service providers that perform services on our behalf, including:

    • cloud and infrastructure providers

    • database hosting and management providers

    • analytics and reporting providers

    • subscription and payment processing providers

    • security and monitoring providers

    • customer support providers

    • communication service providers

    • artificial intelligence and machine learning providers

    Such providers may process personal data only on our behalf, under our instructions, and in accordance with applicable data protection laws.

    AI Providers

    When you use AI-powered features, information you choose to submit may be processed by external AI providers for the purpose of generating responses, recommendations, analyses, or other content.

    Nabuz applies data minimization principles and limits shared information to what is reasonably necessary to provide the functionality.

    Gyms, Employers, and Other Organizations

    If your account is provided through a gym, employer, educational institution, or another organization, Nabuz may provide certain administrative information, reporting, or statistics to the organization where necessary to administer the service or fulfill contractual obligations.

    Sensitive personal data, workout logs, nutrition information, and private AI conversations will not be shared without a lawful basis or your consent.

  • Nabuz may provide features that allow users to share workouts, training programs, recipes, profiles, achievements, comments, or other content with other users, groups, gyms, employers, or organizations.

    Such information will only be shared to the extent that the user chooses to make it available through the Service.

    Users are solely responsible for content they choose to publish or share.

  • We seek to process personal data within the European Union (EU) and European Economic Area (EEA).

    However, some service providers may be located outside the EU/EEA or use infrastructure outside these regions.

    Where personal data is transferred outside the EU/EEA, we implement appropriate safeguards, including:

    • Standard Contractual Clauses (SCCs) approved by the European Commission

    • adequacy decisions issued by competent authorities

    • other legally recognized transfer mechanisms

  • Subject to applicable law, you have the right to:

    • access your personal data;

    • request correction of inaccurate data;

    • request deletion of personal data;

    • request restriction of processing;

    • object to certain processing activities;

    • withdraw consent;

    • request data portability;

    • not be subject to solely automated decisions with legal or similarly significant effects, where applicable.

    To exercise your rights, please contact us at:

    info@nabuzsystems.com

  • You may delete your account at any time using the functionality provided within the Service.

    Upon deletion, personal data will be deleted or anonymized without undue delay, except where retention is required by law or necessary to establish, exercise, or defend legal claims.

  • Nabuz and related websites may use cookies, SDKs, pixels, and similar technologies to:

    • provide functionality;

    • analyze usage;

    • measure performance;

    • improve user experience;

    • develop and improve the Service;

    • personalize content and communications.

    Additional information may be provided in a separate Cookie Policy where applicable.

  • We implement appropriate technical and organizational measures designed to protect personal data against unauthorized access, loss, alteration, misuse, or destruction.

    Such measures may include:

    • encryption during transmission;

    • access controls;

    • logging and monitoring;

    • security reviews;

    • data minimization practices;

    • ongoing security assessments.

    Despite our efforts, no method of transmission or storage can be guaranteed to be completely secure.

  • Nabuz may use artificial intelligence, automated decision-support systems, and related technologies to generate workout plans, nutrition suggestions, recipes, recommendations, analyses, and other content.

    AI-generated content is automatically produced and provided solely for informational purposes.

    Such content does not constitute medical advice, diagnosis, treatment, healthcare services, or professional advice of any kind.

    Users are solely responsible for evaluating whether any recommendations are appropriate for their individual circumstances.

  • We may update this Privacy Policy from time to time.

    Where material changes are made, users will be notified through the Service, by email, or through other reasonable means before such changes become effective.

  • Complaints to a Supervisory Authority

    If you believe that our processing of personal data violates applicable data protection laws, you have the right to lodge a complaint with a competent supervisory authority.

    In Sweden, the competent supervisory authority is:

    Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten – IMY)

    For more information, please visit:

    www.imy.se

bottom of page