Biyo App Privacy Policy

Last updated: June 1, 2026

This App Privacy Policy applies to the Biyo mobile application and related services made available through the Apple App Store and Google Play Store (the "App"). It explains how Biyo collects, uses, shares, stores, and protects personal information when individuals download, access, or use the App.

Biyo is the data controller for the personal information described in this App Privacy Policy. For questions about this policy or privacy requests, contact support@biyo.com or write to Biyo, 197 Kensington High Street, London, ENG, W8 6BA, GB.

Apple requires apps to include a privacy policy in App Store Connect and within the app, and that policy must clearly identify what data the app collects, how it collects the data, and all uses of that data. Google Play requires a privacy policy to comprehensively disclose how an app collects, uses, and shares user data, including personal and sensitive user data such as health data, together with any relevant in-app disclosures.

Scope

This App Privacy Policy applies only to the Biyo App and related mobile services. It is intended to function as a standalone app privacy policy for app store review, app listing disclosure, and publication on the Biyo website.

If a separate website or store privacy policy applies to ecommerce, Shopify storefront activity, or other Biyo web services, that separate policy governs those services unless expressly stated otherwise.

Data collected by the App

The App may collect or process the following categories of personal information, depending on how the App is used.

Account and contact information

The App may collect account details such as name, email address, login credentials, preferences, and account settings where these are required to create or manage an account.

Health and fitness data

The App collects health and wellness data that the user chooses to provide through use of the App and compatible devices. This includes weight and bioimpedance-based body composition measurements, such as weight, body fat percentage, muscle mass, body water, bone mass, BMI, basal metabolic rate, and related body composition outputs generated from a connected Biyo device or measurement workflow. Google Play requires apps handling health data to transparently explain the access and collection of that data and how it is used.

If the App integrates with Android health features or platform permissions, the App may also access data made available through Health Connect or Android health-related permissions when the user grants permission. Google Play provides separate guidance for Android health permissions and expects disclosure of the relevant health data access and usage.

Device, diagnostics, and usage data

The App may collect device information and technical diagnostics, including device model, operating system, app version, IP address, unique app instance identifiers, crash logs, performance data, and usage events. Apple requires disclosure of all app data collected unless it falls within Apple’s limited optional disclosure exceptions.

Connectivity and permission-related data

The App may access Bluetooth, nearby device, sensor, or related permission-based information where required to connect with supported hardware, capture measurements, or enable app features. Google Play requires prominent disclosure and transparency around access, collection, handling, and sharing of user data.

How data is collected

The App collects data in the following ways:

  • Directly from the user, for example when the user creates an account, enters profile details, records a measurement, contacts support, or changes settings.
  • From connected devices and sensors, for example when a Biyo device transmits weight or body composition readings to the App.
  • Automatically from the App and device, for example through app analytics, crash reporting, diagnostics, log files, and technical monitoring tools.
  • From platform integrations, for example where the user grants access to Health Connect, Apple health-related frameworks, or similar operating-system features.

Apple’s App Review Guidelines require apps that collect user or usage data, including health-related data, to provide a clear privacy policy and obtain appropriate consent. Google Play’s User Data policy similarly requires clear disclosure of collection and handling practices.

How the App uses personal information

The App uses personal information for the following purposes:

Core app functionality

  • To pair with compatible hardware and receive measurement data.
  • To display weight and body composition readings in the App.
  • To generate trends, history, insights, and related wellness features.
  • To maintain user accounts, preferences, and app settings.

App performance and support

  • To monitor crashes, errors, and performance problems.
  • To troubleshoot bugs and support requests.
  • To improve reliability, usability, and feature quality.

Security and compliance

  • To secure the App, detect abuse, fraud, misuse, or unauthorized access.
  • To comply with legal obligations, enforce terms, and respond to lawful requests.

Limited analytics

The App may use analytics and diagnostics data to understand app stability, feature usage, and performance. Where possible, diagnostics and analytics are used in aggregated or de-identified form.

How health data is used

Health and body composition data is used only for the App’s health and wellness features and related user-requested functionality. This includes showing measurements, trends, progress tracking, syncing readings across devices linked to the user’s account, and supporting connected-device functionality.

Health data is not sold. Health data is not used for third-party advertising, credit decisions, insurance eligibility, employment decisions, or any unrelated profiling purposes. Google Play’s health and user data rules require developers to limit use of sensitive data to policy-compliant purposes that are disclosed to users.

When data is shared

Biyo does not sell personal information or health data.

The App may share personal information only in the following limited circumstances:

  • With service providers that host infrastructure, support app operation, process support tickets, provide analytics, or provide crash reporting on Biyo’s behalf.
  • With platform or integration partners when the user chooses to connect an external service or device and sharing is necessary to provide that integration.
  • With legal or regulatory authorities where required by law, legal process, or to protect rights, safety, or security.
  • In connection with a merger, acquisition, financing, or business transfer, subject to applicable confidentiality and legal protections.

Google Play requires privacy policies to disclose the types of third parties with whom user data is shared. Apple also requires disclosure of third-party data practices where app data is collected or shared through third-party SDKs or services.

Permissions and in-app disclosures

The App may request access to permissions such as Bluetooth, sensors, health-related permissions, notifications, camera, or nearby device permissions where needed for specific features.

Before accessing sensitive or permission-protected data, the App should provide a clear in-app explanation of what data is accessed, why it is needed, and how it is used. Google Play’s User Data policy requires prominent disclosure and, where applicable, consent for collection or use of sensitive user data. Apple’s review guidelines likewise require clear disclosure of data collection and use.

Users can manage many app permissions through their device settings. Revoking permissions may disable some App features.

Data retention

Personal information is retained only for as long as necessary to provide the App, maintain the user’s account, support connected-device functionality, comply with legal obligations, resolve disputes, and enforce agreements.

Crash logs, diagnostics, and analytics data may be retained for shorter operational periods where feasible. Health and body composition data linked to an account may be retained until the account is deleted or until deletion is requested, subject to legal, security, fraud-prevention, or recordkeeping requirements.

Apple expects privacy policies to explain data retention and deletion practices in a clear and accessible way. Google Play’s data safety and user data framework also expects developers to explain deletion-related practices and provide accurate disclosures.

Data deletion and user choices

Users may have the right, depending on applicable law, to:

  • Request access to personal information.
  • Request correction of inaccurate information.
  • Request deletion of account data and associated personal information.
  • Withdraw consent where processing relies on consent.
  • Object to or restrict certain processing.
  • Opt out of promotional communications.

Requests may be submitted to support@biyo.com. Identity verification may be required before completing a request.

Google Play requires developers to provide accurate information about account and data deletion practices in the Data Safety section and related disclosures. Apple also expects privacy policies to explain how a user can revoke consent or request deletion of data.

International transfers

Personal information may be stored or processed in countries outside the user’s country of residence.

Where required by applicable law, Biyo will use appropriate safeguards for international transfers, such as contractual protections or other recognized legal transfer mechanisms.

Security

Biyo uses technical and organizational measures designed to protect personal information, including health data, against unauthorized access, loss, misuse, alteration, or disclosure.

These measures may include encryption in transit, access controls, authentication controls, role-based access restrictions, and monitoring of systems and services. Google Play requires secure handling and transmission of personal and sensitive user data.

No method of transmission over the internet or method of electronic storage is completely secure, so absolute security cannot be guaranteed.

Children

The App is not intended for children and is not directed to children. Biyo does not knowingly collect personal information from children where prohibited by applicable law.

If a parent or guardian believes that a child has provided personal information through the App, they should contact support@biyo.com to request review and deletion where appropriate.

This app is intended solely for users aged 18 years and over and is not designed for, or capable of being properly used by, children or minors.

Changes to this App Privacy Policy

This App Privacy Policy may be updated from time to time to reflect changes in the App, legal requirements, or privacy practices. When updates are made, the revised version will be posted on the Biyo website with an updated effective date.

Where required by law or app platform rules, additional notice will be provided.

Contact

Questions, privacy requests, or complaints may be sent to:

Biyo
support@biyo.com
United Kingdom