Back to home

Coly – Privacy Policy

Professional Health-Tech Privacy Policy

Effective Date: May 8, 2026 Last Updated: May 8, 2026

This Privacy Policy describes how Coly ("Coly", "we", "our", or "us") collects, uses, stores, processes, protects, and discloses personal information when users access or use the Coly mobile application, website, and related services.

Coly is a personal wellness and symptom tracking platform focused on inflammatory bowel diseases (IBD), including Crohn's disease and ulcerative colitis.

By accessing or using Coly, users acknowledge and agree to the practices described in this Privacy Policy.

1. Data Controller

Controller: Hillel Primack Country: Belgium Website: https://colyapp.com/ Email: support@colyapp.com

2. Definitions

For purposes of this Privacy Policy:

  • "App" refers to the Coly mobile application.
  • "Personal Data" means information relating to an identified or identifiable person.
  • "Sensitive Health Data" refers to health-related information voluntarily submitted by users.
  • "Processing" means collection, storage, use, disclosure, deletion, or other handling of information.
  • "User" means any individual using Coly.
  • "GDPR" refers to the General Data Protection Regulation (EU) 2016/679.

3. Categories of Information We Collect

3.1 Account Information

We may collect:

  • Name
  • Email address
  • Encrypted password credentials

3.2 Health & Wellness Information

Users may voluntarily provide:

  • Symptom tracking information
  • Stool and bowel movement tracking
  • Medication tracking
  • Food diary information
  • Wellness notes
  • Health-related routines
  • Reminder preferences
  • AI-generated insight history

3.3 Personal Information

We may collect:

  • Age
  • Height
  • Weight

3.4 Technical Information

We may automatically collect:

  • Device type
  • Device operating system
  • Application version
  • Crash diagnostics
  • Error reports
  • Technical logs

4. Special Category Health Data

Certain information processed by Coly may qualify as special category health-related data under GDPR and other privacy laws.

Users explicitly consent to the processing of voluntarily submitted health-related information for wellness tracking purposes.

Coly processes health-related data solely for:

  • User-requested tracking
  • Personal analytics
  • Wellness monitoring
  • AI-powered informational summaries
  • Historical symptom analysis
  • App functionality requested by the user

Coly does not:

  • Sell health data
  • Use health data for advertising
  • Share health information with advertisers
  • Share health data with data brokers
  • Use health data for unrelated profiling

5. Legal Bases for Processing (GDPR)

Depending on the circumstances, we process information under one or more lawful bases, including:

5.1 Consent

Users voluntarily provide health-related data and consent to its processing.

5.2 Performance of Services

Processing may be necessary to provide app functionality requested by users.

5.3 Legitimate Interests

We may process limited technical information to:

  • Maintain app security
  • Improve platform stability
  • Detect abuse or fraud
  • Resolve technical issues

5.4 Legal Obligations

Certain processing may occur where required by law.

6. How We Use Information

We may use collected information to:

  • Provide app functionality
  • Enable symptom and wellness tracking
  • Generate user-requested analytics
  • Provide AI-generated insights
  • Improve app performance
  • Respond to support requests
  • Monitor stability and security
  • Detect abuse or unauthorized activity
  • Comply with legal obligations

7. AI Features & Automated Insights

Coly may provide AI-generated suggestions, summaries, informational wellness insights, or automated observations.

These outputs:

  • Are informational only
  • May contain inaccuracies
  • Are not guaranteed to be complete or medically correct
  • Should not replace professional medical advice

Users remain solely responsible for healthcare decisions.

8. Medical Disclaimer

Coly is not a medical device.

Coly does not provide:

  • Medical diagnosis
  • Clinical treatment
  • Emergency assistance
  • Professional medical advice

The app is intended solely for personal wellness tracking and informational purposes.

Users should always consult qualified healthcare professionals regarding medical concerns.

9. Data Sharing & Disclosure

We do not sell personal information.

We may disclose limited information:

  • To infrastructure providers necessary for app functionality
  • When legally required
  • To protect security or legal rights
  • During business transfers or restructuring

Third-party providers are contractually expected to process information only for authorized purposes.

10. Third-Party Infrastructure Providers

Coly currently uses:

  • MongoDB

Third-party providers may process limited information required for hosting and infrastructure services.

Additional providers may be introduced in the future, including:

  • Authentication providers
  • Analytics providers
  • Payment processors
  • Push notification providers

If services materially change, this Privacy Policy may be updated.

11. Data Retention

We retain information only for as long as reasonably necessary to:

  • Provide services
  • Maintain security
  • Comply with legal obligations
  • Resolve disputes
  • Enforce agreements

Deleted information may temporarily remain in backups before permanent deletion.

12. Account Deletion & Data Removal

Users may delete their account directly within the app.

Following deletion:

  • Personal information may be removed
  • Health-related tracking information may be deleted
  • Associated user records may be permanently erased within a reasonable timeframe unless retention is legally required

Users may also request deletion assistance via:

support@colyapp.com

13. International Transfers

Coly is available worldwide.

Information may be processed or stored outside a user's country of residence.

Where applicable, we implement reasonable safeguards intended to comply with applicable privacy laws.

14. Security Measures

We implement commercially reasonable technical and organizational safeguards designed to protect information.

Security measures may include:

  • Access controls
  • Infrastructure protections
  • Authentication safeguards
  • Database security controls
  • Technical monitoring
  • Encrypted communications where applicable

No system can guarantee absolute security.

Users acknowledge risks associated with internet-based services.

15. User Rights (GDPR)

Users located in the European Economic Area may have rights including:

  • Right of access
  • Right to correction
  • Right to deletion
  • Right to portability
  • Right to object
  • Right to restrict processing
  • Right to withdraw consent
  • Right to lodge complaints with supervisory authorities

Requests may be submitted to:

support@colyapp.com

16. Children's Privacy

Coly is not specifically directed toward children under the minimum legal digital consent age applicable in their jurisdiction.

If we become aware that information has been collected without required consent, we may remove such information.

17. Data Breach Response

In the event of a security incident affecting personal information, we may take actions required under applicable laws, including:

  • Investigating incidents
  • Securing systems
  • Notifying affected users where legally required
  • Cooperating with authorities where appropriate

18. Changes to This Privacy Policy

We may modify this Privacy Policy periodically.

Updated versions become effective when published.

Continued use of Coly after updates constitutes acceptance of revised terms.

19. Contact Information

For privacy-related questions:

support@colyapp.com