Privacy policy

Privacy Policy

Effective Date: 01 September 2025

1. Who We Are

Lina, Inc. (“Lina,” “we,” “us,” or “our”) is a Delaware-registered company headquartered in Middletown, Delaware, USA.
We build digital tools to help users track GLP-1/GIP medication routines and related habits.
Contact: hello@findlina.com

2. Information We Collect

Information you provide

• Account details (name, email, password)

• Check-in data (dose days, side effects, weight, mood, nutrition logs)

• Optional feedback or survey responses

• Payment information (handled securely by third-party processors such as Stripe)
  
  

Information we collect automatically

• Device and browser details

• Usage and analytics data

• Cookies or similar technologies for authentication and performance analytics

We do not collect government IDs or store full payment card data.

3. How We Use Your Information

• To operate and improve the app

• To send reminders, summaries, and product updates

• To analyze anonymized usage trends

• To respond to support requests

• To comply with legal requirements

We do not sell personal data.

4. Legal Bases (for GDPR/UK users)

• Contract: to deliver the service you requested

• Consent: for optional features or communications

• Legitimate interest: for product analytics and fraud prevention

5. Data Sharing and Storage

If you were onboarded through a telehealth or clinic provider

If your Lina account was created or linked by your licensed telehealth or clinic provider as part of your GLP-1 treatment program, your provider may view your logged data solely to monitor adherence, titration, and treatment-related issues.

Your information is shared only with that specific provider team and used for clinical management of your prescribed therapy.

If you onboarded independently (via our website or app store)

Your data is never shared with any third party. It is stored only on Lina’s secure cloud infrastructure (Supabase on AWS) with encryption in transit and at rest.

We maintain multiple technical and organizational safeguards, including regular external security and penetration testing by telehealth-grade vendors.

All vendors act as data processors under binding contracts that require confidentiality and security standards consistent with GDPR, CCPA, and industry best practice.

No identifiable data is shared with advertisers or sold for marketing purposes.

6. Your Rights

You may request access, correction, deletion, or export of your data at any time by emailing hello@findlina.com. We respond within 15 days.

7. Data Retention

We retain personal data while your account is active. Upon deletion, we erase or anonymize data within 30 days, except where law requires longer retention.

8. Security

All connections use TLS encryption. Data is encrypted at rest and stored on ISO 27001 and SOC 2 certified infrastructure. Access is restricted and logged. Despite our measures, no system is completely secure; use a strong password and protect your device.

9. Children’s Privacy

Lina is not intended for users under 18. We delete any such accounts when identified.

10. International Transfers

By using Lina, you consent to transfer of your data to the United States for processing under comparable protections.

11. Changes to This Policy

We may update this Privacy Policy periodically. Any updates will appear on this page with a new effective date. Continued use of the Service after changes means you accept the revised policy.