Vita Legal Back to app

Privacy Policy — Vita

Effective date: April 15, 2026 Last updated: May 20, 2026

1. Introduction

DREAMBIG AI INFOLABS PRIVATE LIMITED ("we," "us," or "our") operates Vita (the "Service"), a digital metabolic health programme platform designed to support clinician-supervised GLP-1 and related metabolic health therapies, care-team messaging, treatment adherence workflows, and optional integration with device health data where you grant permission.

This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use the Service. By using the Service, you agree to this Privacy Policy. If you do not agree, do not use the Service.

Contact: <thevitalifeco@gmail.com>
Postal address: 66 2nd floor 4th T Block, 27th Cross Road KV Layout, Jayanagar III Block, Bangalore South, Bangalore- 560011, Karnataka

2. Information we collect

2.1 Information you provide

2.2 Information collected automatically

2.3 Health and wellness information

Where you connect Google Fit, Health Connect (Android), or similar integrations and grant permission, we may process health and wellness metrics you choose to sync (for example, activity, metabolic markers, sleep, or nutrition-related data supported by the integration) to support your metabolic health programme and treatment-tracking experience in Vita. You can revoke permissions in your device or account settings.

Health data processed through the Service — including any data relating to GLP-1 therapy, metabolic markers, laboratory results, or clinical assessments — is treated as sensitive personal health data and afforded heightened protection. We do not sell, license, or use such data for advertising targeting or profiling.

2.4 Sign-in with Google (OAuth)

If you choose to sign in with Google:

We use this information to create and secure your account and to provide the Service. You can revoke Vita's access at any time from your Google Account's third-party permissions page.

3. How we use information

We use information to:

We do not sell your personal information as "sale" is commonly defined in applicable privacy laws. We do not use your health data for targeted advertising, ad profiling, or cross-context behavioural advertising. We do not share health data with social media platforms or advertising networks.

4. Sensitive health data — additional protections

Information you share in connection with your metabolic health programme — including clinical assessments, GLP-1 prescriptions, laboratory results, symptom reports, and related health communications — constitutes sensitive personal health data. We apply the following additional safeguards to such data:

5. Legal bases (where applicable)

If the GDPR, India's Digital Personal Data Protection Act 2023 (DPDPA), or similar laws apply, we rely on one or more of: contract (providing the Service), legitimate interests (security, improvement, subject to your rights), consent (where required, e.g., certain health data processing or optional features), or legal obligation. For special category health data, we rely on your explicit consent or a recognised legal basis for health data processing under applicable law.

6. Sharing of information

We may share information with:

We may use Google Firebase, Google Cloud, and AI features that process prompts or content you submit; such processing is subject to our agreements with providers and this Policy. We do not use health data to train third-party AI models without your explicit consent.

7. International transfers

Our primary data processing takes place within India. Where data is processed by third-party service providers outside India (e.g., cloud infrastructure), we ensure appropriate contractual safeguards are in place consistent with applicable Indian data protection law.

8. Retention

We retain information as long as needed to provide the Service, comply with law, resolve disputes, and enforce agreements. Clinical health records may be subject to minimum retention requirements under applicable Indian medical law. Retention periods differ by data category and will be applied in accordance with our internal data retention schedule.

9. Security

We implement reasonable technical and organisational measures to protect information, including encryption in transit and at rest for sensitive health data, access controls, and security monitoring. No system is perfectly secure; if you believe your account has been compromised, contact us immediately.

10. Your rights and choices

Depending on your location and applicable law, you may have rights to access, correct, delete, export, restrict, or object to certain processing, and to withdraw consent where processing is consent-based. You may also have the right to complain to a supervisory authority (in India: the Data Protection Board of India under the DPDPA 2023).

To exercise rights: contact <thevitalifeco@gmail.com>. We will acknowledge your request within 72 hours and respond substantively within 30 days. We may need to verify your identity before processing your request.

Withdrawing consent (DPDPA 2023)

You may withdraw consent for any processing that is consent-based at any time. You can do this by:

Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal. Withdrawing consent for processing that is essential to the Service (e.g., clinical data sharing with your care team) may mean that some or all features of the Service can no longer be provided to you.

Marketing: We do not send marketing material based on your health information. Service-related communications necessary to operate your programme (e.g., appointment reminders, prescription status notifications) are not marketing communications.

11. Children's privacy

The Service is not directed to children under 18 years old. We do not knowingly collect personal information from children. GLP-1 therapy requires clinical assessment and is appropriate only for adults. If you believe we have collected data from a minor, contact us and we will take appropriate steps.

12. Third-party links and services

The Service may link to third-party sites or services. Their practices are governed by their own policies. Review Google's policies for OAuth and account data. We are not responsible for the privacy practices of third-party sites.

13. Changes to this policy

We may update this Privacy Policy. We will post the new version with an updated "Last updated" date and, where required, provide additional notice. Continued use after changes constitutes acceptance unless applicable law requires otherwise.

14. Grievance Officer (DPDPA 2023)

In accordance with the Digital Personal Data Protection Act, 2023, if you have any questions or grievances regarding the processing of your personal data, you may contact our Grievance Officer:

The Grievance Officer will acknowledge your complaint within 48 hours and resolve it within 30 days from the date of receipt. If you are not satisfied with the resolution, you may escalate your complaint to the Data Protection Board of India.

15. Contact

DREAMBIG AI INFOLABS PRIVATE LIMITED
66 2nd floor 4th T Block, 27th Cross Road KV Layout, Jayanagar III Block, Bangalore South, Bangalore- 560011, Karnataka
Email: <thevitalifeco@gmail.com>