Legal

Privacy Policy

Last updated: 17 May 2026

This Privacy Policy describes how Milligram Health Pty Ltd (ACN 698 081 720) ("Milligram", "we", "us", or "our") collects, uses, protects, and shares information when you use the Milligram iOS application ("the App") and milligramapp.com or milligram.health ("the Site"). By signing in with Apple, accepting any in-app prompts, and continuing to use the App, you agree to the practices described in this Policy.

1. Overview

Milligram is operated by Milligram Health Pty Ltd (ACN 698 081 720), a company registered in Victoria, Australia. We design Milligram to keep as much of your information on your device as practical, to encrypt what is transmitted, and to use only enterprise-grade service providers that are contractually bound to handle your information in line with this Policy.

2. What This Policy Covers

This Policy applies to information collected through the App and the Site. It does not apply to third-party websites, services, or content that you may access through links or integrations — their handling of your information is governed by their own privacy policies.

3. Information You Provide Directly

The information you put into Milligram — you provide it, you control it. This includes:

• Account information. When you sign in with Apple, we receive a unique account identifier and, if you choose to share it, your email address. Apple's private email relay protects your real address if you prefer to use it. We do not collect your full legal name unless you choose to share it.
• Compounds, doses, and protocols you log. The compound names, doses, routes, frequencies, and schedules you enter.
• Journal entries and check-ins. Subjective ratings (sleep, energy, mood, soreness, satiety, and similar markers).
• Photos you take. Progress photos you capture inside the App. They are stored in your account and shown only to you.
• Health records. Bloodwork PDFs you upload and the structured biomarker values extracted from them.
• Meals, food items, and meal plans. Meals you log (photo, identified ingredients, macro values, timestamp, capture mode), meals you bookmark as saved recipes, and personalised meal plans generated for your goals.
• Chat conversations. Messages you send to Milligram's AI assistant and the responses you receive.
• Profile details. The age, sex, and goals you provide during onboarding (used to personalise calculations and content).

Each item is protected by your account access controls — only you, signed in to your account, can read or change your records. See Sections 9 and 10 for the specific protections in place.

4. Information Collected Automatically

The App collects a small amount of technical information automatically to help it run:

• Device type, operating system version, app version
• Anonymous app-usage statistics (which features are opened, how often, basic engagement signals)
• Anonymous crash diagnostics, used to detect and fix bugs

We do not use advertising identifiers. We do not track you across other apps or websites. We do not sell or share advertising profiles about you.

5. Information from Apple Health

With your permission, Milligram reads health data from Apple Health on your device. Specifically:

• Body weight, body fat percentage, lean body mass
• Sleep analysis
• Dietary water and caffeine intake
• Daily nutrition totals (calories, protein, carbohydrates, fat) logged in other apps, so Milligram can show your full daily picture across your nutrition apps

When you turn on Save to Apple Health in nutrition settings, Milligram also writes the meals you log to Apple Health — specifically calories, protein, carbohydrates, fat, fiber, sugar, sodium, and saturated fat — so other apps that read Apple Health (Oura, Garmin Connect, Stelo, and others) can see them too.

Your Apple Health data is read on demand and any meals written are stored in Apple Health on your device. Apple Health data is not uploaded to Milligram's servers; it stays inside Apple Health and the App's local storage on your phone.

You can revoke this access at any time in iOS Settings → Health → Data Access & Devices.

6. How We Use Your Information

We use the information described above to:

• Provide Milligram's core features — tracking, scheduling, calculations, AI assistance, and reminders
• Personalise your experience based on your protocol, goals, and recent activity
• Detect misuse and keep your account safe
• Improve the App — understanding which features matter most to users so we can refine them
• Communicate with you about important product updates and changes to this Policy

7. AI Features and Your Privacy

Milligram's AI features are designed with privacy as the default. Wherever possible, AI processing happens directly on your device — for example, the on-device face landmark detection used during face scans never sees the cloud at all.

Where AI processing must use a cloud provider (chat, scan analysis, bloodwork extraction), we use only enterprise-grade AI service providers operating under strict data processing agreements that we have reviewed specifically for this purpose.

Your data is never used to train AI models.
The agreement we hold with our AI provider explicitly prohibits any use of your data to train, fine-tune, or otherwise improve the provider's models. We selected our partner because they meet this requirement, and we will not work with providers who do not.

Provider-side retention is short and audit-only.
After processing your request, the provider may retain content for a brief window (no longer than 60 days) strictly for safety and abuse monitoring. After that window, the data is deleted from provider systems. We do not retain copies of your information in third-party AI infrastructure beyond what is required to deliver the immediate response.

Encrypted transit and device attestation.
Every AI request passes through our authenticated proxy infrastructure. Device attestation — a cryptographic signature unique to your authentic copy of Milligram — verifies that each request truly comes from your app and not an impostor or someone trying to spoof your identity. All transmission is protected by end-to-end TLS encryption.

What gets sent for an AI request.

• For chat: your message and brief context (your age, sex, active compounds, dose schedule) so the reply is relevant to you.
• For face or body scan analysis: the captured photo and the same brief context.
• For bloodwork analysis: the uploaded PDF.

We do not send your name, email address, exact location, advertising identifiers, or unrelated app data.

Conversations and analyses stay yours.
Your chat history, scan results, and bloodwork records are stored on your device and in your secure account — never on the AI provider's infrastructure beyond the brief auditing window described above. You can delete any conversation, scan, or record at any time.

No automated decisions with legal effect.
We do not use AI to make automated decisions about you that have legal or similarly significant effects. AI outputs are informational and do not control access to the App, pricing, or your subscription state.

Consent.
By using AI features, you agree to this AI processing model. The first time you use an AI feature, an in-app screen describes what is sent and asks you to confirm.

8. Service Providers

We engage trusted service providers to help us operate Milligram, including providers for:

• Subscription management
• Analytics and crash reporting
• Cloud storage and database hosting
• AI processing
• Secure payment processing

All providers are bound by data processing agreements that limit their use of your information to providing services to us. Providers are contractually prohibited from using your information for their own purposes, from selling it, and from sharing it with unrelated parties.

9. Cloud Sync and Account Data

Your account data is securely synced to our cloud database, hosted in Australia. Access is enforced at the database level — only your authenticated account can read or modify your records. Data is encrypted at rest and in transit.

Photos and bloodwork records are stored in encrypted file storage tied to your account. They are never made publicly accessible.

10. How We Protect Your Information

Your information is protected by multiple layers of security:

• Device-level encryption. iOS encrypts your local Milligram data at rest using the device's hardware-backed encryption.
• Encrypted transit. Every connection between your device and our infrastructure uses HTTPS / TLS encryption. Sensitive endpoints additionally require device attestation.
• Row-level access control. Our cloud database enforces, at the database engine itself, that only your authenticated account can read or modify your records. This protection holds even if our application code had a bug — the database engine independently blocks cross-account access.
• Minimal credential principle. Administrative database keys are never stored in the App binary. The App communicates only through scoped, authenticated endpoints.
• Authenticated proxies. AI processing requests pass through our proxy infrastructure, which validates that each request comes from a genuine, attested copy of Milligram before forwarding it.
• Regular review. We periodically review our security posture and the practices of our service providers.

If you discover a security vulnerability, please email support@milligramapp.com. We appreciate responsible disclosure.

11. Sharing of Information

We share your information only in the limited circumstances described below.

a) With service providers.
As described in Sections 8 and 9, we engage providers to help us operate the App. Providers may access only the information necessary to perform their service and are contractually prohibited from using it for any other purpose.

b) For legal compliance.
We may disclose information if required by law, valid legal process, or to protect Milligram's rights, our users, or the public.

c) In a corporate transaction.
If Milligram is involved in a merger, acquisition, financing, reorganisation, bankruptcy, or a sale or transfer of all or part of its business or assets — whether a full acquisition or a partial transaction — your information may be transferred or disclosed to the parties involved, including prospective parties and their advisers, under terms consistent with this Policy.

d) Aggregate, de-identified information for research or commercial purposes.
We may share, license, or sell aggregated, de-identified information — information from which you cannot personally be identified — with research and commercial partners, including academic institutions, public health organisations, pharmaceutical and biotechnology companies, and data analytics organisations. This contributes to advancing peptide and metabolic-health research and may also be a commercial arrangement from which Milligram earns revenue. Aggregated information is statistically derived and reflects patterns across the user community as a whole; it does not include your name, contact details, photos, or chat content.

e) With your consent.
Other sharing only with your explicit consent.

12. International Data Transfers

Milligram Health Pty Ltd is based in Australia, where our primary cloud database is also hosted. Some service providers (for AI processing, analytics, and subscription management) operate from other jurisdictions, including the United States. Where personal data is transferred internationally, it is protected by the data processing agreements described in Section 8, which contractually restrict how those providers may use it. As an Australian business, we remain accountable under Australian Privacy Principle 8 for ensuring overseas recipients handle your information consistently with this Policy.

13. Children's Privacy

Milligram is intended for users aged 18 and older. We do not knowingly collect personal information from anyone under 18. If you believe a person under 18 has provided us with information, please contact us and we will remove it.

14. Your Rights and Choices

a) Access and correction.
To request a copy of the information we hold about you, or to correct inaccuracies, email support@milligramapp.com from your registered Apple ID email address. To protect your privacy and verify your identity, requests must come from the email associated with your account.

b) Account deletion.
You can delete your Milligram account from Profile → Delete Account in the App. This removes your identified records from our cloud database.

c) Withdraw from research and commercial data sharing.
To withdraw your information from future inclusion in aggregated research or commercial datasets, email support@milligramapp.com with the subject line "Research Data Sharing Withdrawal" and include your registered Apple ID email and your account creation date. We aim to process verified requests within 30 business days. Aggregated information already incorporated into research or commercial datasets cannot be retracted, as is standard for de-identified data.

d) EU and UK residents.
You have rights of access, rectification, erasure, portability, restriction, and objection under the GDPR / UK GDPR. To exercise any of these rights, email support@milligramapp.com from your registered account email.

e) California residents.
You have rights to know, delete, correct, and opt out of the sale or sharing of your personal information under the California Consumer Privacy Act / California Privacy Rights Act. To exercise any of these rights, email support@milligramapp.com from your registered account email.

f) Apple HealthKit.
You can manage HealthKit access at any time in iOS Settings → Health → Data Access & Devices.

15. Data Retention

• Local app data is retained on your device until you uninstall the App.
• Identified account records are retained until you delete your account.
• Aggregated, de-identified information used in research or commercial datasets does not contain personal identifiers and is therefore retained indefinitely.
• Subscription records held by our subscription management provider are retained per their privacy policy.

16. Security

A detailed description of our security practices is set out in Section 10. To report a security vulnerability, email support@milligramapp.com.

17. Third-Party Links

The App or Site may contain links to external sites and services. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies before sharing any information with them.

18. Changes to This Policy

We may update this Policy from time to time. When we make material changes, we will notify you in-app and ask you to review and accept the updated Policy. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the App after a change indicates acceptance of the updated Policy.

19. Governing Law

This Policy is governed by the laws of Victoria, Australia, including the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles. Where applicable, the GDPR (for EU residents), the UK GDPR (for UK residents), and the CCPA / CPRA (for California residents) provide additional rights described in Section 14.

20. Contact

If you have questions about this Policy, contact us at:
Milligram Health Pty Ltd (ACN 698 081 720)
support@milligramapp.com