ZULO is a food awareness application operated by Aveor Studios, based in Mumbai, Maharashtra, India. We are the data controller responsible for your personal information.
For all privacy questions, data requests, or concerns, contact our Privacy Officer at: [email protected]
We aim to respond to all privacy requests within 7 business days.
Account information
When you sign in with Google or Apple, we receive your name, email address, and (where available) profile photo from the identity provider. When you sign in with email and password, we receive your email and a securely hashed password (we never see or store the password itself). This is used to create and identify your account.
Profile data you provide
Display name, first and last name, date of birth, city, country, gender, dietary preferences, and activity preferences you set during onboarding or in Settings. This personalises your experience.
Phone number
We require a phone number at signup. It is used for three purposes: (a) one-time password (OTP) verification when you first enable phone reminders, processed by Twilio Verify; (b) friend discovery, so people who already have your number in their contacts can find you on ZULO if you choose to be discoverable; (c) sending Skip reminders and notifications via WhatsApp or SMS where you have opted in. Your phone number is never visible to other users on your public profile and is never sold or shared with advertisers.
App activity
Foods you choose to log, Karma earned, streaks, challenges completed, badges earned, caves logged (moments of honesty), and craving patterns you voluntarily record. This data is the core of your personal awareness journey inside ZULO.
Subscription and purchase data
When you purchase a subscription (ZULO Core, Pulse, Infinite) or in-app Coins, we store the plan key, subscription status, billing cadence, Razorpay payment and subscription IDs, and transaction history. We do not store your card number, UPI handle, CVV, or any payment credential. These are handled directly by Razorpay.
In-app currency data
We track your Coin balance and a full history of coin transactions (purchases, spends, refunds, admin adjustments). This is visible to you in your Wallet.
AI usage data
When you request an AI Weekly Insight or use the Ask Anything feature, we send an anonymised summary of your last 7 days of activity (aggregate counts, top foods, top categories, cave triggers) to Anthropic (Claude). We do not send your name, email, phone, or any personal identifier to the AI provider. AI responses are stored in your account so you can review your history.
Camera and food scan images
When you use the food scan feature, the image you capture is sent through our Cloudflare Worker to OpenAI for food identification. The image is transmitted securely and is not stored by ZULO after the result is returned. No personal identifiers are attached to the image when it is sent. You can always skip the scan and search manually.
Device and technical information
Device type, operating system, browser, language, timezone, and session timestamps. Collected automatically to ensure the app functions correctly and to understand usage at an aggregate level. We also collect a push notification device identifier (when you opt in to notifications) and an in-app purchase identifier (when you make a native iOS or Android subscription purchase) so we can deliver pushes to your device and link your subscription to your account.
Crash logs and diagnostic events
When the app crashes or encounters a runtime error, the operating system (Apple iOS or Google Android) may collect a crash log and forward it to us through Apple App Store Connect or Google Play Console for the purpose of fixing the bug. Our subscription and notification SDKs (RevenueCat and OneSignal) also send anonymised diagnostic events such as push delivery success or in-app purchase status so we can monitor app health. None of these logs include the contents of your activity inside the app.
We do not use your data for advertising. We do not build advertising profiles. We do not sell, rent, or trade your personal information to any third party.
ZULO has social features. Here is what is visible to others by default:
Public by default: Display name, city, level, alter ego, total Karma earned, total skips, current streak, earned badges, and Trophy Room cards on your public profile.
Always private: Your email address, phone number, date of birth, Coin balance, subscription status, purchase history, caves logged, hunger signal patterns, AI insight content, and any data you have not chosen to share.
You can turn off profile searchability at any time in Settings under Privacy. When off, other users cannot find you by name or view your profile.
We use a small number of trusted third-party services to operate ZULO. Each is bound by its own privacy and data protection commitments, and processes data only as necessary to provide its service:
We may update our service providers from time to time. This list reflects our current stack. Your data may be processed in countries outside India including the United States and the European Union by these providers. Where this occurs, we rely on the providers' own compliance frameworks and contractual safeguards.
We use reasonable technical and organisational measures to protect your data, including encrypted connections (TLS), row-level security on our database, access controls, and secure infrastructure. Payment data is handled by Razorpay, which is PCI DSS Level 1 compliant. No method of electronic storage or transmission is completely secure. We cannot guarantee absolute security, but we take it seriously and respond promptly to any identified issue.
ZULO is intended for users aged 18 and above. We do not knowingly collect personal data from anyone under 18. If you believe a minor has created an account, please contact us at [email protected] and we will delete the account promptly.
We do not provide parental consent flows and do not target users under 18 in any marketing or product feature.
You have the following rights regarding your personal data:
To exercise any right, email [email protected]. We may ask you to verify your identity before processing sensitive requests. We respond within 7 business days. Some requests may be limited where we have a legal obligation to retain certain data (for example, tax records of completed transactions).
You can delete your account at any time from within the app: Profile → Settings → Delete Account. This permanently and irreversibly deletes all your personal data, activity history, achievements, AI insights, Coin balance, and account information within 30 days.
Active subscriptions are automatically cancelled on account deletion. Refunds (if applicable) follow our Refund and Cancellation Policy.
You can also request deletion by emailing [email protected]. Both you and our team will receive a confirmation email when deletion is complete.
Service communications such as account confirmations, payment receipts, security notices, subscription renewal notices, and deletion confirmations are necessary for operating your account and cannot be turned off.
Product communications such as daily summaries and streak reminders are optional and can be turned off in Settings under Notifications at any time.
ZULO is a personal awareness tool, not a medical application. Nothing in the app including AI-generated insights constitutes medical advice, dietary guidance, clinical treatment, or professional health recommendations. ZULO is not intended to diagnose, treat, prevent, or manage any medical condition including eating disorders, diabetes, obesity, or any other health condition. If you have concerns about your health or eating habits, please consult a qualified healthcare professional.
We notify you of material changes to this policy by email or via an in-app notice at least 14 days before the change takes effect. Continued use of the app after changes means you accept the updated policy.
In accordance with applicable Indian law, any grievances regarding the processing of your personal data may be directed to:
Privacy Officer, Aveor Studios
Mumbai, Maharashtra, India
[email protected]
Response time: within 7 business days
© 2026 Aveor Studios · Terms and Conditions · Refund Policy · [email protected]