Privacy Policy

Last Updated: February 11, 2026

1. Introduction

This Privacy Policy describes how F-T srl ("Company", "we", "us", or "our"), a company registered under Italian law, collects, uses, stores, and protects your personal data when you use the SWEETPAL mobile application (the "App").

SWEETPAL is a personal diary and memory assistant designed for people who live with diabetes every day. It works like an intelligent journal: you record your experiences — meals, readings, activities, notes — and the App uses AI to help you recall what has happened in the past. The more entries you add, the richer and more contextual SWEETPAL's recall becomes, just like a diary that remembers for you.

SWEETPAL is not a medical device and is not classified as such. It does not perform diagnoses, generate predictions, or provide medical recommendations. It is a personal organizational tool that relies exclusively on your own historical data and basic mathematical calculations (such as carbohydrate counting) to help you reflect on your own experiences.

We are committed to protecting your privacy and handling your personal data in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the Italian Privacy Code (Legislative Decree 196/2003, as amended by Legislative Decree 101/2018), and all applicable data protection laws.

By using SWEETPAL, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy.

2. Data Controller

The Data Controller for your personal data is:

F-T srl
Via Bianca di Savoia 17, 20122 Milan, Italy
Email: info@ef-ti.com

You may contact us at any time regarding your personal data or this Privacy Policy.

3. Data We Collect

We collect and process the following categories of personal data:

3.1 Diary Entries and Personal Logs

Blood glucose readings, insulin dosage records, carbohydrate counts, meal descriptions, physical activity notes, and any other entries you voluntarily record in the App. This information constitutes your personal diary. Because these entries may contain health-related information, they are treated as special category data under Article 9 of the GDPR and are processed solely on the basis of your explicit consent. All of this data is provided by you — SWEETPAL does not generate, infer, or predict any data on its own.

3.2 Account Information

Your name, email address, date of birth, and authentication credentials necessary to create and maintain your account.

3.3 Device and Usage Data

Device type, operating system version, app version, language settings, crash logs, and anonymized usage analytics to improve the App's performance and user experience.

3.4 AI Context Data

Your interactions with the AI assistant, including queries and contextual information used to retrieve relevant entries from your diary history. This data is used exclusively to improve the recall experience — helping the App find and present past entries that are relevant to your current situation, based on what you have previously recorded.

4. Legal Basis for Processing

We process your personal data on the following legal bases under Article 6 and Article 9 of the GDPR:

Explicit Consent (Art. 9(2)(a) GDPR): For processing diary entries that contain health-related information. You may withdraw consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.

Performance of a Contract (Art. 6(1)(b) GDPR): For processing account information necessary to provide the App's services and manage your subscription.

Legitimate Interest (Art. 6(1)(f) GDPR): For processing device and usage data to maintain, secure, and improve the App.

5. How We Use Your Data

We use your personal data exclusively for the following purposes:

  • To provide the core functionality of the App: storing your diary entries and using AI-assisted recall to help you retrieve past experiences that are contextually relevant to your current situation.
  • To perform basic mathematical calculations, such as carbohydrate counting, using the data you provide.
  • To maintain and improve the quality, safety, and performance of the App.
  • To manage your account and subscription.
  • To communicate with you regarding service updates, security alerts, and support.
  • To comply with legal obligations.

SWEETPAL operates exclusively on data you provide. Its AI capabilities are limited to recalling and organizing your historical entries based on mathematical relevance and contextual similarity. It looks backward at what has happened, never forward at what might happen. It does not make predictions, generate forecasts, or produce any form of medical recommendation.

6. Data Storage and Security

Your diary data is encrypted both in transit (TLS 1.3) and at rest (AES-256 encryption). We implement industry-standard technical and organizational security measures, including access controls, regular security audits, and secure data center infrastructure.

Data is stored on servers located within the European Economic Area (EEA). In the event that data processing requires transfer outside the EEA, we will ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

7. Data Retention

We retain your personal data for as long as your account is active and as necessary to provide the App's services. The longer you use SWEETPAL and the more entries you record, the more useful the recall feature becomes — your diary history is the foundation of the service.

Upon account deletion, all your diary entries, AI context data, and personal information will be permanently deleted within 30 days. Anonymized and aggregated data that cannot be used to identify you may be retained for analytical purposes.

We may retain certain data for longer periods where required by law or to establish, exercise, or defend legal claims.

8. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data to third parties. Your diary is yours. We may share your data only in the following limited circumstances:

Service Providers: With trusted third-party service providers who assist us in operating the App (e.g., cloud hosting, analytics), subject to strict data processing agreements that ensure GDPR compliance.

Legal Requirements: Where required by law, regulation, legal process, or enforceable governmental request.

Business Transfers: In connection with a merger, acquisition, or sale of assets, in which case you will be notified of any change in data controller.

9. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access (Art. 15): You may request a copy of the personal data we hold about you.
  • Right to Rectification (Art. 16): You may request correction of inaccurate or incomplete data.
  • Right to Erasure (Art. 17): You may request deletion of your personal data, subject to legal retention requirements.
  • Right to Restriction (Art. 18): You may request restriction of processing in certain circumstances.
  • Right to Data Portability (Art. 20): You may request your diary data in a structured, commonly used, machine-readable format, so you always remain in full control of your own records.
  • Right to Object (Art. 21): You may object to processing based on legitimate interest.
  • Right to Withdraw Consent: You may withdraw consent for processing of diary entries containing health-related data at any time through the App settings or by contacting us.

To exercise any of these rights, please contact us at info@ef-ti.com. We will respond to your request within 30 days.

You also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali) or any other competent supervisory authority.

10. Children's Privacy

SWEETPAL is not intended for use by children under the age of 16 without parental or guardian consent, in accordance with Article 8 of the GDPR and Italian law. If we become aware that we have collected personal data from a child under 16 without appropriate consent, we will take steps to delete that data promptly.

11. Cookies and Tracking Technologies

The App may use essential cookies or similar technologies strictly necessary for the App's functionality. We do not use tracking cookies for advertising purposes. Any analytics data collected is anonymized and used solely to improve the App.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of material changes through the App or by email. The "Last Updated" date at the top of this document indicates when the most recent revision was made.

Your continued use of the App after any changes constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

F-T srl
Via Bianca di Savoia 17, 20122 Milan, Italy
Email: info@ef-ti.com

© 2026 F-T srl. All rights reserved.