Privacy Policy

Last Updated: April 17, 2026

1. Introduction

Welcome to Lucilla ("we," "our," or "us"). We are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.

2. Information We Collect

2.1 Personal Information

We collect information that you provide directly to us, including:

Account information (name, email address, phone number)
Profile information (username, profile picture, date of birth)
Payment information (processed securely through third-party payment processors)

2.2 Health & Fitness Data

With your explicit consent, we collect:

Step count data from Health Connect, Apple Health, Samsung Health, or Google Fit
Activity data for fitness challenges and tracking
Location data for geo-based rewards (only when you opt-in)

2.3 Wearable & Fitness Device Data

When you connect a wearable or fitness device to Lucilla, we collect:

Step count data from connected wearables and phone pedometers
Device type and model (e.g., Fitbit Charge 6, Apple Watch Series 9)
Sync method (native sync via HealthKit/Health Connect/Fitbit API, or bridge sync via companion apps like Garmin Connect, Zepp, Polar Flow, COROS, Huawei Health)
Device accuracy tier classification
Health Connect permissions and connected data sources (Android)
HealthKit permissions and connected data sources (iOS)
Workout and activity session data for intraday match verification

How We Use Wearable Data:

To verify step counts in competitions and determine winners
To enforce device eligibility rules for paid matches (8% maximum error rate)
To detect potential cheating or data manipulation
To provide personalized health insights (with your consent)
We do not sell your health or fitness data to third parties
Wearable data is stored securely and encrypted at rest

Disconnecting Your Wearable: You can disconnect your wearable device at any time through the app settings. Please note that disconnecting a wearable will prevent your participation in matches that require that device as a verified step source.

Apple HealthKit Notice: Health data obtained from Apple HealthKit is used solely to provide and improve App features. We do not use HealthKit data for advertising, and we do not share HealthKit data with third parties except as required to operate the App or as required by law.

2.3b Shareable Health Data

You may optionally share certain health data with the Lucilla community:

Step activity — daily or challenge-period step counts
Meal logs — food diary entries you choose to post
Journal entries — AI-assisted journal content you explicitly choose to share

All health sharing is opt-in and user-initiated. Nothing is shared automatically. You control visibility (public, followers, or groups) and may delete shared posts at any time.

2.3c Voice & Audio

Voice commands to the AI assistant (FAB) are processed in real time via Google Gemini Live API and are not stored beyond the active session
Voice posts and audio you publish to your social feed are stored only when you explicitly post them
Audio transmitted in live Spaces or Streams is processed in real time

You can revoke microphone access at any time in your device Settings.

2.3d Biometric Data (Passkey / Face ID / Fingerprint)

We never receive or store your biometric data. When you set up your Lucilla Smart Wallet via WebAuthn passkey, authentication happens entirely on your device through Apple or Google's secure enclave. We only receive a cryptographic token confirming successful authentication — your fingerprint or face data never leaves your device.

2.4 Wallet & Transaction Data

For users utilizing our USDC wallet features:

Blockchain wallet addresses
Transaction history (stored on public blockchain)
Payment receipts and subscription records
Wallet balance at time of reward claims and transactions (used for fraud prevention and platform integrity)

2.5 Device Information

We collect information about the device you use to access Lucilla, including:

Device model and manufacturer
Operating system and version
App version
Unique device identifiers
Mobile network information

This information helps us provide a consistent experience, troubleshoot issues, and ensure platform security.

2.6 Location & Geo-Reward Data

When you use location-based features (such as geo-rewards), we collect:

GPS coordinates: Your precise location at the time of a reward claim, including distance to the reward location
GPS accuracy metrics: Signal accuracy and confidence data to verify genuine physical presence
Claim and redemption locations: For two-step rewards (Geo + QR), both the initial claim location and the redemption location are recorded
Time patterns: Timestamps of claims, time between viewing a reward and claiming it, session duration, and visit frequency

We collect this location intelligence data to improve reward targeting and provide more relevant offers near you, to prevent fraud and ensure fair reward distribution for all users, and to enhance platform safety through anti-spoofing measures.

2.7 Reward & Campaign Interaction Data

When you interact with rewards and business campaigns, we collect:

Reward claim history (which rewards you claimed, when, and where)
Mystery Reward tier results (which tier you received in randomized rewards)
Redemption code usage (for two-step Geo + QR claims)
Referral code activity (codes you shared and codes used by others)
XP points earned and streak bonus history
View-to-claim timing (how long between seeing a reward and claiming it)
Campaign engagement metrics (views, saves, shares)

This data helps us optimize campaign performance and provide you with more relevant reward opportunities.

2.8 Automatically Collected Information

Usage data (features used, time spent, interactions)
Log data (IP address, crash reports, performance data)
Session duration and navigation patterns
Search queries within the app

2.9 Fraud Prevention & Platform Integrity Data

To maintain a fair and secure platform for all users, we collect and process:

Fraud prevention signals: We use proprietary technology to detect and prevent fraudulent activity, including multi-account abuse and location spoofing. These systems operate on anonymized data and do not identify specific individuals.
Behavioral patterns: Claim velocity, timing patterns, and usage signals that help distinguish genuine users from automated or fraudulent activity

2.10 Enterprise Account Data

For enterprise (business) customers, we additionally collect:

Business registration information
Enterprise handle (@businessname)
Team member information (staff names, roles, permissions)
Campaign configuration and performance data
Business hours, contact information, and social media links as provided by the business

3. How We Use Your Information

We use your information to:

Provide and maintain our services
Process transactions and send transaction notifications
Enable fitness challenges and step-based competitions
Distribute USDC rewards and process payments
Personalize your experience with AI-powered features
Send important service updates and security alerts
Improve our app through analytics and research
Comply with legal obligations and prevent fraud
Improve reward targeting and provide more relevant offers to you
Prevent fraud and ensure fair reward distribution across the platform
Optimize campaign performance for business partners
Enhance platform safety through anti-spoofing measures
Provide aggregated, anonymized analytics to business partners to help them understand campaign effectiveness
Power content discovery and personalized recommendations

4. Data Sharing and Disclosure

4.1 We Share Your Information With:

Service Providers: Firebase (Google), Circle (USDC payments), health data providers
Payment Processors: Apple App Store, Google Play, Samsung Galaxy Store
Reward Campaign Providers (Businesses & Creators): When you claim a geo/QR reward or visit a participating business, your display name, email address, and phone number (if provided) are shared with that business or creator to enable direct customer communications, promotional offers, and campaign analytics. See Terms of Service Section 10.11 for full details
Enterprise Customers (Anonymized Only): Enterprise business customers receive aggregated, anonymized analytics about their campaign performance. Enterprise customers cannot identify individual users through the data we provide. Raw user data is retained by Lucilla and is never shared with enterprise customers in identifiable form
Legal Requirements: When required by law or to protect our rights

4.2 Data Ownership & Usage

Lucilla Technologies Inc. owns and retains all data generated through your use of the platform. We use this data to operate, improve, and personalize our services.

We do not currently sell your personal data to any third parties
We may analyze anonymized usage patterns and activity data to improve our services and platform features
In the future, we may engage in partnerships that involve sharing aggregated, anonymized data — we will notify users in advance and update these terms accordingly
We do not share your health data without explicit consent
We do not use your data for third-party advertising without permission
When you claim rewards from a business or creator, your basic contact information (name, email, phone) is shared with that reward provider to enable direct customer relationship and communications
You always retain the right to export or delete your personal data

5. Health Data Privacy (HIPAA Compliance)

Your health and fitness data is protected under strict security measures:

Encrypted in transit and at rest
Stored securely in HIPAA-compliant infrastructure
Only accessible by you and authorized services you approve
You can delete your health data at any time

6. Blockchain & Cryptocurrency Disclosures

Lucilla integrates cryptocurrency functionality for rewards and payments. Important disclosures:

6.1 USDC Stablecoin

USDC is a digital stablecoin pegged to the US Dollar, issued by Circle Internet Financial
USDC transactions are recorded on the Base blockchain (Ethereum Layer 2), a public ledger
While wallet addresses are pseudonymous, blockchain data is permanent and publicly visible
We do not control or have the ability to modify blockchain data once recorded

6.2 Cryptocurrency Risks

IMPORTANT: Cryptocurrency involves significant risks:

Volatility Risk: While USDC is designed to maintain a 1:1 peg with USD, no guarantee exists that this peg will always be maintained
Regulatory Risk: Cryptocurrency regulations vary by jurisdiction and may change. You are responsible for compliance with your local laws
Irreversibility: Blockchain transactions cannot be reversed once confirmed. Sending to wrong addresses results in permanent loss
Custodial Risk: Wallets are non-custodial; you are solely responsible for safeguarding your wallet credentials
Smart Contract Risk: While audited, smart contracts may contain bugs or vulnerabilities
Network Risk: Blockchain networks may experience congestion, delays, or outages

6.3 Not Financial Advice

Lucilla does not provide investment, financial, tax, or legal advice. Any cryptocurrency features are provided "as-is" for rewards and payment purposes only. Consult qualified professionals for financial decisions.

6.4 Jurisdiction & Geographic Restrictions

While Lucilla's core features (health tracking, social, Step Matches) are available worldwide, certain cryptocurrency services have geographic restrictions:

Transak On/Off-Ramp: Fiat-to-crypto conversion services (buy/sell USDC) are NOT available in approximately 80 countries including China, Russia, Nigeria, Iran, North Korea, and others due to Transak's compliance requirements. See full list at Transak Compliance.
Wallet & P2P Transfers: Self-custodial crypto wallets and peer-to-peer transfers are available worldwide where not prohibited by local law.
User Responsibility: You are responsible for ensuring compliance with local regulations regarding cryptocurrency use in your jurisdiction.

7. Your Rights & Choices

You have the right to:

Access: Request a copy of your personal data
Correction: Update inaccurate information
Deletion: Delete your account and associated data
Data Portability: Export your data in a machine-readable format
Opt-Out: Disable location tracking, push notifications, or marketing emails

7.1 California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act and the California Privacy Rights Act:

Right to Know: You can request details about the categories and specific pieces of personal information we have collected about you
Right to Delete: You can request deletion of your personal information, subject to certain legal exceptions
Right to Opt-Out of Sale: We do not sell your personal information. If this changes, we will provide a "Do Not Sell My Personal Information" mechanism
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
Right to Correct: You can request correction of inaccurate personal information
Right to Limit Use of Sensitive Personal Information: You can limit how we use sensitive personal information (such as precise geolocation) to purposes necessary for providing services

To exercise these rights, contact us at s.borjas@lucilla.ca. We will respond within 45 days.

7.2 European Users (GDPR)

If you are located in the European Economic Area, United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation:

Right to Access: Obtain a copy of your personal data
Right to Rectification: Correct inaccurate or incomplete data
Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data
Right to Restrict Processing: Limit how we process your data
Right to Data Portability: Receive your data in a structured, machine-readable format
Right to Object: Object to processing based on legitimate interests or for direct marketing
Right to Withdraw Consent: Withdraw consent at any time for processing based on consent

Legal Bases for Processing:

Contract: To provide our services to you
Legal Obligation: Tax reporting, KYC/AML compliance
Legitimate Interest: Fraud prevention, service improvement, platform security
Consent: Marketing communications, optional data sharing, location-based features

To exercise these rights, contact our Data Protection contact at s.borjas@lucilla.ca.

7.3 Canadian Users (PIPEDA)

Canadian users have rights under the Personal Information Protection and Electronic Documents Act, including the right to access, correct, and withdraw consent for the collection and use of personal information.

7.4 Other Jurisdictions

Residents of Virginia, Colorado, Connecticut, Nevada, and other states with consumer privacy laws have rights similar to those described above under their respective state laws. Contact us to exercise these rights.

8. Data Retention

We retain your information for as long as your account is active or as needed to provide services:

Account data: Until you delete your account
Health data: Deleted within 30 days of account deletion
Transaction records: 7 years (federal compliance requirement)
KYC verification documents: 7 years (federal compliance requirement)
Reward claim and campaign data: Duration of account plus 2 years
Location intelligence data: 1 year for detailed data; aggregated anonymized data retained indefinitely
Blockchain transactions: Permanent (immutable on-chain)

Even if you delete your account, transaction data and compliance records will be retained for the full 7-year period to comply with federal law.

9. Children's Privacy

Our app is not intended for users under 18. We do not knowingly collect data from children under 13. If you believe we have collected data from a child under 13, contact us immediately and we will delete it.

10. Security

We implement industry-standard security measures including:

End-to-end encryption for sensitive data
Secure authentication (OAuth, biometric login)
Regular security audits and penetration testing
SOC 2 Type II compliant infrastructure (Firebase, Circle)
Role-based access controls for internal data access
Audit logging of all data access by personnel

11. International Users

Your data may be transferred to and processed in countries outside your residence, primarily the United States and Canada. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses where required.

12. Transaction Data Collection & AML Compliance

To comply with Anti-Money Laundering (AML) regulations and prevent financial crime, we collect and monitor extensive transaction data.

Data Collected

For every financial transaction, we automatically collect:

Transaction Details: Amount, currency (USDC), timestamp, transaction hash
Wallet Information: Sender and recipient wallet addresses
User Identification: User IDs, usernames, display names
Geographic Location: City, state, country, latitude/longitude coordinates
Device Information: IP address, device type, operating system
Transaction Metadata: Transaction type (send, match entry, subscription, etc.), memos, related IDs
Risk Assessment: Automated risk scores (0-100 scale), compliance flags

Purpose of Collection

We collect this data to:

Comply with Federal Law: Bank Secrecy Act (BSA), USA PATRIOT Act, FinCEN regulations
Screen for Sanctions: OFAC (Office of Foreign Assets Control) sanctions compliance
Detect Money Laundering: Identify structuring, unusual patterns, and suspicious activity
Prevent Fraud: Monitor for fraudulent transactions and account takeovers
Risk Assessment: Assign risk scores and flag high-risk transactions
Regulatory Reporting: File Suspicious Activity Reports (SARs) and Currency Transaction Reports (CTRs) when required

Automated Decision Making

We use automated systems to make real-time decisions about your transactions:

Risk Scoring: Every transaction receives an automated risk score (0-100) based on multiple factors
Transaction Blocking: High-risk transactions (score of 95 or above) are automatically blocked
KYC Triggers: Transactions over $1,000 automatically trigger identity verification requirements
Velocity Limits: Automated enforcement of hourly (10) and daily (50) transaction limits
Suspicious Activity Flagging: Transactions with scores of 50 or above are flagged for compliance review

Your Rights: You have the right to contest automated decisions by contacting our compliance team at s.borjas@lucilla.ca. We will review flagged transactions manually upon request.

Data Storage Locations

Transaction data is stored in multiple locations for compliance and operational purposes:

User Transaction History: Your personal transaction log
Global Compliance Ledger: Master transaction database for AML monitoring
AML Screening Records: Risk scores, flags, and screening results
Suspicious Activity Alerts: High-risk transaction records
Compliance Alerts: Internal compliance team notifications

Data Retention

Transaction data is retained for 7 years as required by the Bank Secrecy Act (31 CFR 1010.430). This includes:

All transaction records and receipts
KYC verification documents (ID scans, selfies)
Risk assessment results and compliance flags
Suspicious Activity Reports (SARs) and supporting documentation
Communication records related to transactions

Note: Even if you delete your account, transaction data will be retained for the full 7-year period to comply with federal law.

Data Sharing for Compliance

We may share your transaction data with:

Law Enforcement: Federal, state, and local law enforcement agencies pursuant to legal process (subpoenas, court orders, search warrants)
FinCEN: Financial Crimes Enforcement Network (Suspicious Activity Reports, Currency Transaction Reports)
OFAC: Office of Foreign Assets Control for sanctions compliance
Regulatory Agencies: SEC, CFTC, state financial regulators when required
Service Providers: Cloud infrastructure (Google Firebase), compliance tools, and security services under strict confidentiality agreements

We do NOT:

Sell your transaction data to third parties
Share data for marketing purposes
Provide data to unauthorized parties

Monitoring Technologies

We employ the following automated monitoring technologies:

Velocity Monitoring: Tracks transaction frequency in real-time
Pattern Detection: Identifies structuring, round numbers, and anomalous behavior
Geographic Analysis: Detects unusual location changes
Network Analysis: Identifies relationships between wallets and users
Behavioral Analytics: Compares transactions to historical patterns

Your Data Protection Rights

While compliance data must be retained, you have rights regarding other personal data:

Access: Request copies of your transaction data
Correction: Request correction of inaccurate information
Explanation: Request explanation of risk scores and automated decisions
Appeal: Contest transaction blocks or account suspensions

Limitations: We cannot delete transaction data before the 7-year retention period, modify blockchain records (which are immutable), or remove data subject to active investigations.

Security Measures

Transaction data is protected by:

Encryption at rest and in transit (AES-256, TLS 1.3)
Role-based access controls (only authorized compliance personnel)
Audit logging of all data access
Regular security assessments
SOC 2 Type II compliant infrastructure

13. Cookies and Tracking

Our mobile app may use:

Analytics SDKs for usage statistics
Crash reporting tools
Push notification services

We do not use cookies for advertising purposes. Our web properties (lucilla.app, enterprise dashboard) may use essential cookies for authentication and session management.

14. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or in-app notification. Continued use after changes constitutes acceptance.

15. Contact Us

If you have questions or concerns about this Privacy Policy:

Email: s.borjas@lucilla.ca
Website: lucilla.ca

To exercise any of your data rights, contact us at the email above. We will respond within 30 days (or 45 days for CCPA requests).