Legal

Privacy Policy

Effective June 15, 2026 Last updated June 15, 2026 Operator Loma Dynamics, Inc.

This Privacy Policy describes what data Loma collects, how we use it, who we share it with, and the choices you have. Loma Dynamics, Inc. ("Loma," "we," "us," or "our") is a Delaware corporation and operates the Loma mobile application, website, and related services (the "App"). This Policy is separate from but complements our Terms of Service, which governs liability and your use of the App.

01Data We Collect

From you directly

Account details — email address, sign-in method (Apple Sign In), preferred name, date of birth, biological sex, country.
Health profile — height, weight, VO2 max, max heart rate, dietary pattern, allergies, intolerances, religious dietary rules, preferred and disliked sports, equipment access, stated goals.
Logged entries — meals, exercise, hydration, sleep notes, voice transcripts of any of the above, photographs of food you submit through the camera feature.
Preferences — language, response density, persona tier, archetype labels, notification settings.
Chat history — messages you send to Loma's coaching surfaces and the responses generated for you.

From your connected integrations

When you authorize a third-party service in the App's Settings (Apple Health, Whoop, Oura, Garmin, Eight Sleep, MyFitnessPal, MacroFactor, Strava, or similar), we read the data those services make available — recovery scores, HRV, resting heart rate, sleep stages, strain, workouts, steps, dietary energy, dietary macros, body composition, and similar health metrics. We never write back to your wearable account unless you explicitly direct us to.

From your device

Device identifier, model, operating system version, app version.
Approximate location (city / country) when needed for time-of-day inference; precise location only when you explicitly enable it for a feature.
Crash logs and performance telemetry.

Generated by Loma about you

Daily aggregates derived from your raw data (e.g. acute and chronic strain ratios).
Insights and recommendations our content pipeline generates.
Telemetry about which insights you find useful (likes, dislikes, dwell time).
Validation logs that record whether generated content passed our safety and voice gates.

02How We Use Your Data

To run the App. We need your data to display your health summaries, generate insights, and personalize coaching.
To improve quality. Anonymized and aggregated telemetry helps us improve the content library, prompt engineering, and validators.
To keep you safe. Some data is used by automated safety checks to detect crisis language, eating-disorder triggers, and unsafe recommendations.
To communicate with you. Account notifications, security alerts, and (only if you opt in) product updates.

We do not sell your personal data. We do not use your personal health data to train foundation models. We do not share your data with advertisers.

03Who We Share Data With

Infrastructure providers. Supabase (database, auth, edge functions), and similar services that host or transmit your data on Loma's behalf under contractual confidentiality and security obligations.
AI providers. xAI (Grok) processes your chat messages and the contextual data Loma sends with them to generate coaching responses. Prompts and responses may be retained per the provider's own retention policy; we configure those settings to minimize retention where possible.
Third-party wearables and nutrition apps. Only the integrations you authorize, and only in the direction you authorize (read or write).
Legal compliance. When required by valid legal process or to protect rights, safety, and security.
Successors. In the event of a merger, acquisition, or sale of assets, with notice to you and an opportunity to object where required by law.

04Where Your Data Lives

Loma's primary databases are hosted in the United States. If you access the App from outside the United States, you consent to the transfer and processing of your data in the United States, subject to appropriate safeguards.

05Retention

We retain account data while your account is active. When you delete your account, we delete or anonymize your identifiable data within 30 days, with the following exceptions:

We may retain a minimal record of the deletion for fraud, security, and legal compliance.
We may retain anonymized aggregates that no longer identify you.
Data that has already been shared with a third party you authorized (e.g. a connected wearable account) remains subject to that third party's retention.

You can request a copy or deletion of your data from the in-app Settings or by emailing hello@lomadynamics.com.

06Your Rights

Depending on where you live, you may have the right to access, correct, port, restrict, or delete your personal data; to object to certain processing; and to withdraw consent. To exercise these rights, use the in-app Settings or email hello@lomadynamics.com. We will respond within the timeframes required by applicable law.

If you are in the European Union, the United Kingdom, California, or another jurisdiction with specific privacy laws (GDPR, UK GDPR, CCPA / CPRA), you have additional rights granted by those laws. We do not sell or share your personal data in the sense those laws define.

07Children

Loma is not directed to children under 16, and we do not knowingly collect data from children under 16. If you believe a child has provided data to Loma, contact hello@lomadynamics.com and we will delete it.

08Security

We use industry-standard administrative, technical, and physical safeguards — encryption in transit (TLS), encryption at rest for the database, encrypted secrets management for third-party tokens, role-based access controls, and audit logs. No system is perfectly secure; you use the App at your own risk.

If we discover a security incident that materially affects your data, we will notify you and applicable regulators in accordance with law.

09Cookies and Similar Technologies

The App does not use web cookies. Our marketing website may use minimal first-party analytics cookies to count visitors; see the cookie banner on the website for choices.

10Important Reminder About App Output

The App generates personalized content — meal suggestions, workout recommendations, mindfulness prompts, sleep schedules — based on the data described above. This generated output is not medical advice, and Loma is not responsible for outcomes you experience as a result of acting on it. Your safety in following any suggestion remains your own responsibility. See our Terms of Service, Sections 3 and 4, for the full statement on App output, integrated data dependence, and limitations of liability for food, exercise, mindfulness, and sleep content.

11Changes to This Policy

We may update this Policy. When we make material changes, we will notify you in the App and update the "Last updated" date. Continued use of the App after the effective date constitutes acceptance.

12Contact

Privacy questions, data-rights requests, and security reports:

Loma Dynamics, Inc.

A Delaware corporation

hello@lomadynamics.com