Lifesum is a service developed and provided by Lifesum AB and LykonDX GmbH. Lifesum AB and LykonDX GmbH are the joint data controllers, i.e. responsible, for the processing of your personal data when providing the service to you and for complying with applicable data protection laws.
In this Privacy Notice we describe how we at Lifesum and LykonDX collect, use, transfer, maintain and store (collectively "processes") your personal data. Depending on the context, there might be other responsible data controllers that apply to you for other associated services and integrations to Lifesum. This privacy notice explains how we process your personal data in compliance with applicable data protection legislation and what we do to respect your integrity. It is intended for processing activities related to our mobile application, using or accessing our services, and other related interactions.
If you want to know more about our data processing activities, what we do to keep your data safe or to exercise your rights, feel free to contact us at:
Lifesum AB
LykonDX GmbH
How does the cooperation take place? Who processes which data and for what purpose?
Lifesum AB and LykonDX GmbH have jointly created this offer and are continuously developing it further. Lifesum AB programs and maintains the app and operates the app servers required for operation. LykonDX is responsible for the provision and evaluation of certain test offers within the app as well as customer support for these test offers. For this purpose, LykonDX also operates servers of the app and integrates the laboratories required for the test evaluation as service providers.
How can I exercise my rights as a data subject?
In accordance with Art. 26 para. 3 EU GDPR, you can assert your rights under the EU GDPR (e.g. right of access to the processed data) with both controllers. The joint controllers work together to ensure and fulfill your rights.
In the interests of efficient processing, we kindly ask you to send any such requests directly to the following email address: contact@lifesum.com
How is the protection of your personal data ensured?
The controllers have taken appropriate technical and organizational measures to ensure the protection of your data. Compliance with these measures has been contractually agreed between the data processors and is continuously monitored.
We obtain personal data directly from you as you install our app and interact with our services. Personal data is also generated internally at Lifesum. Depending on your actions, your personal data could be complemented with personal data from other sources like third-party app integrations.
As a part of our relationship to you as a free user, paying user or a Lifesum for Work or other type of provider subscription, your personal data will be processed for the following purposes:
Account Management
Provision of the App:
Customer Support and Communication with the User:
Customer Acquisition:
Subscriptions, Orders, and Payments:
Product Development, Analytics and Research
As part of our relationship, you may be required to provide us with the personal data necessary for us to be able to provide you with our services. Without this data, we will generally not be able to perform our contract and provide you with the App and its features.
The legal basis for processing your personal data includes your consent, the necessity of processing for us to fulfill our contractual and legal obligations, and the legitimate interests pursued by Lifesum or a third-party.
Our legitimate interests include:
Within the controllers, access to your data is only granted to the respective departments that require it to fulfill the above-mentioned processing purposes. Service providers used by the controllers (so-called processors) may also have access to your data. Contracts for commissioned data processing in accordance with art. 28 EU GDPR ensure that these service providers are bound by instructions of the controllers, and strict obligations to data security and the confidential handling of your data.
The controllers use processors in the following areas
Data is forwarded to other recipients if this is required by law or if you have given your prior consent.
To provide you with the core services of the Lifesum app, we need to process data about what you eat, how you exercise, your body measurements, weight goals, and allergies. This data may be considered data concerning health and is as such only processed with your explicit consent. The above data is essential in providing our app and services, as we can not provide the food tracking functionality or give you any recommendations without access to that data.
In addition, data concerning your health may be collected through health questionnaires when you create your account online, when you take our health test, or when you fill in the pre-purchase Lykon questionnaire. This data is, with your explicit consent, used to personalize your experience and provide you with recommendations.
To provide our services globally and ensure smooth functionality, we may transfer your personal data outside the European Economic Area (EEA). We take steps to ensure these transfers comply with applicable data protection laws by implementing appropriate safeguards:
If you use an external platform to authenticate and access the Services, such as Facebook Login or Google Auth, Lifesum will collect and process certain personal information from these applications, including your username, full name, profile picture, country, hometown, email address, date of birth, and gender.
Additionally, if you link your Lifesum account with a third-party application to track food intake, exercise, hydration, sleep, or step count data—such as Apple HealthKit, Google Health Connect, Fitbit, Withings, Oura, Runkeeper, or Garmin—Lifesum may exchange or process data with these applications to facilitate the requested integration. Please review each third-party's privacy policy to understand how they handle and protect your data.
There is no profiling in accordance with art. 22 para. 1 and 4 EU GDPR.
Lifesum will retain the personal data for as long as necessary to fulfill the stated purposes, or if we have a legal obligation to retain the data. When it is no longer necessary to retain the personal data, we will either delete or anonymise it. We periodically review the necessity to keep personal data, and if your account has been inactive, we will delete or anonymise the data after a period of five (5) years after you have been persistently inactive on the Lifesum Services.
If you delete your account, exercise your rights for relevant personal data, or opt out from processing relating to direct marketing, we will cease storing and processing your personal data for those purposes, if necessary. It could be necessary for us to process the relevant personal data for a longer time due to legal obligations or if the invoked data protection right is not applicable or absolute (e.g. for bookkeeping purposes).
If you are under the age of 13 or your country’s age of digital consent, whichever is higher, you are not allowed to submit any personal data through our Services. Further, we encourage parents and legal guardians to monitor their children’s Internet use and to help us in enforcing our Privacy Policy by instructing their children to never provide any personal data through our Service without their permission. If you become aware that a child under the age of 13 or their country’s digital age of consent has submitted personal data to us, please contact us at https://lifesum.com/contact.
As Lifesum processes your data within the scope of the GDPR, you have the following rights as the data subject:
To exercise your rights or if you have a complaint about the way we process your personal data, you can always reach out to us at contact@lifesum.com. Account deletion and withdrawal of consents can also be done from the account settings page within the app. If you need to reach our data protection officer, you can do so at dpo@lifesum.com.
Version: 11
