Instara — Privacy Policy

Language

Effective Date: August 25, 2025

1. Introduction

1.1 Teljane Medical Technology (Suzhou) Co., Ltd. (“we,” “our,” or “Instara”) provides products and services including the Instara mobile application, the Continuous Glucose Monitoring (CGM) system, and our official website.

1.2 We consider user privacy and data security as core responsibilities. This policy explains:

What types of information we collect;
How we use and protect your information;
When and why we may share or disclose your information;
Your rights and how you can exercise them.

1.3 Please read this Privacy Policy carefully before using our products or services. If you do not agree with the terms, we may not be able to provide the related services. By enabling or continuing to use our products, you acknowledge and consent to the practices described in this policy.

2. Types of Personal Information We Collect

2.1 Technical Data
When you install and use the Instara App, we automatically collect essential technical data to ensure security and functionality. This data does not directly identify you and may include:

IP address
Device ID
Operating system and version
Network status

This information is used for security, functionality, and internal analysis.

2.2 Account Data
When creating an account, we collect:

Country/region
Email address
Username
Login password

You must use your email/username and password to log in and access account features.

2.3 Health and Basic Information
When using the Instara App, you may provide health-related data, including:

Height, weight, age, gender
Type of diabetes
Blood glucose readings from sensors
Logged events such as meals, exercise, or insulin doses

In some jurisdictions, this may be considered “sensitive information.” We process it only with your explicit consent or when necessary for providing health-related services.

2.4 Sensor and Bluetooth Data
The Instara App requires access to your device’s Bluetooth interface to continuously process and transmit blood glucose data from sensors. Location access is used solely to assist Bluetooth scanning—we do not track or store your location.

2.5 Data Sharing Options
With your consent, you may choose to share your glucose data with:

Healthcare professionals (via invitation or authorization)
Family members or friends (via linking features)

Shared data may include glucose levels and basic patient information (such as name, gender, date of birth, and diabetes type). You can revoke this access at any time.

3. How We Collect and Process Your Personal Information

3.1 Collection Methods
We collect your personal information through:

Direct input: Information you provide when registering, updating your profile, contacting support, or using features.
Automatic collection: Information generated when you use the Instara App and devices, such as logs and sensor data.

3.2 Account Registration and Login
To use the app, you must register and log in. We collect:

Email address or phone number
Password
Verification code (SMS)

This information is used to verify your identity and secure your account.

3.3 Optional Profile Information
You may choose to provide additional details such as profile picture, nickname, gender, date of birth, height, and weight. These improve personalization but are not required for core services.

3.4 Device Pairing
When pairing or managing your CGM device, we collect:

Device serial number (SN)
Bluetooth MAC address
Battery status
Mobile device OS, app version, network status, and logs

This information is required to complete pairing and enable functionality.

3.5 Glucose Monitoring and Alerts
When your CGM device connects to the app, we automatically collect glucose readings for:

Trend analysis
Alerts and notifications
Report generation

Processing is based on your consent or the necessity of providing health-related services.

3.6 System Permissions
The Instara App may request the following permissions:

Bluetooth: To connect sensors (required)
Location: To support Bluetooth functionality (required on Android)
Network: To transmit data (required)
Camera: To scan QR codes and update profile picture (optional)
Storage: To export reports (required)
Notifications: To deliver glucose alerts (optional)

3.7 Security and Optimization
To prevent unauthorized access and improve services, we collect:

Device model, OS version, IP address
Login and activity logs

This data is used only for risk detection, troubleshooting, and service optimization.

3.8 Usage Principle
We process your personal information only with your consent or where permitted by law, and solely for the purposes originally stated. If we need to use it for a new purpose, we will notify you in advance and request your approval.

4. How We Store and Protect Your Personal Information

4.1 Storage Location
We store personal information on servers located in compliance with applicable laws:

Users in China: Data is stored within China.
Users in the EU: Data is stored within the EU.
Users in other regions: Data is stored in legally compliant locations.

4.2 Retention Period
We retain personal information only for the minimum time necessary to fulfill the purposes described in this policy.

If you delete or deactivate your account, we will promptly delete or anonymize your data.
If laws require a longer retention period, we will comply accordingly.
If we discontinue certain services, we will notify you and delete or anonymize related data.

4.3 Protection Measures
We apply industry-standard safeguards to protect your data, including:

Encryption and access controls
Network security protections
System and log monitoring

4.4 Risks and Responsibilities
The internet is not completely secure. We strive to prevent:

Unauthorized access, disclosure, or alteration
Hacker attacks or malware intrusions
Data loss or misuse

If a data breach occurs, we will:

Notify you promptly with details and countermeasures
Provide advice on minimizing risks
Report the incident to regulators if required

4.5 Data Minimization Principle
We collect only the information necessary for our services and retain it only as long as required. Unless you consent or the law permits, we will not use your data for other purposes.

5. Your Rights

5.1 Right of Access
You have the right to access the personal information we hold about you. You can view or download your data directly in the app, or contact us for assistance.

5.2 Right to Rectification
If your information is incorrect or incomplete, you can update it in “Profile > Edit.” If not possible, you may request corrections through our support team.

5.3 Right to Erasure
You can permanently delete your data by using the account deletion function under “Settings > Account & Security.” For information that cannot be deleted directly, you may submit a request and we will process it promptly.

5.4 Right to Withdraw Consent
You may withdraw your consent at any time by disabling app permissions (e.g., location, notifications, storage) in your device settings or by deleting your account. After withdrawal, we will stop processing the related data, but prior processing remains valid.

5.5 Right to Object and Restrict Processing
In certain situations, you have the right to object to or request restrictions on processing, such as for marketing or fully automated decisions.

5.6 Right to Data Portability
Where legally applicable, you may request your personal data in a structured, commonly used, and machine-readable format.

5.7 Complaints and Appeals
If you believe our data processing violates laws or this policy, you may contact us to file a complaint. If you are not satisfied, you may also lodge a complaint with your local supervisory authority.

5.8 Request Handling Rules

We may require identity verification to ensure the security of your request.
Reasonable requests will be processed free of charge; excessive or repeated requests may incur a fee or be refused.

6. Third-Party Service Providers and SDKs

6.1 SDKs and Third-Party Services
To ensure stability and functionality, the app may integrate third-party Software Development Kits (SDKs) or services. These third parties may collect operational data, which is handled according to their own privacy policies. Note that their data practices may change due to version updates or policy revisions.

6.2 Principles of Use

We only share necessary data with third parties when you have given consent or when legally required.
Third parties process data only within the scope needed for their functions.
You can review their privacy policies for details on how they handle your information.

6.3 Third-Party SDK List

Engagelab SDK
- Provider: Metaverse Cloud PTE. LTD.
- Purpose: Push notifications
- Data Collected: Device identifiers (IMEI, IDFA, Android ID, GAID, MAC, OAID), network information, location data
- Privacy Policy: Engagelab Privacy Policy
Bugly SDK
- Provider: Tencent Technology (Shenzhen) Co., Ltd.
- Purpose: Crash analysis and troubleshooting
- Data Collected: Process info, network type, storage usage, root status, CPU type, system version, device brand/model
- Privacy Policy: Bugly Privacy Policy

7. Protection of Minors’ Information

7.1 We place great importance on protecting the personal information of minors.
7.2 We do not knowingly collect data from individuals under the age of 18 without parental or legal guardian consent.
7.3 If we become aware that we have collected such data without consent, we will delete it promptly.

8. Policy Updates

8.1 This policy may be updated to reflect business practices or legal requirements.
8.2 For significant changes, we will notify you via in-app messages, pop-ups, or other appropriate means.
8.3 The latest version of this Privacy Policy is always available in the app (Path: Profile > Settings > Privacy Policy).
8.4 We will not reduce your rights under this policy without your explicit consent.

9. Contact Us

9.1 If you have questions about this policy or how we process your data, you may contact us:

Company: Teljane Medical Technology (Suzhou) Co., Ltd.
Address: Room A-501, Building 2, No. 69, Jiepulu Road, Suzhou Industrial Park, Jiangsu Province, China
Email: service@teljane.com

9.2 We will respond within 15 business days.
9.3 We are committed to continuously improving our privacy practices to protect your data and rights.

生效日期：2025年8月25日

1. 引言

1.1 糖简医疗科技（苏州）有限公司（以下简称“我们”或“Instara”）为您提供包括移动应用（Instara App）、持续葡萄糖监测系统（CGM）及官方网站在内的产品与服务。

1.2 我们将用户隐私与数据安全视为核心责任。本政策将说明：

我们收集哪些信息；
我们如何使用和保护这些信息；
在何种情况下会共享或披露信息；
您享有的权利以及行使方式。

1.3 请在使用我们的产品和服务前仔细阅读本政策。若您不同意本政策条款，我们可能无法为您提供相关服务。启用或继续使用我们的产品，即表示您已清楚了解并同意本政策的内容。

2. 我们收集的个人信息类型

2.1 技术数据
当您安装并使用 Instara App 时，我们会自动收集部分必要的技术数据，以保证应用的安全性和功能性。这些数据不会直接识别您的身份，包括：

IP 地址
设备 ID
操作系统及版本
网络状态

这些信息用于系统安全、功能运行和内部分析。

2.2 账户数据
在注册用户账户时，我们会收集以下信息：

国家/地区
邮箱地址
用户名
登录密码

您需要使用邮箱/用户名和密码登录，才能访问账户和相关功能。

2.3 健康与基础信息
在使用 Instara App 时，您可以选择提供健康相关数据，包括：

身高、体重、年龄、性别
糖尿病类型
传感器收集的血糖水平数据
记录的饮食、运动、胰岛素剂量等事件

这些数据可能在部分地区被认定为“敏感信息”。我们仅在您明确同意或基于医疗服务需要时处理。

2.4 传感器与蓝牙数据
Instara App 需要访问您的设备蓝牙接口，以确保血糖传感器能够持续传输和处理您的血糖水平。位置信息仅用于辅助蓝牙扫描，我们不会追踪或存储您的地理位置。

2.5 数据共享选项
在您的同意下，您可以选择将血糖数据与以下人员共享：

专业医疗人员（通过邀请或授权）
家人或朋友（通过绑定功能）

共享数据可能包括：血糖水平、基本患者信息（如姓名、性别、出生日期、糖尿病类型等）。您可随时取消授权。

3. 我们如何收集和处理您的个人信息

3.1 收集渠道
我们通过以下方式收集您的个人信息：

直接提供：您在注册、填写资料、联系客服或使用功能时主动提供的信息。
自动获取：当您使用 Instara App 和设备时，系统会自动采集必要信息，如设备日志、传感器数据等。

3.2 账户注册与登录
为使用本产品，您需注册并登录账户。在此过程中，我们会收集：

邮箱或手机号
密码
验证短信内容

这些信息用于身份验证和保障您账户的安全。

3.3 补充信息（可选）
您可选择性提供头像、昵称、性别、生日、身高、体重等。这些数据有助于改进服务，但并非必需，不影响核心功能的使用。

3.4 设备绑定
当您首次绑定或管理 CGM 设备时，我们会收集：

设备 SN 码
蓝牙 MAC 地址
电池状态
手机操作系统、软件版本、网络状况和日志信息

这些数据仅用于设备配对与功能实现。

3.5 血糖监测与提醒
当 CGM 设备与手机连接时，我们会自动采集血糖数据，用于：

血糖趋势分析
异常提醒
报告生成

此处理基于您的同意或医疗健康服务的必要性。

3.6 系统权限说明
Instara App 可能会请求以下权限：

蓝牙：连接传感器（必需）
定位：辅助蓝牙功能（必需，仅限安卓）
网络：数据传输（必需）
相机：扫码绑定设备、拍照上传头像（可选）
存储：导出报告（必需）
通知：推送血糖提醒（可选）

3.7 安全与优化
为防止非法访问并提升体验，我们会收集：

设备型号、操作系统版本、IP 地址
登录与操作日志

这些信息仅用于风险排查、服务优化及保障系统安全。

3.8 使用原则
我们仅在获得您授权或法律允许的范围内处理您的个人信息，且仅用于实现收集时明确的目的。如需变更用途，我们会事先通知并征得您的同意。

4. 我们如何存储和保护您的个人信息

4.1 存储地点
我们会根据适用法律，将个人信息存储在距离您所在地区最近的服务器：

位于中国的用户：数据存储在中国境内。
位于欧盟的用户：数据存储在欧盟境内。
其他地区的用户：数据存储在符合相关法律要求的区域。

4.2 存储期限
我们仅在达成本政策所述目的所需的最短时间内保留您的信息。

若您主动注销账户，我们会立即删除或匿名化处理相关信息。
若法律法规要求更长的保存期限，我们会依照法律执行。
当我们停止运营某些服务时，会及时通知您，并删除或匿名化相关数据。

4.3 保护措施
我们采取符合行业标准的安全措施来保护您的信息，包括：

数据加密与访问控制
网络安全防护
系统与日志监控

4.4 风险与责任
互联网并非绝对安全。我们会尽力防止：

未经授权的访问、泄露或篡改
黑客攻击、病毒入侵
数据丢失或被盗用

若发生个人信息安全事件，我们将：

及时告知您事件详情及应对措施
提供降低风险的建议
根据监管要求上报事件处置情况

4.5 信息最小化原则
我们不会收集与服务无关的信息，并且仅在必要期限内保留。除非获得您的同意或法律允许，我们不会将数据用于其他目的。

5. 您的权利

5.1 访问权
您有权访问我们持有的您的个人信息。您可以在应用内直接查看或下载您的数据，如遇问题，可联系我们协助处理。

5.2 更正权
若您发现信息有误或不完整，您可以通过“我的-编辑资料”进行修改。若无法自行更正，可联系我们申请更正。

5.3 删除权
您可在“我的-设置-账号与安全”中使用注销功能，彻底删除个人信息。对于无法自行删除的信息，您可以提出申请，我们会及时处理。

5.4 撤回同意权
您可随时在手机系统或应用设置中关闭相关权限（如定位、通知、存储等），或注销账户以撤回同意。撤回后，我们将不再处理相关信息，但不影响撤回前的处理结果。

5.5 反对与限制处理权
在特定情况下，您有权反对或要求我们限制处理您的信息，例如用于营销或完全自动化决策时。

5.6 数据可携带权
在符合法律要求的情况下，您有权请求以结构化、通用、机器可读的格式导出您的个人信息。

5.7 投诉与申诉
如您认为我们处理个人信息违反法律或本政策，您可以联系我们提出投诉。若对处理结果不满意，您可向监管部门申诉或投诉。

5.8 请求处理规则

我们可能会要求您验证身份，以确保请求安全。
合理的请求我们将免费处理；对于重复或超出合理范围的请求，我们可能收取成本费用或予以拒绝。

6. 第三方服务提供商及其服务

6.1 SDK 与第三方服务
为确保应用功能和稳定运行，我们可能接入第三方软件开发工具包（SDK）或服务。这些第三方可能会收集与运行相关的数据，其处理方式以各自的隐私政策为准。请注意，第三方可能因版本更新或策略调整而变更数据收集范围。

6.2 使用原则

我们仅在获得您授权或法律允许的情况下，与第三方共享必要数据。
第三方仅在实现相应功能所需的范围内处理数据。
您可在第三方公布的隐私政策中了解其数据使用方式。

6.3 第三方 SDK 列表

Engagelab SDK
- 提供方：Metaverse Cloud PTE. LTD.
- 用途：消息推送
- 收集信息：设备标识（IMEI、IDFA、Android ID、GAID、MAC、OAID）、网络信息、位置信息
- 隐私政策链接：Engagelab 隐私政策
Bugly SDK
- 提供方：深圳市腾讯计算机系统有限公司
- 用途：应用崩溃分析与排查
- 收集信息：进程信息、网络类型、存储空间、设备 Root 状态、CPU 架构、系统版本、品牌型号等
- 隐私政策链接：Bugly 隐私政策

7. 未成年人信息保护

7.1 我们高度重视未成年人的个人信息保护。
7.2 我们不会在未获得父母或法定监护人同意的情况下，主动收集18岁以下未成年人的个人信息。
7.3 若我们发现未经同意收集了未成年人的信息，我们会尽快删除相关数据。

8. 政策更新

8.1 我们可能会根据业务发展和法律变化更新本政策。
8.2 若隐私政策发生重大调整，我们会通过应用内通知、弹窗或其他合理方式告知您。
8.3 最新版本的隐私政策可在应用内查看（路径：我的 > 设置 > 隐私协议）。
8.4 除非您明确同意，否则我们不会削弱您在本政策下享有的权利。

9. 联系我们

9.1 如果您对本政策或个人信息处理有任何疑问，可以通过以下方式联系我们：

公司名称：糖简医疗科技（苏州）有限公司
地址：中国江苏省苏州市工业园区界浦路69号2号楼A-501室
邮箱：service@teljane.com

9.2 我们会在15个工作日内回应您的请求。
9.3 我们承诺持续改进隐私保护措施，保障您的数据安全与合法权益。