← VILO

PRIVACY POLICY

Effective date: March 27, 2026

1. Introduction

VILO ("VILO", "we", "us", or "our") is an AI life coordinator app operated by White Tiger Consulting LLC. This Privacy Policy explains how we collect, use, and protect your personal information when you use VILO.

By using VILO, you agree to this Privacy Policy. If you do not agree, please do not use the Service.

Questions? Contact us at hello@vilo.life.

2. Information We Collect

Account information. When you sign in with Google or Apple, we receive your name, email address, and profile photo. We use this to create and maintain your VILO account.

Google Calendar data. With your explicit permission via Google OAuth, VILO reads and writes your Google Calendar events. This data is used to display your schedule in VILO, create events on your behalf, and provide context to the AI assistant for planning and recommendations.

Apple HealthKit data. With your explicit permission, VILO reads from Apple HealthKit: step count, distance, active energy burned, exercise time, heart rate, resting heart rate, body weight, and sleep analysis. This data is used to give the AI assistant context about your physical state for personalized recommendations.

Apple Music data. With your explicit permission via MusicKit, VILO reads your Apple Music listening history, recently played tracks, and top artists. This data is used to generate music recommendations tailored to your taste and current moment.

Usage data. VILO stores the goals, tasks, habits, events, workout logs, and chat messages you create within the app in Firestore (Google Cloud). This data belongs to you and is used to provide the core features of the service.

Device information. For push notifications (iOS), we store an APNs device token. We collect basic device type and OS version for debugging.

3. How We Use Your Information
  • Power the AI assistant (Google Gemini) with context about your life — health, calendar, goals, habits, and music preferences.
  • Generate personalized recommendations for music, daily planning, and fitness.
  • Sync and display your Google Calendar events and create events on your behalf.
  • Send push notifications for reminders, nudges, and assistant responses.
  • Improve the quality of VILO's recommendations over time based on your usage patterns.

We do NOT sell your data. We do NOT use your data for advertising. We do NOT share your data with third parties except as described in Section 6 (Data Sharing).

4. Google API Services

VILO uses Google Sign-In and Google Calendar via the Google API. Our use of Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.

VILO's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

  • We use your Google account only to authenticate you and access your Google Calendar as authorized.
  • Google Calendar data is used only to display your events in VILO and to create or modify events on your behalf at your direction.
  • We do not transfer Google user data to third parties except as necessary to provide the VILO service (e.g., processing by Gemini AI as described in Section 6).
  • We do not use Google user data for advertising purposes.
  • We do not allow humans to read your Google user data unless you have given us affirmative consent, it is necessary for security or legal compliance, or it is required to provide the service you requested.
  • We do not use Google user data to train AI models without your explicit, informed consent.

You can revoke VILO's access to your Google account at any time via Google Account Permissions.

5. Apple HealthKit
  • HealthKit data is used only to provide VILO features as described in this policy.
  • HealthKit data is never used for advertising purposes.
  • HealthKit data is never shared with third parties without your explicit consent, except as necessary to provide the service (e.g., processing by the VILO AI).
  • HealthKit data is never sold.
  • You can revoke VILO's access to HealthKit at any time in iOS Settings → Privacy & Security → Health.
6. Data Sharing

We share your data only with the following service providers who help us operate VILO:

  • Google Firebase & Google Cloud — authentication, database (Firestore), and app hosting. Subject to Google's Terms of Service and Privacy Policy.
  • Google Vertex AI / Gemini — AI inference. Your chat context is sent to Gemini to generate responses. Google processes this data under their Cloud terms; it is not used to train Google's models without your consent.
  • Resend — transactional email (e.g., account notifications). Only your email address is shared for this purpose.

We do not share your data with data brokers, advertising networks, or any party not listed above.

7. Data Retention and Deletion

We retain your data for as long as your account is active. Health snapshots are retained for 90 days. Chat history is retained for 12 months by default.

To delete your account and all data: email hello@vilo.life with the subject "Delete my account". We will delete all your personal data within 30 days and confirm via email.

To export your data: use the "Export data" option in your VILO profile settings, or email hello@vilo.life to request a data export in JSON format.

8. Your Rights (GDPR / CCPA)

Depending on your location, you may have the following rights:

  • Access — request a copy of all personal data we hold about you.
  • Correction — request correction of inaccurate or incomplete data.
  • Deletion — request deletion of your personal data ("right to be forgotten").
  • Portability — request your data in a structured, machine-readable format.
  • Restriction — request that we limit how we use your data.
  • Objection — object to processing of your data for certain purposes.

California residents (CCPA): You have the right to know what personal information we collect, the right to delete it, the right to opt out of sale (we do not sell data), and the right to non-discrimination for exercising your rights.

EU/UK residents (GDPR): Our legal basis for processing your data is your consent (for HealthKit, Calendar, Music) and the performance of a contract (for account and usage data). You have the right to lodge a complaint with your local data protection authority.

To exercise any of these rights, contact us at hello@vilo.life. We will respond within 30 days.

9. Security

All data in transit is encrypted via TLS. Data at rest is stored in Google Firestore, which encrypts data at rest by default. Access to production data is restricted to authorized personnel only.

In the event of a data breach affecting your personal information, we will notify affected users within 72 hours of becoming aware of the breach, where required by law.

10. Children's Privacy

VILO is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at hello@vilo.life and we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and update the effective date above. We encourage you to review this policy periodically. Your continued use of VILO after changes are posted constitutes your acceptance of the updated policy.

12. Contact

White Tiger Consulting LLC
hello@vilo.life
vilo.life