Privacy Policy

Welcome to The Lively Three. We help you track plant-focused intake and turn your entries into personal insights and (opt-in) community benchmarks. You control what you share and can manage access and deletion in the app. This policy explains what we collect, how we use it, and your rights.

This Privacy Policy applies to users in Switzerland (CH), the European Union/EEA (EU), the United Kingdom (UK), and Canada (CA).

The Lively Three - powered by Beeqster GmbH.

Bühlstrasse 18, 8172 Niederglatt, Switzerland

To operate The Lively Three and provide the features you request (food logging and your personal indicators), we must process certain personal data, including your account data, the entries you log, and the indicators derived from those entries. If you do not agree to this required processing, we cannot provide the service.

In addition to the core service, we may offer optional features via Data Contracts. Data Contracts are contextual opt-ins that specify:

• who requests data
• what is requested
• what you receive (e.g., additional analytics or features)
• duration and how withdrawal works

Managing Data Contracts: The primary way to manage Data Contracts is in the app (Settings → Data Transparency). If you cannot access the app, contact us at privacy@thelivelythree.earth or use the Trust Center above.

Preventing "silent expansion": If we introduce new optional processing, we will do so via a new Data Contract that clearly explains scope, purpose, duration, and withdrawal.

Community features: Data Contracts also govern optional community features, such as sharing a meal to the Community Kitchen, where The Lively Three acts as the initiating party on behalf of the user community. These contracts follow the same structure: scope, purpose, what you receive, duration, and how to withdraw.

We use personal data to:

• provide and operate the app and its core features
• generate your personal dashboards and indicators
• operate, secure, and improve the service
• respond to support requests
• (where enabled) measure and improve website performance and usability
• (if you opt in) enable optional features and any sharing described in a Data Contract

Service and marketing communications

• Service communications: We may send emails necessary to provide the service (e.g., account verification, security notices, password reset).
• Marketing communications (if enabled): Only where permitted by applicable law. You can opt out at any time.
• No advertising targeting (in-app): We do not use your in-app consumption logs, body metrics, or derived indicators to target you with advertising.
• Website advertising measurement (cookie-based): If you opt in, we may use marketing/advertising cookies to measure campaign effectiveness.
• We don't combine in-app nutrition data with website advertising audiences.

Where EU/EEA GDPR or UK GDPR applies, we rely on one or more of the following bases:

• Contract (to provide the service you request)
• Legitimate interests (security, fraud prevention, service reliability and improvement)
• Consent (where required, e.g., optional Data Contracts and non-essential website cookies)
• Legal obligation (where applicable)

Our primary database is hosted in Frankfurt, Germany (AWS eu-central-1) via Supabase.

Data sovereignty and transfers: We design the service to keep storage and primary processing within Switzerland and the EU/EEA where feasible.

Website analytics/marketing providers (e.g., Google/Meta) may process data outside Switzerland/EU/EEA, including the USA, where enabled and consented.

Safeguards: Where required, we use Standard Contractual Clauses (SCCs) or equivalent lawful mechanisms.

We retain personal data only as long as needed for the purposes described above, unless longer retention is required by law.

Community Kitchen: meals you have shared that have not been adopted by any other user within a defined period are automatically removed from the community list. The meal remains in your personal My Kitchen list regardless.

Operational retention (examples):

• Security and abuse prevention logs: retained for a limited period to protect the service and investigate misuse.
• Support communications: retained as needed to resolve issues and maintain an audit trail where appropriate.

Payment and transaction records: Where required for accounting, tax, and compliance purposes, we retain payment-related records for the period required by applicable law. Purchases are processed by Apple/Google, and we do not store full payment card details.

Request logs: We retain records of privacy requests and our responses (e.g., request type and timestamps) for a limited period to demonstrate compliance, prevent abuse, and maintain auditability.

Limited period: Where we refer to a “limited period,” this generally means months, not years, unless we must retain data longer to meet legal obligations or to establish, exercise, or defend legal claims.

TLT offers an in-app Delete Account flow with two scenarios:

Essential cookies are required for the website to function securely. With your consent, we may enable:

• Analytics cookies/tags via Google Tag Manager (GTM), including Google Analytics 4 (GA4)
• Marketing/advertising cookies/tags, including Google Ads conversion tracking and the Meta Pixel
• Marketing cookies may also be used to show you ads on other platforms where you have opted in

You can withdraw consent at any time via the website cookie preference controls and/or your browser settings.

Where these tools process data outside Switzerland/EU/EEA, we apply appropriate safeguards required by applicable law.

We use reasonable technical and organisational measures to protect personal data (e.g., encryption in transit and at rest, access controls, and monitoring).

Future plan: employ distributed ledger technology (DLT) to support technically enforced fine-grained access rights and stronger decentralization of control.

You can:

• access and correct much of your data in the app (e.g., Settings)
• manage optional Data Contracts in the app (Settings → Data Transparency)
• delete your account in-app (Option A or B, Settings → Account)
• submit privacy requests (EU/UK): https://app.prighter.com/portal/thelivelythree-privacy
• contact us (all regions): privacy@thelivelythree.earth

Identity verification: We may need to verify your identity before fulfilling certain requests to protect your data.

EU/EEA and UK users may have additional rights (including portability, restriction, and objection) and may log a complaint with their supervisory authority. Canadian users may raise concerns with the Office of the Privacy Commissioner of Canada.

We will post updates here with a new "Last Updated" date. Important changes may be notified to registered users.

Email: privacy@thelivelythree.earth

Address: Beeqster GmbH, Bühlstrasse 18, 8172 Niederglatt, Switzerland