Privacy Policy

Effective date: February 25, 2026 — Last updated: February 25, 2026

We built URIO to help you understand your urinary patterns and your privacy matters to us. This policy explains what information URIO collects, how we use and protect it, and the choices available to you.

Privacy Links: Privacy Policy · Consumer Health Data Privacy Policy · Terms of Service

1. 1. Information We Collect
2. 2. How We Use Your Information
3. 3. How We Store and Protect Your Data
4. 4. Data Sharing and Disclosure
5. 5. Data Retention
6. 6. De-Identification Practices
7. 7. Your Rights and Choices
8. 8. Third-Party Services
9. 9. Children’s Privacy
10. 10. U.S. State Privacy Laws
11. 11. Website
12. 12. Changes to This Policy
13. 13. Contact Us

URIO, LLC (“URIO,” “we,” “us,” or “our”) operates the URIO mobile application (the “App”), available on Apple iOS and any other platforms where URIO may be offered. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the App.

By using the App, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the App.

We do not sell or share your personal information. We do not share identifiable data with employers, insurers, advertisers, or data brokers.

Certain information we collect, including voiding patterns, condition categories, medication records, and assessment scores, may constitute sensitive personal information under applicable state laws. We limit the use of this information to providing the App’s core functionality and, with your consent, for de-identified research purposes. For additional details about how we handle consumer health data under state health privacy laws, please see our Consumer Health Data Privacy Policy.

1. Information We Collect

Information you provide directly:

• Account information: If you create an account using Sign in with Apple, we receive your Apple-provided user identifier. We do not receive or store your Apple ID email address unless you choose to share it.
• Wellness tracking data: Voiding logs (timestamps, volume, urgency, stream strength, pain levels), beverage intake logs (type, volume, caffeine/alcohol content), and related contextual entries you choose to record.
• Profile and preferences: Conditions you select during onboarding (stored as category codes), medications, supplements, and tracking preferences.
• Assessment responses: Answers to standardized wellness questionnaires such as the IPSS and ICIQ, along with computed scores.

Information collected automatically:

• Usage analytics (with your consent): If you opt in to analytics during onboarding, we collect de-identified usage patterns (feature usage, session length) to improve the App. This data is stripped of personal identifiers before collection. You can change your analytics preference at any time in Settings.
• Wellness Library reading statistics: When you read articles in the Wellness Library, URIO records which articles were viewed and approximate reading duration. This information helps us and our content partners understand which topics are most relevant to our users, so we can improve the quality and relevance of educational content available to you. This data is shared with content partners only in aggregate, statistical form — for example, “this article was viewed 800 times by users managing a particular condition.” These reports never include personal identifiers, anonymous identifiers, or individual-level reading histories.
• Apple Health data: If you grant permission, the App may read sleep data from Apple Health to provide nocturia-related insights. This data is processed locally on your device and is not transmitted to our servers.

Information we do NOT collect:

• We do not collect your name, email address (unless you voluntarily share it via Sign in with Apple), phone number, physical address, or payment information (subscriptions are processed entirely by Apple).
• We do not use advertising identifiers (IDFA).
• We do not track your location.
• We do not serve targeted advertising or use cookies for tracking purposes.

Categories of Personal Information (CCPA Disclosure)

Category	Sources	Purposes	Shared With	Sold/Shared in Last 12 Months
Identifiers Apple user ID	Directly from you (Sign in with Apple)	Account authentication, iCloud sync	Apple (via CloudKit)	No
Wellness tracking data Voiding logs, beverage intake, condition codes, medications, supplements	Directly from you	Core App functionality (insights, charts, reports, personalization)	Apple (private iCloud container, not accessible to us); de-identified research (with consent)	No
Assessment data IPSS, ICIQ scores and responses	Directly from you	Tracking changes over time, shareable reports	Not shared	No
Usage data Feature usage, session length (de-identified)	Automatically (with consent)	App improvement	Not shared	No
Aggregate reading statistics Article view counts, average duration by condition category	Automatically	Content quality improvement	Content sponsors (aggregate statistics only — no individual data)	No (aggregate statistics are not personal information)

2. How We Use Your Information

• To provide the App’s core functionality: Your wellness tracking data is used to generate insights, charts, trends, reports, and personalized content recommendations within the App.
• To sync your data: If you are signed in with an iCloud account, your tracking data may be synced via Apple’s CloudKit infrastructure so it is available across your devices. This data is stored in your private iCloud container and is not accessible to us.
• To improve the App (with your consent): De-identified analytics data helps us understand how features are used and where we can improve.
• To support research (with your consent): If you opt in, we may contribute de-identified, aggregated wellness data to research efforts. This data cannot be linked back to you. See Section 6 for details.
• To improve educational content: Aggregate Wellness Library reading statistics help us and our content partners identify which topics matter most to users.

3. How We Store and Protect Your Data

On-device storage: The majority of your wellness data is stored locally on your device using Apple’s SwiftData framework. This data remains on your device unless you enable iCloud sync.

iCloud sync: If enabled, your data is stored in your private iCloud container managed by Apple. We do not have access to data in your private iCloud container. Apple’s CloudKit infrastructure encrypts data in transit and at rest.

Subscription data: All subscription transactions are processed by Apple through the App Store. We do not receive or store your payment information.

We maintain reasonable technical, organizational, and administrative safeguards designed to protect personal information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. No security can be fully guaranteed.

4. Data Sharing and Disclosure

We do not sell or share your personal information. We do not share identifiable data with employers, insurers, advertisers, or data brokers.

We may share information in the following limited circumstances:

• Content partners (aggregate statistics only): De-identified, aggregate reading statistics for Wellness Library content. These reports contain only total counts, averages, and condition-category distributions. They never include personal identifiers, anonymous identifiers, or individual-level data.
• Service providers: We may use third-party services to support App operations (e.g., crash reporting, infrastructure, de-identified data hosting). Any such providers are bound by contractual obligations to protect your data and may not use it for their own purposes.
• Legal requirements: We may disclose information if required by law, regulation, legal process, or enforceable governmental request.
• Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you through the App before your data is transferred and becomes subject to a different privacy policy.

5. Data Retention

Active accounts: Your wellness tracking data is retained for as long as your account is active or for as long as you continue to use the App.

Account deletion: If you delete your account, all personal data will be permanently removed from our systems within 30 days.

De-identified research data: De-identified, aggregated data that has already been processed may be retained indefinitely, as it contains no personal identifiers and cannot be linked back to you. See Section 6.

Usage analytics: De-identified analytics data is retained for no more than 24 months.

Aggregate reading statistics: Aggregate Wellness Library statistics are retained indefinitely as they contain no individual-level data.

6. De-Identification Practices

When your data is contributed to research (with your consent), we apply de-identification practices consistent with the HIPAA Safe Harbor standard:

• All personal identifiers are removed, including account credentials, device identifiers, and any information that could directly or indirectly identify you.
• A unique anonymous research identifier is generated using a random process with no mathematical relationship to your account credentials or device. This identifier cannot be reversed or linked to your account.
• Calendar dates are generalized (expressed as relative time periods, not specific calendar dates).
• Ages are expressed as 5-year ranges, with all ages 90 and above aggregated to “90+.”
• The resulting data contains only condition categories, age ranges, anonymized wellness patterns, and intervention categories (medication classes, supplement types).

When you delete your account, the mapping between your account and your anonymous research identifier is permanently destroyed. The de-identified research record becomes an orphan with no path back to any individual. We will not attempt to re-identify de-identified data except when testing our de-identification practices.

7. Your Rights and Choices

Analytics consent: You can opt in or out of usage analytics at any time in Settings.

Research data consent: Participation in de-identified research data sharing is entirely optional and can be changed at any time in Settings.

Data deletion: You may request deletion of your data at any time by contacting us at [email protected] from the email address associated with your Apple ID, or by initiating deletion from within the App while signed in. We will delete your personal data within 30 days.

Account deletion: You may delete your account at any time through the App’s Settings.

Data export: You can generate a PDF report of your tracking data at any time using the report feature within the App.

Response timeline: We will respond to all data rights requests within 30 days of receipt.

Right to appeal: If we deny a privacy rights request, we will provide the reason for denial and instructions for how to appeal the decision. We will respond to appeals within 45 days. If your appeal is denied, you may contact your state attorney general.

8. Third-Party Services

The App integrates with:

• Apple (Sign in with Apple, iCloud/CloudKit, StoreKit, HealthKit): Subject to Apple’s Privacy Policy.

The App does not integrate with advertising networks, social media tracking pixels, or third-party analytics platforms that track users across apps.

9. Children’s Privacy

URIO is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child under 18 has provided us with personal information, we will delete such information promptly. Contact us at [email protected] if you believe a child has provided us with personal data.

10. U.S. State Privacy Laws

URIO is available only in the United States. We apply a uniform standard of privacy protection to all users based on the most protective state laws currently in effect.

California (CCPA/CPRA): California residents have the right to: request disclosure of the categories and specific pieces of personal information collected; request deletion; correct inaccuracies; and opt out of the sale or sharing of personal information. We do not sell or share personal information. See the CCPA disclosure table in Section 1.

Washington, Connecticut, Nevada, and other states: Residents of states with consumer health data protection laws are afforded all protections required by applicable law. For details specific to consumer health data, see our Consumer Health Data Privacy Policy.

Do Not Sell or Share My Personal Information: URIO does not sell or share personal information as defined under any applicable state privacy law. If you wish to exercise this right or have questions, contact us at [email protected].

11. Website

Our website does not use cookies or third-party tracking technologies. Basic server access logs (IP address, browser type, timestamp) may be retained for up to 30 days for security purposes.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through in-app notifications. Updated policies will also be posted on this page with a revised effective date.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

URIO, LLC
108 Glenwood Avenue
Leonia, NJ 07605
United States
[email protected]