App Privacy Policy

Joon Privacy Policy

Last updated: May 2026 Effective date: May 2026

 

1. Introduction and Who We Are

Welcome to Joon. This Privacy Policy explains how Joon  (operated by NOVENC INC.)("Joon," "we," "us," or "our") collects, uses, stores, shares, and protects your personal information when you:

  • Visit our website at joonpro.com

  • Purchase products through our online store

  • Download, access, or use the Joon mobile application (the "Joon App")

  • Access or use the Joon health platform (the "Platform")

  • Interact with us by email, phone, or any other channel

Together, all of the above are referred to as the "Services."

Legal entity: NOVENC .INC, 7153 Waldorf Way, Mississauga, Ontario, Canada L5N7R3 support@joonpro.com

Privacy Officer / Data Controller Contact: Christian Araujo - support@joonpro.com

If you do not agree with this Privacy Policy, please do not use our Services.

 

 

2. Scope of This Policy

This Privacy Policy applies to:

  • All users of the Joon website and online store

  • All users of the Joon App on iOS and Android

  • All users of the Joon health platform

  • Prospective customers, subscribers, and visitors

This policy covers personal information collected by Joon directly and through third-party service providers acting on our behalf. It also describes the practices of third-party SDKs and services integrated into the Joon App.

This policy does not apply to third-party websites or services linked from our Services. Those parties have their own privacy policies which we encourage you to review.

 

 

3. Information We Collect

We collect personal information in the following categories:

3.1 Information You Provide Directly

Account and identity information:

  • Full name

  • Email address

  • Password (stored in encrypted form)

  • Date of birth

  • Profile photo (if uploaded)

  • Billing name and address

Purchase and payment information:

  • Shipping address

  • Order history

  • Subscription details

  • Payment method details (processed and stored by our payment processor — Joon does not store full card numbers)

Health and wellness information (voluntarily entered by you):

  • Supplement intake logs

  • Daily adherence records

  • Self-reported health goals

  • Self-reported wellness metrics, energy levels, mood, and physical performance

  • Fitness and activity notes

  • Progress entries and journal logs

  • Any other health-related information you voluntarily enter into the Joon App or Platform

Communications:

  • Messages, emails, or chat submissions you send to us

  • Customer support inquiries

  • Survey responses and feedback

3.2 Information Collected Automatically

When you use the Services, we and our third-party service providers may automatically collect:

Device and technical information:

  • Device type, model, and manufacturer

  • Operating system and version

  • Unique device identifiers (device ID, advertising identifier where permitted)

  • App version number

  • Browser type and version (for web access)

  • IP address

  • Mobile network information

Usage and analytics data:

  • Pages and screens visited

  • Features accessed within the Joon App

  • Time and duration of sessions

  • Tap, click, and scroll interactions

  • In-app actions and navigation paths

  • Error logs and crash reports

  • Referral source (how you arrived at our website or app)

Location data:

  • Approximate location derived from IP address

  • Precise location only if you explicitly grant permission (used only for features that require it, such as localized content or shipping)

Cookies and tracking technologies: On the website, we use cookies, web beacons, and similar technologies. See Section 11 (Cookies) for full details.

3.3 Information From Third Parties

We may receive information about you from:

  • Payment processors (transaction confirmation and fraud signals)

  • Analytics providers (aggregated usage data)

  • App stores (Apple App Store / Google Play) in connection with your download or purchase

  • Social login providers if you choose to connect a social account

  • Advertising platforms if you interact with a Joon advertisement

 

 

4. How We Use Your Information

We use your personal information for the following purposes:

To provide and operate the Services:

  • Create and manage your account

  • Process and fulfill orders and subscriptions

  • Deliver the Joon App and Platform features

  • Display your personal health logs, adherence data, progress history, and platform content

  • Provide customer support

To personalize your experience:

  • Tailor platform content and supplement recommendations based on your stated goals and logged data

  • Remember your preferences and settings

To communicate with you:

  • Send order confirmations, shipping notifications, and receipts

  • Deliver subscription billing notices and renewal reminders

  • Respond to your support inquiries

  • Send service-related announcements (account, policy updates)

  • Send marketing communications where you have opted in or where permitted by law

  • Send push notifications through the Joon App (you can disable these at any time in your device settings)

To improve and develop the Services:

  • Analyze usage patterns and app performance

  • Conduct research and testing on new features

  • Monitor for errors, crashes, and security issues

To comply with legal obligations:

  • Meet applicable laws, regulations, and legal processes

  • Respond to lawful government or regulatory requests

  • Enforce our Terms of Service and other policies

  • Prevent fraud, abuse, or unauthorized access

For analytics and measurement:

  • Understand how our Services are used

  • Measure the effectiveness of our marketing

  • Generate aggregated, anonymized reporting

We will not use your personal information for any purpose that is materially different from those stated above without obtaining your consent or having a lawful basis to do so.

 

 

5. Health Data — Special Notice

The Joon App and Platform collect and process health-related information that you voluntarily enter, including supplement logs, wellness notes, progress entries, and self-reported health metrics.

This information is sensitive. Here is how we treat it:

  • Health data you enter is used solely to provide and improve the Joon Platform experience for you

  • We do not sell your health data to third parties under any circumstances

  • We do not share your health data with advertisers or advertising networks

  • We do not share individually identifiable health data with third parties except as described in Section 6 of this policy (e.g., with service providers acting on our behalf under strict data processing agreements)

  • Aggregated, anonymized, non-identifiable health data may be used for product research and improvement

  • All health data is stored with encryption in transit and at rest

The Joon App and Platform are not medical devices and do not provide medical advice. Your health logs and progress data are personal wellness tracking tools only. See our Terms of Service for full disclaimers.

 

 

6. How We Share Your Information

We do not sell your personal information. We share it only in the following circumstances:

6.1 Service Providers

We engage trusted third-party service providers to help us operate the Services. These providers process your data only on our behalf, under contractual obligations to protect it and only use it for the purposes we specify. Categories of providers include:

  • Cloud hosting and infrastructure — servers that store app and platform data

  • Payment processing — to securely handle transactions (e.g., Stripe, Shop Pay or similar)

  • Email and communications — to send transactional and marketing emails (e.g., Klaviyo, Mailchimp or similar)

  • Analytics — to understand usage patterns (e.g., Google Analytics, Firebase or similar)

  • Customer support — to manage support tickets and communications

  • App development platform — our app is built and hosted using Replit infrastructure and associated services

  • Order fulfillment — our fulfillment partner processes and ships your physical orders

  • Push notifications — notification delivery services for the Joon App

We require all service providers to: (a) protect your data to a standard at least equal to this Privacy Policy; (b) use your data only for the specified purpose; and (c) delete or return your data upon request.

6.2 Business Transfers

If Joon is involved in a merger, acquisition, financing, reorganization, or sale of all or part of its assets, your personal information may be transferred as part of that transaction. We will notify you via email or a prominent notice on our website prior to any such transfer becoming effective.

6.3 Legal Compliance and Safety

We may disclose your information when required to do so by law, or in good faith belief that such action is necessary to:

  • Comply with a legal obligation, court order, or regulatory requirement

  • Protect the rights or property of Joon

  • Prevent or investigate potential wrongdoing

  • Protect the personal safety of users of the Services or the public

  • Protect against legal liability

6.4 With Your Consent

We may share your information with your explicit consent for purposes not described in this policy.

 

 

7. Third-Party SDKs and Technologies

The Joon App and website integrate third-party tools and software development kits (SDKs) that may collect data independently. These may include:

Third-Party Tool

Purpose

Their Privacy Policy

Google Firebase / Analytics

App analytics, crash reporting, performance

firebase.google.com/support/privacy

Google Play Services

Android app functionality

policies.google.com/privacy

Apple App Store Services

iOS app functionality

apple.com/privacy

Replit

App development, hosting, infrastructure

replit.com/site/privacy

Stripe or similar payment processor

Payment processing

stripe.com/privacy

Shopify

E-commerce platform and store

shopify.com/legal/privacy

Email marketing platform

Email communications

shopify.com/

Push notification service

In-app notifications

n/a

Note: Update this table with all actual SDKs used in your Replit-built app. Apple and Google require disclosure of every SDK that collects data.

We are responsible for ensuring that our use of third-party SDKs complies with applicable privacy laws. We do not permit third-party SDKs to use your data for their own independent advertising or marketing purposes without your consent.

 

 

8. App Store Specific Disclosures

8.1 Apple App Store — Data Nutrition Label Summary

In accordance with Apple's App Store privacy requirements, the following is a summary of data practices for the Joon App:

Data linked to your identity:

  • Contact information (name, email address)

  • Identifiers (user ID, account information)

  • Health and fitness data (supplement logs, wellness entries, progress data)

  • Purchase history (orders, subscriptions)

  • Usage data (app interactions, feature usage)

Data not linked to your identity:

  • Diagnostic data (crash logs, performance data)

  • Aggregated analytics (anonymized usage statistics)

Data used for tracking: None. Joon does not track users across apps or websites owned by third parties for advertising purposes.

Complete Privacy Nutrition Label details are available in the App Store Connect listing.

8.2 Google Play Store — Data Safety Summary

In accordance with Google Play's Data Safety requirements:

Data collected:

  • Personal info: name, email address

  • Financial info: purchase history (not card numbers)

  • Health and fitness: user-entered supplement and wellness logs

  • App activity: in-app usage and interactions

  • Device or other IDs: device identifiers for app functionality

Data shared: Limited sharing with service providers as described in Section 6

Security practices: Data encrypted in transit. Users can request data deletion (see Section 12)

Complete Data Safety section is available in the Google Play listing.

 

 

9. Legal Bases for Processing (GDPR — EU/EEA/UK Users)

If you are located in the European Union, European Economic Area, or United Kingdom, we process your personal data under the following legal bases as defined under the General Data Protection Regulation (GDPR):

Processing Activity

Legal Basis

Creating and managing your account

Performance of a contract

Processing orders and payments

Performance of a contract

Delivering the Joon App and Platform

Performance of a contract

Sending transactional communications

Performance of a contract

Complying with legal obligations

Legal obligation

Preventing fraud and ensuring security

Legitimate interests

Improving and developing the Services

Legitimate interests

Marketing communications (where opted in)

Consent

Analytics and performance monitoring

Legitimate interests

Processing health data you voluntarily enter

Explicit consent

You have the right to withdraw consent at any time where consent is the legal basis. Withdrawal of consent does not affect the lawfulness of processing before the withdrawal.

 

 

10. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

10.1 All Users

  • Right to access — Request a copy of the personal information we hold about you

  • Right to correction — Request that we correct inaccurate or incomplete information

  • Right to deletion — Request that we delete your personal information (see Section 12)

  • Right to withdraw consent — Withdraw consent where processing is consent-based

  • Right to opt out of marketing — Unsubscribe from marketing emails at any time via the unsubscribe link or by contacting support@joonpro.com

10.2 EU/EEA/UK Users (GDPR)

In addition to the above:

  • Right to data portability — Receive your data in a structured, machine-readable format

  • Right to restrict processing — Request that we limit how we process your data

  • Right to object — Object to processing based on legitimate interests

  • Right to lodge a complaint — File a complaint with your local data protection authority

10.3 California Users (CCPA/CPRA)

California residents have the right to:

  • Know what personal information is collected, used, shared, or sold

  • Delete personal information we have collected

  • Opt out of the sale or sharing of personal information (we do not sell personal information)

  • Non-discrimination for exercising your privacy rights

  • Correct inaccurate personal information

  • Limit use and disclosure of sensitive personal information

To exercise any of these rights, contact us at support@joonpro.com. We will respond within the timeframe required by applicable law (generally 30 days under GDPR and 45 days under CCPA).

We may need to verify your identity before fulfilling a request. We will not discriminate against you for exercising your privacy rights.

10.4 Canadian Users (PIPEDA)

Under PIPEDA, you have the right to:

  • Access the personal information we hold about you upon written request

  • Challenge the accuracy and completeness of your information and have it corrected

  • Withdraw consent for the collection, use, or disclosure of your information (subject to legal or contractual restrictions)

  • File a complaint with the Office of the Privacy Commissioner of Canada at priv.gc.ca

Our designated Privacy Officer can be reached at support@joonpro.com.

 

 

11. Account Deletion

You have the right to delete your Joon account and associated personal data at any time.

To delete your account:

  1. Open the Joon App

  2. Navigate to Settings → Account → Delete Account

  3. Follow the on-screen instructions

Or contact us directly at support@joonpro.com with the subject line "Account Deletion Request."

Upon account deletion:

  • Your account credentials and profile information will be permanently deleted

  • Your health logs, supplement tracking data, and progress entries will be permanently deleted

  • Your subscription will be cancelled (active subscription periods will not be refunded)

  • Anonymized, aggregated data that cannot be linked back to you may be retained for analytics purposes

  • We may retain certain data as required by law (e.g., transaction records for tax purposes) for the legally required retention period

Deletion is processed within 30 days of a confirmed request. You will receive email confirmation when deletion is complete.

Note: This account deletion functionality is required by both Apple App Store and Google Play Store guidelines and is available within the Joon App.

 

 

12. Data Retention

We retain your personal information for as long as necessary to provide the Services and fulfill the purposes described in this policy, unless a longer retention period is required by law.

Data Type

Retention Period

Account information

Duration of account + 90 days after deletion

Health and wellness logs

Duration of account + deleted upon account deletion

Order and transaction records

7 years (legal/tax requirement)

Customer support records

3 years

Marketing preferences

Until opt-out or account deletion

Analytics data (anonymized)

Up to 26 months

Crash logs and diagnostics

90 days

When data is no longer required, we securely delete or anonymize it.

 

 

13. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies including web beacons, pixels, and local storage.

Types of cookies we use:

Cookie Type

Purpose

Can Be Disabled?

Essential/Strictly necessary

Required for the website to function (login sessions, shopping cart, security)

No — required for core functionality

Analytics

Understanding how users interact with the website (Google Analytics or similar)

Yes

Marketing/Advertising

Measuring ad performance and retargeting (where applicable)

Yes

Preferences

Remembering your settings and preferences

Yes

Managing cookies: You can control and manage cookies through your browser settings. Disabling certain cookies may affect the functionality of the website. You can also opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

For Canadian users, we obtain your consent for non-essential cookies as required by PIPEDA. For EU/EEA users, we obtain consent as required by the ePrivacy Directive and GDPR.

The Joon App does not use browser cookies. The app may use device identifiers and analytics SDKs as disclosed in Section 7.

 

 

14. Push Notifications

The Joon App may send push notifications to your device, including:

  • Supplement reminder notifications

  • Progress milestone notifications

  • Platform updates and announcements

  • Promotional communications (where you have opted in)

You can manage push notification permissions at any time in your device settings (iOS: Settings → Notifications → Joon; Android: Settings → Apps → Joon → Notifications).

Disabling push notifications will not affect your ability to use the Joon App.

 

 

15. Data Security

We take the security of your personal information seriously and implement technical and organizational measures including:

  • Encryption in transit — All data transmitted between your device and our servers uses TLS/SSL encryption

  • Encryption at rest — Sensitive data including health logs and payment information is stored encrypted

  • Access controls — Personal data is accessible only to authorized personnel who need it to perform their job functions

  • Authentication — Account access protected by password requirements and where applicable, multi-factor authentication

  • Regular security assessments — Periodic reviews of our security practices and infrastructure

  • Breach response procedures — Documented procedures for identifying, containing, and notifying affected users in the event of a data breach

Data breach notification: In the event of a data breach that poses a real risk of significant harm to you, we will notify you and the applicable regulatory authorities as required by law (including PIPEDA's mandatory breach reporting requirements and GDPR's 72-hour notification requirement).

No method of electronic transmission or storage is 100% secure. While we use commercially reasonable measures, we cannot guarantee absolute security.

 

 

16. International Data Transfers

Joon is based in Canada. Your personal information may be transferred to, stored in, or processed in countries other than your country of residence, including the United States and other jurisdictions where our service providers operate.

When we transfer personal data internationally, we ensure appropriate safeguards are in place, including:

  • Standard contractual clauses approved by relevant data protection authorities

  • Data processing agreements with all service providers

  • Transfers to countries with adequate data protection levels as recognized by applicable law

By using our Services, you consent to the transfer of your information to countries outside your country of residence, including countries that may have different data protection rules than your country.

 

 

17. Children's Privacy

The Joon Services are not directed to children under the age of 13 (or under 16 in the European Union and United Kingdom). We do not knowingly collect personal information from children under these ages.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at support@joonpro.com. If we become aware that we have collected personal information from a child without verified parental consent, we will take steps to delete that information promptly.

If you are under the age of majority in your jurisdiction, you must have your parent or guardian's consent to use the Services.

 

 

18. Health Information Disclaimer

IMPORTANT — PLEASE READ:

The Joon App and Platform are personal wellness companion tools, not medical devices. The information, content, features, and insights provided through the Joon App and Platform:

  • Are not medical advice, diagnosis, treatment, or clinical guidance of any kind

  • Are not a substitute for professional medical advice from a qualified healthcare provider

  • Are not intended to diagnose, treat, cure, or prevent any disease or medical condition

  • Are not evaluated or approved by the Food and Drug Administration (FDA) or Health Canada

Health data you enter into the Joon App (supplement logs, wellness metrics, progress notes) is self-reported personal information entered voluntarily by you. Joon makes no representations about the accuracy, completeness, or clinical relevance of self-reported data.

Always consult a qualified healthcare professional before starting any supplement regimen, making health decisions, or changing your health routine. Never disregard professional medical advice because of information accessed through the Joon Services.

 

 

19. Third-Party Links and Services

The Services may contain links to third-party websites, platforms, and services. This Privacy Policy does not apply to third-party services. We encourage you to read the privacy policies of every third-party service you access.

Joon is not responsible for the privacy practices or content of third-party services.

 

 

20. Do Not Track

Some browsers offer a "Do Not Track" (DNT) setting. Our website does not currently respond to DNT signals. We will update this policy if our practices change.

 

 

21. California Shine the Light

California residents may request information about how we disclose personal information to third parties for their direct marketing purposes under California's "Shine the Light" law. To make such a request, contact support@joonpro.com with "California Shine the Light Request" in the subject line. We will respond within 30 days.

 

 

22. Your Consent

By using the Joon Services, downloading the Joon App, creating an account, or making a purchase, you consent to the collection, use, and disclosure of your personal information as described in this Privacy Policy.

For sensitive information such as health data, we obtain your explicit consent at the time you first enter such information into the Joon App or Platform.

You may withdraw consent at any time by contacting us at support@joonpro.com or by deleting your account as described in Section 12. Withdrawal of consent may affect our ability to provide certain features of the Services.

 

 

23. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will:

  • Update the "Last updated" date at the top of this policy

  • Notify you of material changes by email to the address associated with your account

  • For significant changes, display a prominent notice within the Joon App or website prior to the change taking effect

  • Obtain fresh consent where required by applicable law

Your continued use of the Services after a policy update constitutes your acceptance of the updated policy. If you do not agree with the changes, you should stop using the Services and may delete your account.

The current version of this Privacy Policy is always available at https://joonpro.com/pages/app-privacy-policy.

 

 

24. Contact Us and How to Make a Privacy Request

For any privacy-related questions, requests, or complaints:

Email: support@joonpro.com

Mailing address: NOVENC .INC, 7153 Waldorf Way, Mississauga, Ontario, Canada L5N7R3 support@joonpro.com

Privacy Officer: Christian Araujo

We will acknowledge your request within 5 business days and respond in full within 30 days (or within the timeframe required by applicable law in your jurisdiction).

If you are not satisfied with our response, you have the right to lodge a complaint with your applicable data protection authority:

  • Canada: Office of the Privacy Commissioner — priv.gc.ca

  • European Union: Your national Data Protection Authority

  • United Kingdom: Information Commissioner's Office — ico.org.uk

  • United States (California): California Privacy Protection Agency — cppa.ca.gov