Privacy
Last updated 2026-07-05 · Draft pending legal review
Litmus exists to give you clarity about your supplements, and that promise extends to how we treat your data. The short version: we collect only what the product needs, we sell nothing, we show no ads, and everything you give us leaves with you if you go. Litmus is made by Nomorro; questions go to hello@nomorro.com.
What the app collects
- Your account. Your email address and an account identifier, provided when you sign in with Apple or Google (and your name, if you choose to share it at sign-in). Sign-in itself is handled by AWS Cognito; we never see or store a password.
- Your profile. Optional details you enter during onboarding: birth year, sex, pregnancy status, diet pattern, and your health goal. These tune what Litmus shows you (for example recommended intake ranges) and nothing else.
- Your supplement data. The products and stacks you track, the doses you log, your schedules and reminders, daily check-ins (energy, mood, sleep quality, focus, soreness, and any notes), per-day notes, and any prices or budgets you enter for cost tracking. This is the product; it exists so Litmus can show it back to you.
- Ask Litmus conversations. Messages you send to the in-app assistant are stored with your account so conversations can resume, and are processed by an AI model (Anthropic Claude, running on AWS Bedrock inside our cloud environment) to generate answers. AWS Bedrock does not use your content to train models. Because your questions may include health information, we treat chat content with the same care as your health data.
- Label photos. If you scan a product label or your supplement shelf, the photos are uploaded to private storage, processed by an AI model to read the label, and automatically deleted from storage within 180 days. They are never used for anything but reading the label you scanned.
- Subscription status. If you subscribe to Litmus Pro, purchases run through Apple and our subscription processor RevenueCat, which links your purchase state to your account identifier. We never see your payment details.
Apple Health
The Apple Health connection is write-only. With your permission, Litmus saves the supplement doses you log into Apple Health as nutrition records, so your record lives in your ecosystem, not our silo. Litmus does not request permission to read anything from Apple Health, and no data from Apple Health ever flows to our servers. What syncs is shown transparently in the app (Profile → Apple Health), and you can revoke access any time in iOS Settings.
What we never do
- We never sell your data, to anyone, for anything.
- We never use your health data for advertising or marketing, and we never share it with advertisers or data brokers.
- We show no ads and use no advertising or tracking SDKs. The app contains no third-party analytics.
- We take no affiliate money and sell no supplements, so your data never shapes a sales pitch.
Who processes your data for us
Litmus runs on a small set of processors, each used only to provide the product: AWS (hosting, database, file storage, and AI processing via Bedrock, all in our environment), Apple and Google (sign-in), and RevenueCat (subscription management). This website uses PostHog for basic usage analytics (pages viewed, buttons clicked); the iOS app does not.
Retention and deletion
Your data is kept while your account exists. Deleting your account (Profile → Delete Account) immediately and permanently deletes your database records - profile, stacks, logs, check-ins, notes, and Ask Litmus conversations - removes your sign-in identity, and deletes the label photos and export files you generated from storage. Anything that cannot be removed in the moment is caught by storage that automatically expires objects within 180 days.
Your data is portable
You can export your data from the app (Profile → Export my data) as a machine-readable file, and doses write to Apple Health so your history lives in an open ecosystem. A user who leaves loses nothing they created.
Security and breach notification
Your data is encrypted in transit and at rest. As a consumer health app we follow the FTC Health Breach Notification Rule: if identifiable health information is ever acquired or disclosed without your authorization, we will notify you without unreasonable delay and within 60 days of discovery, by email (or by first-class mail on request), and notify the FTC as the rule requires.
Children
Litmus is not directed at children under 13, and we do not knowingly collect their data.
What we collect on this website
- Waitlist email. If you join the waitlist we store your email address and use it to tell you when Litmus is available - nothing else. No marketing lists, no sharing, no selling.
- Starter-stack quiz answers. If you take the quiz and choose to save your stack, we also store your answers (goals, and any optional details you gave: sex, birth year, diet, pregnancy status) and the stack you were shown, linked to that email. They exist so the app can pre-fill your onboarding at launch, and a removal request to hello@nomorro.com deletes the whole entry. If you do not save, your answers never leave your browser.
- Analytics. PostHog, to understand how the site is used. Not sold or shared with advertisers.
Changes and contact
If this policy changes materially we will say so plainly, on this page, with the date above updated. Questions, or requests about your data: hello@nomorro.com.