Go back
Legal

Privacy Policy

Version 1.0.0 • Last updated April 10, 2026

Terms of ServicePrivacy PolicyDisclaimer

365 CGM Privacy Policy

Last updated: April 7, 2026

1. Overview

This Privacy Policy explains how 365 CGM collects, uses, stores, and shares information when you use the service.

365 CGM handles health-related information, including glucose readings and related event data. We treat that information as sensitive.

2. What we collect

Depending on how you use the service, we may collect and store:

  • your email address and account status;
  • session and authentication information;
  • encrypted Eversense and Nightscout connection settings that you provide;
  • glucose readings, timestamps, trend values, and related device connection state;
  • calibration, meal, insulin, exercise, and health event data imported through connected services;
  • monitor-link tokens you create for read-only sharing;
  • service logs, sync state, error details, import progress, and other operational telemetry necessary to run the service securely and reliably; and
  • support-related or administrative metadata needed to manage access and troubleshoot issues.

3. How we use information

We use information to:

  • authenticate you and manage your account;
  • retrieve, process, display, and sync glucose and related event data;
  • provide optional Nightscout delivery and read-only monitor sharing;
  • operate, secure, monitor, debug, and improve the service;
  • enforce product rules, including login protections and access controls; and
  • comply with legal obligations and respond to lawful requests.

4. Connected services and processors

365 CGM may receive data from or send data to third parties you choose to connect, including Eversense systems and Nightscout services.

Those providers operate under their own terms and privacy practices. We are not responsible for their independent privacy or security practices.

We may also use infrastructure or service providers to host, process, secure, and deliver the application.

5. Read-only monitor links

If you create a read-only monitor link, anyone with that link may be able to view the information exposed through that link.

That may include health-related glucose and event information. Before sharing a monitor link, consider whether the recipient should have access to that information.

6. Security

We use reasonable technical and organizational measures designed to protect the service and the information stored in it, including access controls, encrypted configuration handling, and operational monitoring.

However, no system can guarantee perfect security. You use the service with that understanding.

7. Retention

We retain information for as long as needed to provide the service, maintain security, troubleshoot issues, support synchronization, enforce our terms, and comply with legal obligations.

If you delete your account, we will attempt to remove or de-identify retained information consistent with our systems, backups, logs, security needs, and legal obligations.

8. Your choices

You may be able to:

  • disconnect third-party integrations;
  • disable read-only monitor links;
  • stop using the service; and
  • request account deletion through the product.

You remain responsible for the settings and data you choose to connect and share.

9. Children

365 CGM is not intended for children unless its use is managed by an authorized adult or guardian in compliance with applicable law and your care context.

10. HIPAA and regulated healthcare status

365 CGM may handle sensitive health-related information, but the service is not represented in this document as a HIPAA-covered entity, business associate, or provider of Business Associate Agreements unless that is separately and explicitly established in writing.

Do not assume HIPAA rights, regulated healthcare obligations, or clinical service guarantees apply unless we expressly say so in a separate written agreement.

11. International use

If you use the service from outside the jurisdiction where it is operated, you understand that your information may be processed in other jurisdictions where privacy protections may differ.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If we publish a new legal release, you may be required to review and accept the updated Privacy Policy before continuing to use the service.

13. Contact

If you have privacy questions, concerns, or requests, use the support contact listed in the product.