Privacy Policy

This Privacy Policy explains how NutriSnap ("NutriSnap", "we", "us", "our") collects, uses, shares, and protects information when you use our applications and services (the "Service"), including our iOS app, Android app, and web app.

Quick summary

• We collect your name, email, and profile information (age, gender) to create and personalize your account.
• We store your meal logs, exercise logs, weight history, fasting schedules, and recipe data to provide tracking features.
• Meal photos are stored only if you choose to capture or upload them.
• If you use AI features, your meal photos and food descriptions may be sent to OpenAI to generate nutrition estimates.
• Crash logs and performance diagnostics are sent to Sentry for app stability monitoring.
• All data is encrypted in transit using HTTPS/TLS.
• We do not sell your personal information.
• You can request a copy of your data, request data deletion, or delete your entire account directly from the app.

Data we collect

The following table lists the specific data types we collect, whether collection is required or optional, and the purpose of collection. This aligns with our Google Play Data Safety disclosures.

Data type	Required?	Purpose
Name Display name you provide at signup	Required	App functionality, Account management
Email address Used for authentication & account recovery	Required	App functionality, Account management, Developer communications
Other personal info Age, gender — entered during onboarding	Required	App functionality, Personalization, Account management
Health info Calories, macros, weight, daily nutrition stats	Required	App functionality, Personalization
Fitness info Exercise logs (type, duration, calories burned)	Optional	App functionality, Personalization
Photos Meal photos you capture or upload	Optional	App functionality
Device or other IDs Firebase UID, friend tags, FCM push tokens	Varies	App functionality, Developer communications
Crash logs Error reports, stack traces	Required	Analytics, App functionality
App performance diagnostics Performance traces, loading times	Required	Analytics
Settings & preferences Units, language, notification preferences, goals	Required	App functionality, Personalization
Barcode scans Barcode values used for product lookup	Optional	App functionality

Data we do NOT collect: location data, phone number, address, financial/payment info, contacts, calendar, messages, files, browsing history, or installed apps. We do not request ACCESS_FINE_LOCATION or ACCESS_COARSE_LOCATION permissions.

Data we share with third parties

We do not sell your personal information. We share data with third-party service providers strictly to operate the Service:

Third party	Data shared	Purpose
Google Firebase Authentication, Firestore, Storage, Cloud Messaging	Account info, all user-generated data, push tokens	App infrastructure — database, auth, file storage, push notifications
OpenAI GPT / Vision API	Meal photos (if uploaded), food descriptions, age, gender, height, weight, and activity level (for metabolic estimation), body weight (for exercise calorie estimation)	AI-powered nutrition estimation, food recognition, metabolic rate calculation, and exercise calorie estimation
Sentry Error tracking & performance monitoring	Crash logs, performance diagnostics, device info. Email is redacted before transmission.	App stability monitoring, bug detection, performance improvement
Open Food Facts Open-source food database	Barcode values (when you scan a product)	Product nutritional information lookup
Apple Health (HealthKit) iOS only, opt-in	Calories, macros, weight, exercise (written to HealthKit, not read)	Health data sync — only when you explicitly enable it

We may also share information if required to comply with law, to protect users, to prevent fraud or abuse, or in the event of a merger, acquisition, or asset sale (subject to applicable law).

How we use your data

• App functionality: Create your account, store and sync your meal/exercise/weight logs, display dashboards, calculate calorie and macro targets based on your profile (age, gender, height, weight, activity level, goal).
• Personalization: Customize calorie targets, macro recommendations, and insights based on your profile and goals.
• AI features: Generate nutrition estimates from meal photos and food descriptions using OpenAI's API.
• Analytics: Monitor app health, detect crashes, and improve performance using Sentry.
• Account management: Manage your account, authenticate sign-ins, handle password resets, and process account/data deletion requests.
• Developer communications: Send push notifications for reminders, friend requests, challenge updates, and important account notices (if you opt in).
• Barcode lookups: Fetch product nutritional information from Open Food Facts when you scan a barcode.
• Security and compliance: Prevent abuse, troubleshoot issues, and comply with legal obligations.

Authentication & sign-in

NutriSnap supports the following sign-in methods:

• Email & password: Your email is verified via a one-time code during registration. Passwords are hashed by Firebase Authentication and never stored in plaintext.
• Google Sign-In (SSO): Authenticates via your Google account. We receive your name and email from Google; we do not access your Google contacts, calendar, or other data.
• Apple Sign-In (SSO): Authenticates via your Apple ID (iOS only). We receive your name and email (or Apple's private relay email if you choose to hide it).

Biometric login

If you enable biometric login on a supported device, your device's biometric system (Face ID, Touch ID, or fingerprint) is used to unlock credentials stored securely on-device in the Keychain (iOS) or Keystore (Android). We do not receive, transmit, or store your biometric data.

Apple Health (HealthKit)

If you choose to enable Apple Health integration on iOS, NutriSnap can write the following data to Apple Health: dietary energy (calories), active energy burned, body mass, and optional macronutrients (protein, carbohydrates, fat). We do not read data from Apple Health. You can revoke access at any time in iOS Settings.

Push notifications

If you grant notification permissions, we store Firebase Cloud Messaging (FCM) tokens in your account to deliver push notifications (meal reminders, friend requests, challenge updates). Tokens are automatically removed when you disable notifications or delete your account. You can opt out of push notifications at any time in your device settings.

Security

• Encryption in transit: All data transmitted between your device and our servers is encrypted using HTTPS/TLS. This includes all Firebase, OpenAI, Sentry, and API communications.
• Encryption at rest: Data stored in Firebase (Firestore, Storage, Authentication) is encrypted at rest by Google Cloud infrastructure.
• Credential storage: Biometric login credentials are stored in the device's secure enclave (Keychain/Keystore), not on our servers.
• Email redaction: User email addresses are automatically redacted from crash reports before they are sent to Sentry.

We use reasonable administrative, technical, and organizational safeguards designed to protect your information. However, no system can be guaranteed 100% secure.

Your rights & choices

• Edit or delete logs: You can update or remove individual meal entries, exercises, weight records, and recipes in-app at any time.
• Request a copy of your data: Go to Settings → Privacy and tap Request Data Download. Our team will prepare a sanitized copy of your personal data and send it to your registered email within 30 days.
• Request data deletion: Go to Settings → Privacy and tap Request Data Deletion. Our team will process the deletion within 7 business days. Your account remains active until the process completes.
• Delete your account: Go to Settings → Privacy and tap Delete Account for immediate, permanent deletion of your account and all associated data.
• Disable notifications: Turn off push notifications in Settings or in your device's OS settings.
• Disable integrations: Apple Health and biometric login can be disabled in Settings at any time.
• Manage app data: You can request deletion of specific data (such as meal history, photos, or exercise logs) without deleting your entire account via our data deletion guide.

Data retention

We keep your information for as long as your account is active to provide the Service. When you delete your account or request data deletion:

• All personal data listed in this policy is deleted from our active systems immediately (for account deletion) or within 7 business days (for data deletion requests).
• Backups may be retained for up to 30 days as part of routine disaster-recovery processes, after which they are permanently purged.
• Anonymized, aggregated analytics data (which cannot identify you) may be retained for product improvement purposes.

Children's privacy

The Service is not directed to children under the age of 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children under 13.

If we become aware that we have collected personal information from a child under 13 without verifiable parental consent, we will take steps to delete that information as quickly as possible. If you believe we may have collected information from a child under 13, please contact us immediately at support@nutrisnap-pro.com.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For material changes, we may prompt you in-app to review and acknowledge the updated policy.

Contact us

If you have questions about this Privacy Policy or want to exercise any of your data rights, contact us at: