Privacy Policy

1. Introduction

Welcome to Nutrido ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application Nutrido (the "App"). This policy applies to all users of our App.

By downloading, installing, or using our App, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not download, install, or use our App.

2. Information We Collect

2.1 Information You Provide Directly

• Food Photos: Images of meals you capture or select for nutrition analysis
• Nutrition Data: Meal information, nutrition goals, and dietary preferences you enter
• User Settings: App preferences, daily targets, and customization choices
• Optional Account Information: If you choose to create an account, we may collect your email address

2.2 Information Collected Automatically

• Device Information: iOS/Android version, device model, and app version for compatibility and support purposes
• Usage Analytics: App performance data and crash reports to improve functionality (anonymized)
• Camera and Photo Library Access: Only when you grant permission to capture or select meal photos
• Push Notification Token: If you enable notifications, we collect a device token to send you reminders and promotional offers
• Advertising ID: Used for attribution tracking and ad campaign measurement (TikTok SDK)

2.3 Information We Do NOT Collect

• Location data or GPS coordinates
• Personal contacts or address book information
• Other apps installed on your device
• Browsing history or web activity
• Biometric data or health records beyond nutrition tracking

3. How We Use Your Information

3.1 Primary Uses

• AI-Powered Analysis: Process food photos through OpenAI's API to identify ingredients and estimate nutrition
• Personalized Experience: Customize the app based on your nutrition goals and preferences
• Progress Tracking: Store and display your nutrition history and progress over time
• App Functionality: Provide core features like meal logging, analytics, and goal setting

3.2 Service Improvement

• Analyze app usage patterns to improve user experience (anonymized data only)
• Fix bugs and technical issues
• Develop new features based on user needs
• Ensure app security and prevent misuse

3.3 Marketing and Notifications

• Push Notifications: Send meal reminders and promotional offers to premium users who opt-in
• Advertising Attribution: Measure ad campaign effectiveness through TikTok SDK
• Personalized Offers: Send targeted promotional notifications based on subscription status

4. Data Storage and Security

4.1 Local Storage Priority

4.2 Third-Party AI Processing

When you request nutrition analysis for a food photo:

• The image is temporarily sent to OpenAI's secure servers for processing
• Images are automatically resized and compressed before transmission
• OpenAI processes the image and returns nutrition data
• Images are not stored permanently by OpenAI or us
• The analysis results are stored locally on your device

4.3 Security Measures

• Encryption: All data transmission uses industry-standard TLS encryption
• API Security: Your API keys (if provided) are stored securely in device secure storage (iOS Keychain/Android Keystore)
• No Cloud Storage: We don't maintain cloud databases of your personal nutrition data
• Device Security: Data is protected by your device's built-in security features

5. Information Sharing and Disclosure

5.1 We Do NOT Sell Your Data

We do not sell, trade, or rent your personal information to third parties for marketing or commercial purposes.

5.2 Limited Third-Party Sharing

We may share information only in these specific circumstances:

• AI Processing: Food images sent to OpenAI for nutrition analysis (temporary processing only)
• Legal Requirements: If required by law, regulation, or court order
• Safety Concerns: To protect the safety of users or the public
• Business Transfers: In connection with a merger, acquisition, or sale of assets (with user notification)

5.3 Service Providers

We may work with trusted service providers who assist with:

• OpenAI: AI-powered food recognition and nutrition analysis
• Firebase (Google): Analytics, crash reporting, remote configuration, and push notifications
• TikTok SDK: Advertising attribution and campaign measurement
• RevenueCat: Subscription management and payment processing
• Apple App Store / Google Play Store: App distribution and payment processing
• Customer support and technical assistance providers

These providers are contractually bound to protect your information and use it only for specified purposes.

6. Your Privacy Rights and Choices

6.1 Data Control

• Access: View all your data directly within the app
• Export: Export your nutrition data as CSV files
• Delete: Delete specific meals or reset all data through app settings
• Modify: Edit or update your nutrition goals and preferences anytime

6.2 Permission Management

• Camera Access: Grant or revoke camera permissions in device settings
• Photo Library: Control photo library access through device privacy settings
• Push Notifications: Enable or disable notifications in device settings
• Analytics: Opt-out of anonymous usage analytics in app settings
• Ad Tracking: Control ad personalization through device privacy settings (iOS: Settings > Privacy > Tracking; Android: Settings > Privacy > Ads)

6.3 Account Deletion

To completely remove your data:

1. Use the "Reset All Data" option in app settings, or
2. Delete the app from your device
3. Contact us if you need assistance with data removal

7. Children's Privacy

Nutrido is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

8. Platform-Specific Information

8.1 iOS Platform

• Data storage using SwiftData framework
• Subscriptions processed through Apple App Store
• Push notifications via Apple Push Notification Service (APNs)
• App Tracking Transparency (ATT) framework compliance

8.2 Android Platform

• Data storage using local database (Room/SQLite)
• Subscriptions processed through Google Play Store
• Push notifications via Firebase Cloud Messaging (FCM)
• Google Advertising ID for attribution tracking

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where OpenAI's servers and other service providers are located. These countries may have different data protection laws than your country.

When we transfer your information internationally, we ensure appropriate safeguards are in place to protect your privacy rights.

10. Data Retention

• Local Data: Stored on your device until you delete it or remove the app
• AI Processing: Food images are not retained by OpenAI after processing
• Analytics Data: Anonymized usage data may be retained for up to 2 years for app improvement
• Support Communications: Customer support interactions may be retained for up to 1 year

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

• Posting the updated policy in the app
• Sending an in-app notification
• Updating the "Last updated" date at the top of this policy

Your continued use of the app after any changes indicates your acceptance of the updated Privacy Policy.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request information about the personal information we collect, use, and share
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of the sale of personal information (note: we do not sell personal information)
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, please contact us using the information provided below.

13. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Legal Basis: We process your data based on legitimate interests (app functionality) and consent (AI analysis)
• Right of Access: Request a copy of your personal data
• Right of Rectification: Correct inaccurate personal data
• Right of Erasure: Request deletion of your personal data
• Right to Data Portability: Export your data in a machine-readable format
• Right to Object: Object to processing of your personal data