Privacy Policy

1) What this policy covers

This Privacy Policy explains how we collect, use, share, and safeguard information when you use the App and the Site. By using the App/Site, you consent to this Policy.

2) Information we collect

We aim to collect only what we need to provide core functionality.

Account & profile

• Email address and authentication information (handled by our identity provider).
• Optional profile fields you choose to provide (e.g., due date, pregnancy stage).

Scan & content inputs

• Product lookups you perform (e.g., product name, barcode).
• Photos you submit for ingredient text recognition (OCR).
• Derived data created by the App from your inputs (e.g., parsed ingredient lists, product metadata, risk scoring results).

Technical/usage

• Device and app metadata (e.g., device model, OS/app version, language, approximate region derived from IP).
• Event logs (e.g., sign‑in, scan started/completed, paywall impressions, subscription state changes) and crash reports.

Payments & subscriptions

• Subscription status and purchase receipts as provided by Apple. We do not receive your full payment card details.

Support & communications

• Messages you send to support and your communication preferences.

We do not intentionally collect government IDs, precise GPS location, or sensitive health diagnoses. The App may reference publicly available health resources, but those are not linked to you as medical records.

3) Sources of information

• Directly from you when you sign up or use features.
• Automatically via the App/Site (e.g., telemetry, crash logs).
• Service providers acting on our behalf.
• Public/product sources for product and ingredient information (e.g., product labels, manufacturer or retailer pages). We do not control the accuracy or availability of third‑party content.

4) How we use information

• Provide, operate, troubleshoot, and improve the App/Site.
• Perform OCR and text parsing to extract ingredient lists from images you submit.
• Generate, display, and improve product "pregnancy‑safety" scores and explanations.
• Authenticate users, prevent fraud/abuse, enforce our Terms, and secure the service.
• Operate subscriptions, paywalls, experiments, and surveys.
• Provide customer support and communicate important updates.
• Comply with legal obligations.

5) AI/automation disclosures

The App uses automated systems (including third‑party AI/ML services) to help: (a) extract text from images, (b) find product/ingredient data, and (c) draft explanations. Automated outputs can be inaccurate or incomplete; all results should be independently verified and treated as informational only.

6) Sharing of information

We do not sell your personal information. We share data only as described:

Service providers / processors that help us run the App, bound by contracts to protect your information:

• Identity/Auth & Database: Supabase
• Hosting/edge compute & static hosting: Cloudflare (Workers/Pages)
• Paywalls/experiments: Superwall
• In‑App Purchases & receipts: Apple
• OCR for text recognition: Google Cloud Vision
• Search/lookups: Serper (search API)
• Generative/analysis API: Perplexity (LLM)
• (Optional/replacable) Error/crash analytics and telemetry providers.

Legal reasons if we believe disclosure is necessary to comply with law, protect rights, or respond to lawful requests.

Business transfers (e.g., merger, acquisition). We will notify you of material changes.

We do not share data for third‑party interest‑based advertising.

7) Data retention

We retain personal data only as long as necessary for the purposes above, then delete or de‑identify it. Illustrative defaults (adjust as needed):

• Account & profile: retained while your account is active and up to 24 months after last activity.
• Scan inputs (images) sent for OCR: processed and discarded after extraction; derived text and metadata may be retained to improve accuracy and for auditability.
• Logs/telemetry: 12–24 months.
• Purchases/receipts: for tax/compliance per applicable law.

8) Your choices & rights

Access/Deletion/Correction. You can request a copy of your data or deletion of your account; some data (e.g., receipts) may be retained as required by law.

Analytics/communications. You may opt out of non‑essential communications. Platform settings (iOS) may allow limiting certain tracking.

Region‑specific rights. If you are in the EEA/UK, you have GDPR rights (access, rectification, erasure, portability, restriction, objection). If you are in California, you have rights under the CCPA/CPRA (know, delete, correct, opt‑out of "sharing"/"sale"—we do not sell). To exercise rights, email shanef2000@gmail.com.

9) Legal bases for processing (EEA/UK)

• Performance of a contract (providing the App).
• Legitimate interests (security, improvement, fraud prevention, research, product development).
• Consent (where required by law, e.g., certain analytics/communications).
• Legal obligation (records/receipts, compliance).

10) International data transfers

We may process data in the United States and other countries. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) for transfers.

11) Security

We use administrative, technical, and physical safeguards appropriate to the nature of the data. No system is 100% secure; you are responsible for safeguarding your account credentials.

12) Children's privacy

The App is not directed to children under 13 (or the minimum age required in your jurisdiction). If you believe a child used the App, contact us and we will take appropriate steps.

13) Third‑party content & links

The App may reference third‑party sites and content (e.g., manufacturer labels). We are not responsible for their practices. Review their policies.

14) Changes to this Policy

We may update this Policy. We will change the "Effective date" above and, where appropriate, notify you in‑app or by email.

Contact

Email: shanef2000@gmail.com