Privacy Policy

At Track Eat Repeat, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.

1. Information We Collect

Personal Information

We collect the following personal information when you use our app:

• Email Address: Used for account creation, authentication, and communication
• Food Tracking Data: Food entries, meal descriptions, nutritional information, and consumption history
• Body Metrics: Biological sex, age, height, current weight, target weight, activity level, and weight goal — collected during onboarding to compute a personalized daily calorie goal using the Mifflin-St Jeor formula
• User Preferences: Daily calorie goals, unit system preferences (metric/imperial)
• Photos: Images of food items and nutrition labels that you voluntarily upload
• Voice Input: Speech processed on-device for food logging — only the transcribed text is collected, not audio

Automatically Collected Information

When you use our app, we may automatically collect:

• Device information (device type, operating system)
• Push notification token (a device-level identifier stored when you grant notification permission, used solely to deliver reminders to your device)
• App usage data (features used, interaction patterns)
• Error logs and diagnostic information

2. How We Use Your Information

We use your information for the following purposes:

• Provide Services: Process food entries, calculate nutritional information, and track your food consumption
• Personalized Calorie Goals: Use body metrics (sex, age, height, weight, activity level) to compute your recommended daily calorie intake via the Mifflin-St Jeor formula
• AI Analysis: Send food descriptions and photos to OpenAI's API for nutritional extraction and analysis
• Push Notifications: Send onboarding reminders and other app notifications to your device using your push notification token
• Account Management: Authenticate users and maintain account security
• Improve Our App: Analyze usage patterns to enhance features and fix bugs
• Communication: Send important updates about your account or our services

3. Third-Party Services

We use the following third-party services to operate our app:

Supabase (Database, Authentication & Storage)

• Stores your account information, food entries, and preferences
• Stores food photos you upload for analysis (in secure cloud storage)
• Provides secure authentication services
• Data is encrypted at rest and in transit
• Privacy Policy: https://supabase.com/privacy

OpenAI (AI Processing)

• Processes food descriptions and photos to extract nutritional information
• Data sent: Food descriptions, meal photos, serving sizes
• OpenAI's data usage policy applies
• Privacy Policy: https://openai.com/policies/privacy-policy

Nutritional values provided by Track Eat Repeat are estimates generated by AI and may not be fully accurate. They should not be used as a substitute for professional dietary or medical advice.

RevenueCat (Subscription Management)

• Manages in-app subscription purchases and entitlements
• Data sent: Anonymous app user ID, purchase and subscription status
• Does not receive your food data, photos, or health information
• Privacy Policy: https://www.revenuecat.com/privacy

Firebase (Analytics, Crash Reporting & Push Notifications)

• Firebase Analytics: Collects app usage data such as feature interactions, device type, and operating system to help us improve the app
• Firebase Crashlytics: Collects crash logs and error diagnostics to help us identify and fix bugs
• Firebase Cloud Messaging (FCM): Delivers push notifications to your device using your push notification token — does not receive your food data, photos, or health information
• Privacy Policy: https://firebase.google.com/support/privacy

4. Data Storage and Security

We implement industry-standard security measures to protect your data:

• All data is encrypted in transit using SSL/TLS
• Database information is encrypted at rest
• Uploaded photos are stored in secure, private cloud storage accessible only through authenticated requests
• Access to your data is restricted to authorized personnel only
• We do not sell, rent, or share your personal information with third parties for advertising, marketing, or data brokerage purposes
• We do not use your data to build advertising profiles or for targeted advertising

5. Your Privacy Rights

You have the following rights regarding your data:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and associated data
• Export: Download your food tracking data
• Withdraw Consent: Stop using our services at any time
• Revoke Permissions: Disable camera, photo library, or microphone access at any time through your device's Settings app — the app will continue to function with manual text input

6. Data Retention

We retain your information for as long as your account is active or as needed to provide services. When you delete your account, we will delete your personal information, including stored food photos, within 30 days, except where we are required to retain it for legal compliance.

7. Children's Privacy

Our app is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal information, we will delete it immediately.

8. Camera and Photo Library Access

Our app requests access to your device camera and photo library for the following purposes:

• Scanning barcodes on food packaging
• Taking photos of nutrition labels for analysis
• Capturing meal photos for portion estimation

Photos are only uploaded when you explicitly choose to analyze them. Uploaded photos are stored securely in our cloud storage to support your food history. You can deny camera/photo access and still use other app features.

9. Microphone and Voice Input

Our app requests access to your device microphone for the following purpose:

• Voice-based food logging using speech-to-text

Audio is processed on your device using your operating system's built-in speech recognition. No audio recordings are stored, saved, or transmitted to our servers. Only the transcribed text is sent to our servers for food analysis. You can deny microphone access and still use all other app features, including typing food descriptions manually.

10. Data Breach Notification

In the event of a data breach that compromises your personal information, we will notify affected users promptly in accordance with applicable laws. Notification will be sent via email to the address associated with your account and will include the nature of the breach, the data affected, and steps we are taking in response.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top. Continued use of the app after changes constitutes acceptance of the updated policy.

12. International Users

Your information may be transferred to and processed in countries other than your own. By using our app, you consent to the transfer of your information to the United States and other countries where our service providers operate.