GallDiet Privacy Policy

App: GallDiet
Developer: Caleb Oki
Effective Date: March 6, 2026
Last Updated: March 24, 2026

1. INTRODUCTION

GallDiet ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our mobile application and related services.

IMPORTANT: GallDiet is a health and wellness tool designed to help users track dietary choices related to gallstone and digestive health. It is not a medical device and does not provide medical advice. Always consult healthcare professionals for medical decisions.

2. INFORMATION WE COLLECT

2.1 Account Information

• Name: Your preferred name for personalization
• Email address: Required for account creation and authentication
• Password: Stored using industry-standard bcrypt hashing (we cannot read your password)
• Account creation date: For subscription and account management

2.2 Health Profile Information (Onboarding)

During onboarding, you may provide:

• Age: Used for demographic insights and pattern analysis
• Sex: Used for personalized recommendations (hormonal factors affect gallstone risk)
• Gallbladder status: Whether you still have your gallbladder or have had it removed
• Symptom severity: Self-reported severity level of your gallstone condition
• Dietary preferences: Vegetarian, vegan, keto, or other dietary restrictions
• Known triggers: Foods you already know cause issues
• Food allergies: Allergies that should be considered in analysis
• Emergency contacts: Optional contacts for health emergency situations

Purpose: This data enables personalized safety scoring and trigger detection specific to your health profile.

2.3 Health Activity Information

Information generated through app usage:

• Gallstone attack logs: Dates, severity ratings, and symptom notes you voluntarily record
• Food scan history: Photos of meals, barcode scans, and AI-generated safety assessments
• Dietary patterns: Aggregated data from your logged meals and reactions
• Pattern analysis results: AI-detected correlations between foods and symptoms
• Recipe modifications: AI-generated safer alternatives you save

Classification: This constitutes "health information" under applicable privacy regulations. We treat this data with enhanced security measures.

2.4 Photos and Media

• Meal photographs: Uploaded for AI ingredient analysis
• Camera access: Optional permission for real-time food photography
• Photo library access: Optional permission to select existing photos

Processing Note: Photos are transmitted to Anthropic Claude AI (primary) or Google Gemini AI (fallback) for ingredient analysis. See Section 4.2 for AI processing details.

2.5 Payment Information

• Subscription status: Active, cancelled, or expired
• Payment method tokens: Securely stored by Stripe (we never store full credit card numbers)
• Transaction history: Subscription dates, amounts, and payment confirmations
• Billing email: May differ from account email

2.6 Technical Information

• Device identifiers: Anonymous device IDs for push notifications
• App version and OS: For debugging and feature compatibility
• IP address: Temporarily logged for security and fraud prevention (retained 30 days)
• Crash logs: Voluntary error reports via Sentry (optional)

2.7 We Do NOT Collect

• Precise location data: We do not track your physical location
• Address book/contacts: We do not access your phone's contact list or address book (emergency contacts you explicitly provide during onboarding are stored separately)
• Microphone: No audio recording capabilities
• Health data from Apple Health/Google Fit: No integration with health platforms (future feature may require explicit opt-in)

3. HOW WE USE YOUR INFORMATION

3.1 AI-Powered Food Analysis

When you scan a meal photo:

1. Image is uploaded to our secure servers
2. Image is forwarded to Anthropic Claude AI API for ingredient identification (with Google Gemini AI as a fallback provider)
3. Results are processed against our gallstone-safe food database
4. Original photo and analysis results are stored in your account

Data Retention: Photos are retained until you delete them or your account. See Section 6 for deletion procedures.

3.2 Pattern Detection

We analyze your logged meals and attack reports to identify potential trigger foods. This analysis:

• Is performed automatically by our systems
• Is personalized to your individual data
• Can be disabled by discontinuing use of the logging features

4. THIRD-PARTY SERVICES

4.1 Stripe (Payment Processing)

• Provider: Stripe, Inc.
• Data shared: Payment method tokens, billing email, subscription status
• Purpose: Subscription billing, payment processing
• Privacy Policy: https://stripe.com/privacy
• Security: PCI DSS Level 1 compliant

4.2 Anthropic Claude AI (Primary Photo & Recipe Analysis)

• Provider: Anthropic, PBC
• Data shared: Meal photographs, food-related text queries
• Purpose: Ingredient identification, safety assessment, and recipe modification
• Privacy Policy: https://www.anthropic.com/privacy
• Data handling: Anthropic does not use API-submitted data to train models (per Anthropic API terms)

4.3 Google Gemini AI (Fallback Photo Analysis)

• Provider: Google LLC
• Data shared: Meal photographs, food-related text queries (only when primary provider is unavailable)
• Purpose: Fallback ingredient identification and safety assessment
• Privacy Policy: https://policies.google.com/privacy
• Data handling: Google states they do not use API-submitted data to train models (as of Gemini API terms, subject to change)

4.4 OpenFoodFacts (Barcode Lookup)

• Provider: OpenFoodFacts Association (non-profit)
• Data shared: Barcode numbers only
• Purpose: Product information lookup
• Privacy Policy: https://world.openfoodfacts.org/legal

4.5 Postmark/Resend (Email Delivery)

• Provider: Resend
• Data shared: Email addresses, email content
• Purpose: Transactional email delivery (verification, password resets, notifications)
• Privacy Policy: https://resend.com/legal/privacy

4.6 Sentry (Error Monitoring)

• Provider: Functional Software, Inc.
• Data shared: Crash logs, device type, app version (optional, anonymized where possible)
• Purpose: Bug detection and app stability improvement
• Privacy Policy: https://sentry.io/privacy/

5. DATA STORAGE AND SECURITY

5.1 Storage Location

• Primary: PostgreSQL database hosted on Hetzner Cloud in Nuremberg, Germany
• Backups: Encrypted daily backups retained for 30 days
• File storage: Meal photos stored on encrypted server storage

5.2 Security Measures

• Encryption in transit: TLS 1.3 for all API communications
• Encryption at rest: AES-256 for database and file storage
• Authentication: JWT tokens with secure httpOnly cookies
• Password hashing: bcrypt with appropriate work factor
• API security: Rate limiting, input validation, SQL injection protection

5.3 Access Controls

• Only the account holder can access their health data
• Our team can access data only for technical support purposes (with audit logging)
• We never sell or rent your personal data
• We do not share health data with advertisers

6. DATA RETENTION AND DELETION

6.1 Retention Periods

6.2 Account Deletion

You may request complete account deletion at any time:

Process:

1. Navigate to Settings → Privacy → Delete Account
2. Confirm deletion request
3. Account enters 30-day grace period
4. After 30 days, all personal data is permanently deleted
5. Payment records retained for legal compliance (anonymized)

During Grace Period:

• Account is deactivated and inaccessible
• Data remains stored but hidden
• You may cancel deletion by contacting support
• Subscription continues unless separately cancelled

Immediate Deletion: If you require immediate deletion (bypassing 30-day grace period), contact [email protected] with subject "URGENT: Immediate Account Deletion."

6.3 Data Export (GDPR Right to Portability)

You may request a complete export of your data:

Process:

1. Navigate to Settings → Privacy → Export My Data
2. We generate a PDF report containing:
   • Account information (name, email, profile details)
   • Health profile (age, sex, gallbladder status, preferences, triggers, allergies, emergency contacts)
   • All logged meals and attack records
   • Food scan history
   • Pattern detection results
3. Report is emailed to your registered address within 24 hours
4. Export includes data in human-readable format

7. YOUR RIGHTS

7.1 GDPR Rights (EU/EEA Users)

If you are in the European Union or European Economic Area, you have the right to:

1. Access: Request a copy of your personal data
2. Rectification: Correct inaccurate or incomplete data
3. Erasure ("Right to be Forgotten"): Request deletion of your data
4. Restrict Processing: Limit how we use your data
5. Data Portability: Receive your data in a structured, machine-readable format
6. Object: Object to certain types of processing
7. Withdraw Consent: Withdraw consent for optional data processing

To exercise these rights: Email [email protected] with subject "GDPR Request"

Response Time: We respond to all requests within 30 days.

7.2 California Privacy Rights (CCPA/CPRA)

California residents have the right to:

1. Know: Request disclosure of personal information collected
2. Delete: Request deletion of personal information
3. Opt-out: Opt-out of "sale" of personal information (we do not sell data)
4. Non-discrimination: We do not discriminate for exercising privacy rights

To exercise these rights: Email [email protected] with subject "California Privacy Request"

7.3 Other Jurisdictions

Users in Canada, UK, and other jurisdictions have similar rights under applicable privacy laws. Contact us for jurisdiction-specific requests.

8. CHILDREN'S PRIVACY

GallDiet is not intended for children under 13 years of age (or 16 in the EU). We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, contact us immediately for deletion.

9. INTERNATIONAL DATA TRANSFERS

Your data may be processed in countries outside your jurisdiction:

• Germany: Primary server infrastructure (Hetzner Cloud, Nuremberg)
• United States: AI processing services (Anthropic, Google)
• Global: Anthropic Claude AI and Google Gemini AI processing (global infrastructure)

We ensure appropriate safeguards are in place for international transfers, including:

• Standard Contractual Clauses (SCCs) for EU data transfers
• Adequacy decisions where applicable
• Data Processing Agreements with all subprocessors

10. COOKIES AND TRACKING

10.1 Mobile App

Our mobile app does not use traditional cookies. We use:

• Authentication tokens: Secure storage for session management
• Local storage: App preferences and cached data (stored on device only)

10.2 Website (if applicable)

If you visit galldiet.com:

• Essential cookies: Required for site functionality
• Analytics cookies: Optional, used for website improvement
• You may disable non-essential cookies via browser settings

11. CHANGES TO THIS POLICY

We may update this Privacy Policy periodically. Changes will be:

• Posted on this page with updated "Last Updated" date
• Notified via email for material changes
• Effective immediately upon posting for non-material changes

Material changes include:

• New categories of personal data collected
• New purposes for data use
• New third-party sharing
• Reduced security measures

12. CONTACT INFORMATION

Data Controller:
Caleb Oki
Toronto, Ontario, Canada
Email: [email protected]

Data Protection Officer (DPO):
We are not required to appoint a DPO under GDPR Article 37, but you may contact [email protected] for privacy concerns

Response Time: We aim to respond to all inquiries within 48 hours.

13. DISCLAIMERS

13.1 Not Medical Advice

GallDiet provides general wellness information and dietary tracking tools. Our AI-powered food safety assessments are based on general nutritional guidelines and crowd-sourced data, not personalized medical advice.

Always consult:

• Your doctor before making dietary changes
• A nutritionist for personalized meal planning
• Emergency services for severe gallstone attacks

13.2 AI Limitations

Our ingredient analysis uses artificial intelligence which:

• May misidentify foods or ingredients
• Cannot detect hidden ingredients
• Does not account for individual medical conditions beyond general gallstone guidelines
• Should be verified by reading actual food labels

14. COMPLIANCE CERTIFICATIONS

• ✅ GDPR compliant (EU data protection)
• ✅ CCPA/CPRA ready (California privacy)
• ✅ PIPEDA aligned (Canadian privacy)
• ✅ App Store privacy requirements met
• ✅ Google Play Data Safety form requirements met

Document Version: 1.0
Next Review Date: September 6, 2026

APPENDIX A: DATA PROCESSING AGREEMENT (DPA)

For business customers or partners requiring a DPA under GDPR Article 28, contact [email protected] to request our standard Data Processing Agreement.

APPENDIX B: SUBPROCESSOR LIST

Current subprocessors as of March 6, 2026:

We notify users of new subprocessors 30 days before they are engaged (where required by law).

This Privacy Policy was drafted specifically for GallDiet and covers the unique aspects of AI-powered food analysis, health tracking for gallstone management, and subscription-based mobile application services.