Privacy Policy

Last updated:

1. Who we are

Pipal ("we", "us", "our") is operated as a personal data controller under the UK GDPR and the Data Protection Act 2018. For privacy questions, contact us at privacy@pipal.health.

2. What data we collect

We collect only the data you provide and the data needed to give you the service:

• Account: email address, password (hashed).
• Profile: name, age, sex, weight, height, activity level, health conditions, goal.
• Logs: food entries, exercise, weight, sleep, hydration, fasting, reminders.
• Photos: food photos (analysed and stored), avatar, progress photos.
• Device: minimal technical data for the app to function.

3. How we use your data

• To provide and improve the service (nutrition analysis, summaries, GP reports).
• To send reminders you've configured.
• To deliver subscription billing (via Apple/Google).

We do not sell your data. We do not show ads. We do not share your data with third-party marketers.

4. AI processing

Food photos and nutrition data are sent to Google's Gemini API for analysis. Google processes the data per their AI/ML processing terms and does not use it to train their models. Photos are processed in transit only — not stored by Google.

5. Where your data lives

Your data is stored on Supabase infrastructure in eu-west-2 (London). Database access is restricted by row-level security so only you can read your own data. Progress photos are stored in a private bucket with the same restriction.

6. Your rights (UK GDPR)

• Access: Settings → Explore → Export my data (CSV download).
• Erasure: Settings → Delete Account permanently removes all your data.
• Rectification: Settings → Edit Profile to correct any data.
• Withdraw consent: Sign out and we'll stop processing your data.

You also have the right to complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.

7. Children

Pipal is not intended for children under 16. If you believe a child has registered, contact us and we will delete the account.

8. Subscription billing

Subscriptions are processed by Apple App Store or Google Play. We never see your payment details. You can cancel any time in your device's subscription settings.

9. Data retention

We keep your data while your account is active. If you delete your account, all data is permanently deleted within 30 days, except where law requires us to keep records (e.g. billing).

10. Security

All data is encrypted in transit (TLS) and at rest. Passwords are hashed with bcrypt. We follow OWASP recommended practices but cannot guarantee absolute security.

11. Changes

We may update this policy. Material changes will be notified in-app at least 14 days before they take effect.

12. Contact

Questions? Email privacy@pipal.health. We respond within 7 days.