Your Privacy Matters

Information We Collect

Health & Tracking Data

• Food logs: Photos, meal names, timestamps, safety scores
• Symptom tracking: Gut checks, mood logs, stool logs
• Personalization data: AI-learned food triggers and preferences (optional cloud backup)
• Apple Health data: Water intake, caffeine, fiber (iOS only, stays on device)

Account Information

• Email address: For authentication and account recovery
• Name: Optional, for personalization
• Sign-in method: Apple, Google, or email authentication

App Usage Data

• Analytics: Feature usage, screen views, performance metrics (anonymized)
• Crash reports: Technical diagnostics to improve app stability

What We Don't Collect

• ❌ Location data (we don't track where you are)
• ❌ Contacts or browsing history
• ❌ Payment details (handled securely by Apple/Google)
• ❌ Cross-app tracking identifiers

How We Store Your Data

Local-First Architecture

All your health data lives on your device first. The app works fully offline—no internet required for core features.

Cloud Backup (Automatic)

When you create an account, we automatically backup:

• Meals, gut checks, mood logs, stool logs
• User preferences (haptics, theme, privacy settings)
• Daily tracking streak

This lets you restore data if you get a new phone or reinstall the app.

Optional Cloud Backup

Personalization data (AI-learned triggers) is not backed up by default. Toggle "Backup Personalization Data" in Privacy settings to enable cloud backup. Otherwise, it's automatically deleted after 180 days of inactivity.

Data You Control

• Export: Download all your data as JSON (Settings → Privacy & Data)
• Restore: Import data on new devices with conflict resolution
• Delete: Contact support to delete your account and all data

How We Use Your Data

Core App Features

• Analyze food photos with AI to detect triggers
• Calculate personalized safety scores
• Track symptoms and correlate with meals
• Provide smart food suggestions

Product Improvement

• Anonymized community benchmarks (using differential privacy)
• App performance analytics
• Feature adoption metrics

What We Don't Do

• ❌ Sell your data to third parties
• ❌ Use your data for advertising
• ❌ Share identifiable health information

Third-Party Services

Google Gemini (AI Analysis)

Purpose: Analyze food photos to detect ingredients and triggers

Data sent: Food photo only (no user ID, email, or personal info)

Privacy: Images processed temporarily, not stored by Google

Firebase Analytics

Purpose: App usage analytics to improve features

Data sent: Anonymous event data (e.g., "user saved meal")

Privacy: No personally identifiable information, uses anonymous IDs

RevenueCat (Subscriptions)

Purpose: Manage premium subscriptions

Data sent: Anonymous app user ID, purchase receipts

Privacy: RevenueCat ID is separate from your account—no email shared

Cloudflare R2 (Image Storage)

Purpose: Store food photos after analysis

Data sent: Food images with cryptographic hashes (no user linkage)

Privacy: Images stored securely, not shared with third parties

Privacy Controls

In-App Settings

• Personalization backup: Choose cloud backup or local-only (auto-delete after 180 days)
• Apple Health sync: Optional background sync (iOS only, off by default)
• Notifications: Disable gut check reminders anytime
• Data export: Download all your health data as JSON

System-Level Controls

• iOS: Settings → Health → Apps → OhMyGut (revoke HealthKit permissions)
• Analytics opt-out: iOS: Limit Ad Tracking / Android: Opt out of Ads Personalization

Data Retention

Security

Data in Transit

• All API calls use HTTPS with TLS 1.3 encryption
• JWT tokens for authentication (24-hour expiration)

Data at Rest

• Device: iOS automatic encryption (Data Protection API)
• Cloud: Encrypted database storage (Turso/libSQL)
• Images: Secure storage with cryptographic hashes

Access Control

• OAuth 2.0 for Apple/Google sign-in
• No passwords stored on device
• Automatic sign-out after extended inactivity

Your Rights (GDPR & CCPA)

European Users (GDPR)

• Right to access: Export your data via in-app settings
• Right to rectification: Edit any health data in the app
• Right to erasure: Delete your account (contact support)
• Right to portability: JSON export for migration to other services
• Right to object: Disable personalization backup

California Users (CCPA)

• Right to know: This privacy policy discloses all data collection
• Right to delete: Contact support to delete your account
• Right to opt-out: Disable personalization and notifications in settings
• No sale of data: We never sell your personal information

Children's Privacy

Oh My Gut! is not intended for children under 13. We do not knowingly collect data from children. If you believe a child has provided us with personal information, please contact us immediately.

International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (EU-approved data transfer mechanism)
• Encryption in transit and at rest
• Regular security audits of third-party services

Changes to This Policy

We may update this privacy policy periodically. When we make significant changes, we'll notify you via:

• In-app notification
• Email to registered users
• Updated "Last modified" date at the top of this page

Continued use of the app after changes constitutes acceptance of the updated policy.

Contact Us

Questions about privacy? We're here to help:

• Email: privacy@ohmygut.ai
• Support & data deletion requests: support@ohmygut.ai