NutriJourney

NutriJourney ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our metabolic intelligence platform, including our mobile application and web services.

1. Information We Collect

We collect several categories of information to provide and improve our services:

Account Information

Name and email address
Password (stored securely using industry-standard hashing)
Profile preferences and settings

Health & Body Composition Data

InBody scan results (weight, body fat percentage, muscle mass, body water)
Weight logs and body composition trends
Basal metabolic rate (BMR) and total daily energy expenditure (TDEE) calculations

Food & Nutrition Data

Food logs and daily intake records (tracking 110+ nutrients per item)
Food photos captured for recognition and logging
Barcode scans for product identification
Recipes and pantry items you create or save

Device & App Data

Device type, operating system, and version
App version and build information
Push notification tokens (if notifications are enabled)

AI Interactions

Conversations with JUNA, our AI nutrition coach
Quick action selections and coaching preferences

Usage Analytics

Feature usage patterns and session duration
Navigation paths and screen views
Engagement metrics (anonymized)

2. How We Use Your Information

We use the information we collect to:

Personalized nutrition coaching — Tailor food recommendations, macro targets, and meal suggestions based on your goals and body composition
Metabolic calibration — Calculate and continuously refine your TDEE and BMR using adaptive algorithms that compare predicted vs. actual weight changes
Food recommendations — Suggest foods, recipes, and restaurant meals that align with your nutritional targets
Body composition trend analysis — Provide trust-weighted trend lines, trigger correlation insights, and contextual weight display
AI coaching via JUNA — Power personalized conversations, proactive check-ins, and context-aware guidance
Service improvement — Analyze aggregated, anonymized usage patterns to improve features, fix issues, and develop new capabilities

3. Third-Party Data Sources

To provide accurate nutritional information, we integrate with the following third-party data sources:

USDA FoodData Central — Comprehensive nutritional data for foods, including detailed micronutrient, amino acid, and fatty acid profiles (public domain data from the U.S. Department of Agriculture)
Open Food Facts — Open-source barcode database for packaged food product identification and nutritional information
InBody API — Body composition measurement data from InBody devices at partnered gym locations, synced with your explicit authorization

4. Health Data Handling

We treat health and nutrition data with the highest level of care:

Food photos are processed for recognition purposes and are not retained after processing is complete unless you explicitly save them to your food log
Body composition data is isolated per user using Row Level Security (RLS), ensuring no other user or partner can access your measurements
JUNA conversations are used solely to provide you with personalized coaching. Your conversations are NOT used to train AI models
Apple HealthKit / Google Health Connect data remains on your device. We only read data you explicitly grant permission to sync, and we never write to or modify your device health records without your consent

5. Data Sharing

We never sell your personal information to third parties
Gym partners can only see data you explicitly opt in to share (such as progress metrics for trainer-guided programs)
Restaurant orders share only the minimum data required for order fulfillment (name, order details, and delivery preferences)
Analytics are anonymized and aggregated before any internal or external use
We may disclose information if required by law or to protect the safety and rights of our users and the public

6. Data Security

We implement robust technical and organizational measures to protect your data:

Row Level Security (RLS) enforced at the database level, ensuring strict per-user data isolation
Encryption at rest and in transit using industry-standard TLS and AES encryption
Regular security audits and vulnerability assessments
Secure authentication with session management and token rotation

7. Your Rights

Under applicable data protection regulations (including GDPR and CCPA), you have the right to:

Access your personal data and receive a copy of the information we hold about you
Correct inaccurate or incomplete data in your profile or food logs
Request deletion of your account and all associated data
Data portability — Export your nutrition logs, body composition history, and other personal data in a machine-readable format
Opt out of analytics and non-essential data collection
Withdraw consent for any optional data processing at any time

To exercise any of these rights, contact us at privacy@nutrijourney.fit. We will respond within 30 days.

8. Data Retention

Your data is retained for as long as your account is active and you continue to use the service
Upon account deletion, all personal data is permanently removed within 30 days
Anonymized, aggregated analytics data may be retained indefinitely for service improvement purposes

9. Children's Privacy

NutriJourney is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. Body composition features and premium subscriptions are restricted to users aged 18 and older. If we become aware that we have collected data from a child under 13, we will promptly delete that information.

10. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at privacy@nutrijourney.fit.