Privacy Policy

Last updated: February 26, 2026

This Privacy Policy describes how MacroLog ("we", "us", or "our") collects, uses, and shares information about you when you use our mobile application (the "App") and website (collectively, the "Services").

We are committed to protecting your privacy and ensuring you understand how your data is handled. Please read this policy carefully.

1. Information We Collect

1.1 Information You Provide

We collect information you provide directly to us, including:

  • Profile Information: Gender, date of birth, height, weight, activity level, and fitness goals (for calorie and macro calculations)
  • Food Diary Data: Food entries, meal logs, calorie and macro intake, water intake, and meal photos
  • Voice Recordings: When using voice logging (Pro feature), your voice is temporarily processed to transcribe and identify foods
  • Support Communications: If you contact us, we collect your email address and message content

1.2 Information Collected Automatically

When you use our Services, we automatically collect:

  • Device Information: A unique device identifier (UUID) for analytics and to prevent abuse
  • Advertising Identifier: On Android, we collect the Android Advertising ID for ad attribution and campaign measurement. On iOS, we use the vendor identifier (IDFV) — we do not use Apple's IDFA.
  • Usage Data: Features used, interaction patterns, and session duration
  • Analytics Events: App opens, onboarding completion, feature usage (barcode scans, AI snaps, voice logs, text searches), and subscription events — collected via Firebase Analytics for app improvement and advertising campaign optimization
  • Technical Data: App version, operating system, device model, and country

1.3 Information from Third Parties

We may receive information from:

  • Food Databases: OpenFoodFacts and USDA FoodData Central for nutritional information when you scan barcodes or search foods
  • Payment Processors: Apple App Store and Google Play Store manage subscriptions; we receive subscription status but not payment details
  • AI Services: Google Gemini processes photos and voice for food recognition (see Section 3)

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Services
  • Calculate your personalized calorie and macro goals
  • Process and analyze food photos and voice recordings for meal logging
  • Track your nutrition progress and streaks
  • Process subscriptions and manage your account
  • Respond to your support requests
  • Send service-related communications
  • Detect, prevent, and address technical issues and abuse
  • Analyze usage patterns to improve user experience

3. AI-Powered Features and Data Processing

Our AI features (photo recognition, voice logging, and text meal input) use Google Gemini for processing:

  • Photo Analysis: Meal photos are sent to our backend server, which forwards them to Google Gemini for food identification. Photos are processed in real-time and are not permanently stored on our servers.
  • Voice Processing: Voice recordings are transcribed and analyzed to identify foods and portions. Recordings are processed in real-time and immediately deleted after processing.
  • Text Analysis: Text meal descriptions are processed to identify individual food items and estimate portions.

Google's use of data is governed by their Privacy Policy.

4. Data Storage and Security

4.1 Local Storage (Primary)

Your food diary, profile, and nutrition data are primarily stored locally on your device using SQLite. This means:

  • Your data stays on your device by default
  • Uninstalling the app removes all local data

4.2 Server Processing

For AI features, data is temporarily sent to our servers:

  • Our backend is hosted on secure servers in the United States (Ashburn, Virginia)
  • Photos and voice recordings are processed in real-time and not stored
  • Device IDs are used to enforce usage limits and prevent abuse

4.3 Security Measures

We implement appropriate technical and organizational measures to protect your data, including:

  • HTTPS encryption for all data in transit
  • Secure storage on your device
  • Rate limiting to prevent abuse
  • Regular security reviews

5. Data Sharing and Disclosure

We do not sell your personal information. We may share data with:

  • Analytics Providers: Google Firebase Analytics — we share anonymized usage events, device information, and advertising identifiers for analytics, app improvement, and advertising campaign measurement. Data is retained for up to 14 months. Google's use of this data is governed by their Privacy Policy.
  • Subscription Management: RevenueCat — we share subscription status, anonymous user identifiers, and usage attributes for subscription management and analytics. See RevenueCat's Privacy Policy.
  • AI Processing: Google Gemini — for food recognition from photos, voice, and text
  • App Distribution: Apple App Store and Google Play Store for app distribution and in-app purchases
  • Legal Requirements: When required by law, legal process, or to protect rights and safety
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice)

6. Your Rights and Choices

6.1 Access and Portability

You can access all your data directly in the app. We plan to add data export functionality (CSV/JSON) in a future update.

6.2 Deletion

You can delete your data at any time:

  • Individual Entries: Delete specific food entries from your diary
  • All Data: Clear all data from the app settings
  • Account Deletion: Contact us at [email protected] to request deletion of any server-side data

6.3 Advertising and Analytics Opt-Out

You can control how your data is used for advertising:

  • Android: Go to Settings → Privacy → Ads → "Delete advertising ID" to opt out of personalized advertising
  • iOS: We do not use Apple's IDFA for tracking. Firebase Analytics uses the vendor identifier (IDFV), which is reset when you uninstall the app.

You can also use the app without AI features by using only barcode scanning and manual search (included in the free tier).

7. GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under GDPR:

  • Legal Basis: We process your data based on your consent (for AI features) and legitimate interests (for providing the service)
  • Data Controller: MacroLog is the data controller for your personal data
  • Your Rights: Access, rectification, erasure, restriction, portability, and objection
  • Supervisory Authority: You have the right to lodge a complaint with your local data protection authority
  • Data Transfers: Data may be transferred to the US for processing; we rely on standard contractual clauses where applicable

To exercise your GDPR rights, contact us at [email protected].

8. CCPA Compliance (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: What personal information we collect, use, and disclose
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: We do not sell personal information
  • Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise your CCPA rights, contact us at [email protected].

9. Children's Privacy

Our Services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. Data Retention

We retain your data as follows:

  • Local Data: Retained on your device until you delete it or uninstall the app
  • Analytics Data: Firebase Analytics retains event data for up to 14 months, after which it is automatically deleted
  • AI Processing: Photos and voice recordings are processed in real-time and not stored
  • Device IDs: Retained to enforce usage limits; can be reset by reinstalling the app
  • Advertising Identifiers: Collected for campaign attribution; you can reset your advertising ID in your device settings at any time
  • Support Communications: Retained for customer service purposes

11. Third-Party Services

Our app integrates with the following third-party services:

  • Google Firebase Analytics: App usage analytics and advertising campaign measurement — Privacy Policy
  • Google Gemini: AI processing for food recognition — Privacy Policy
  • RevenueCat: Subscription management and analytics — Privacy Policy
  • OpenFoodFacts: Food database for barcode scanning
  • USDA FoodData Central: Nutritional information database
  • Apple App Store: App distribution and in-app purchases (iOS)
  • Google Play Store: App distribution and in-app purchases (Android)

Each service has its own privacy policy governing their data practices.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Updating the "Last updated" date at the top of this policy
  • Posting a notice in the app for significant changes

We encourage you to review this policy periodically.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

We will respond to your inquiry within 30 days.