Privacy Policy
Last updated: May 16, 2026
What Data We Collect
- Food photos and text descriptions — when you scan a meal, a food label, or an ingredient on a scale, the image (or your text description) is sent to Google AI (Gemini) for nutritional analysis. Photos are processed in real time and are not stored on our servers or in Firebase.
- Health data — if you grant access, ScanPlate reads your resting and active energy from Apple Health (HealthKit) to calculate a more accurate daily calorie goal. Health data stays on your device and is never sent to any server or third party.
- Profile data — age, height, weight, biological sex, and fitness goal. Stored locally on your device using SwiftData. We do not upload this to any server.
- Meal history — food entries, ingredients, weights, and calorie data. Stored locally on your device.
- Analytics events — we collect anonymous usage events through Firebase Analytics (Google), for example: how often the AI analysis succeeds or fails, which scan mode is used (dish / label / build / text), whether a paywall was shown, and whether HealthKit is enabled. These events are linked to an app-installation identifier (not your Apple ID, name, or email). We use them only to improve the app and we do not use them for advertising.
- User properties — Firebase Analytics also stores a few anonymous segments: whether you have an active subscription (is_pro), your selected fitness goal (lose / maintain / gain), biological sex, and whether HealthKit is enabled. These are used only to understand how different groups of users use the app.
- Subscription / purchase data — when you start a free trial or purchase a subscription, your purchase is processed by Apple. We also receive purchase events from Superwall and Firebase Analytics so we can manage entitlements and measure conversion. We never see your credit card or Apple ID.
- Crash, performance, and diagnostic data — collected automatically by the Firebase SDK to help us find and fix bugs.
Third-Party Services
- Google Gemini (AI food analysis) — receives food photos and text descriptions for the sole purpose of returning nutritional information. Subject to Google's Privacy Policy.
- Firebase Analytics (Google) — receives anonymous usage events, user properties, crash data, and an app-installation identifier. Subject to Firebase Privacy and Security.
- Superwall — used to display paywalls and manage subscriptions. Receives anonymous device and subscription events. Subject to Superwall's Privacy Policy.
- Apple HealthKit — health data read from HealthKit is processed only on your device. It is never shared with Google, Superwall, or any other third party, never used for advertising, and never sold.
- Apple App Store (StoreKit) — used to process subscriptions. Apple may share standard purchase information with us in accordance with their privacy policy.
What We Do NOT Do
- We do not sell your personal data.
- We do not use HealthKit data for advertising or marketing.
- We do not track you across other apps or websites (no IDFA / ATT prompt).
- We do not store your food photos on our servers or in Firebase.
- We do not require an account, an email, or a password.
Data Storage and Retention
All your meal history, profile information, and preferences are stored locally on your device using SwiftData. We do not operate a user account system and do not maintain a server-side database of user data. If you delete the app, all on-device data is removed by iOS.
Anonymous analytics events sent to Firebase are retained according to Google's Firebase Analytics data retention settings (currently set to the standard retention period).
Your Rights
You can at any time:
- Revoke HealthKit access in iOS Settings → Privacy & Security → Health → ScanPlate.
- Revoke Camera or Photos access in iOS Settings → Privacy & Security.
- Manage or cancel your subscription in iOS Settings → [your name] → Subscriptions.
- Delete all your data by uninstalling the app.
- Request that we delete any analytics data linked to your installation by contacting us at the email below.
If you are located in the EU/UK (GDPR) or California (CCPA), you have the right to access, correct, or delete personal data we process about you, and to object to processing.
Children's Privacy
ScanPlate is not directed at children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.
Changes to This Policy
We may update this policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Material changes will also be communicated inside the app.
Contact
If you have questions about this privacy policy, want to exercise your rights, or want us to delete data associated with your installation, contact us at parkeraxis@gmail.com.