Privacy Policy

Last Updated: February 18, 2026
Effective Date: February 18, 2026

Welcome to Nutika AI ("we," "our," or "us"). This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our mobile application and web service (collectively, the "Service").

Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

Information We Collect

Personal Information

We may collect personally identifiable information that you voluntarily provide to us when you:

Register for an account
Use our nutrition analysis features
Contact us for support
Subscribe to our premium services

This information may include:

Name and email address
Account credentials (encrypted passwords)
Profile information and preferences
Subscription and billing information
Device information and identifiers

Nutrition and Health Data

When you use our nutrition analysis features, we collect:

Food images you upload for analysis
Nutrition analysis results and recommendations
Dietary preferences and restrictions
Health goals and tracking data
Usage patterns and app interactions

Automatically Collected Information

We automatically collect certain information about your device and usage:

Device type, operating system, and version
IP address and general location data
App usage analytics and performance metrics
Error logs and diagnostic information
Cookies and similar tracking technologies

How We Use Your Information

We use collected information for the following purposes:

Service Provision

Provide AI-powered nutrition analysis using our AI service providers (e.g., Google Gemini and OpenAI)
Store and retrieve your nutrition history
Personalize recommendations based on your preferences
Process subscription payments and manage your account

Service Improvement

Analyze usage patterns to improve app functionality
Develop new features and enhance existing ones
Monitor and analyze app performance and security
Conduct research and analytics for service optimization

Communication

Send you service-related notifications
Respond to your inquiries and support requests
Provide updates about new features or changes
Send marketing communications (with your consent)

Third-Party Services

AI Service Providers

We use AI service providers to analyze images and generate nutrition information. When you upload food images:

Images may be sent to our AI service providers for processing (e.g., Google Gemini and OpenAI, depending on feature and availability)
Providers may temporarily store data as required for processing
Providers’ privacy policies apply to their processing of that data
We do not control how third-party providers independently use data that they process

Supabase Services

We use Supabase for backend services:

Supabase Auth: Secure user authentication
Supabase Postgres: Encrypted data storage
Supabase Storage: Secure file storage
Supabase Privacy Policy: supabase.com/privacy

Analytics

We use analytics tools to understand product usage and improve reliability:

PostHog: Product analytics and performance insights

Payment Processing

We use third-party payment and subscription providers:

Stripe: Website subscription payments (where available)
RevenueCat: Subscription management for mobile app purchases
Apple App Store / Google Play: Mobile in-app purchases and billing

Payment information is processed by these third-party providers. We receive limited transaction information for subscription management, and full payment details are not stored on our servers.

Data Storage and Security

Security Measures

We implement industry-standard security measures to protect your information:

Data encryption in transit and at rest
Regular security assessments and updates
Access controls and authentication protocols
Secure data centers and infrastructure

Data Retention

We retain your personal information only as long as necessary:

Account information: Until you delete your account
Nutrition data: Until you delete it or close your account
Analytics data: Up to 26 months for service improvement
Legal requirements may extend retention periods

International Data Transfers

Your information may be transferred to and stored in countries outside your residence. We ensure adequate protection through appropriate safeguards, and data transfers comply with applicable privacy laws. You consent to such transfers when using our Service.

Your Privacy Rights

Access and Control

You have the right to:

Access your personal information we hold
Update or correct inaccurate information
Delete your account and associated data
Export your data in a portable format
Opt out of marketing communications

Regional Rights

European Union (GDPR):

Right to be informed about data processing
Right to access your personal data
Right to rectification of inaccurate data
Right to erasure ("right to be forgotten")
Right to restrict processing
Right to data portability
Right to object to processing
Rights related to automated decision-making

California (CCPA):

Right to know what personal information is collected
Right to delete personal information
Right to opt-out of sale of personal information
Right to non-discrimination for exercising privacy rights

Canada (PIPEDA):

Right to access your personal information
Right to challenge the accuracy and completeness of information
Right to have information corrected
Right to file complaints with privacy commissioners

Exercising Your Rights

To exercise your privacy rights:

Email us at privacy@nutika.ca
Use the account settings in our app
Contact our support team for assistance
Response time: Within 30 days of verified requests

Children's Privacy

Our Service requires users to be 13+ years old (16+ in the EU). We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it immediately. Parents who believe we have collected their child's information should contact us.

Changes to Privacy Policy

We may update this Privacy Policy from time to time:

Changes will be posted on this page with updated "Last Updated" date
Significant changes will be communicated via email or in-app notification
Continued use of the Service after changes constitutes acceptance
We recommend reviewing this policy periodically

Data Breach Notification

In the event of a data breach:

We will investigate and assess the breach within 72 hours
Affected users will be notified promptly if required
Regulatory authorities will be notified as required by law
We will take immediate steps to contain and remediate the breach

Contact Information

For privacy-related questions or concerns, contact us:

Email: privacy@nutika.ca
Support: support@nutika.ca

For EU residents, our Data Protection Officer can be reached at: dpo@nutika.ca

Legal Basis for Processing

Under GDPR, we process personal information based on:

Consent: For marketing communications and optional features
Contract: To provide services you've requested
Legitimate Interest: For service improvement and security
Legal Obligation: For compliance with applicable laws

Cookies and Tracking

We use cookies and similar technologies to:

Remember your preferences and settings
Analyze app usage and performance
Provide personalized content and features
Manage authentication and security

You can control cookies through your browser settings, though this may limit app functionality.

Compliance and Certifications

We are committed to privacy compliance and maintain:

Regular privacy impact assessments
Staff privacy training and awareness programs
Third-party security audits and certifications
Compliance monitoring and reporting procedures

This Privacy Policy is effective as of the date listed above and applies to all users of the Nutika AI service. Please contact us with any questions or concerns about our privacy practices.