Privacy Policy

1. Introduction

This Privacy Policy describes how Poshan AI ("we," "our," or "us") collects, uses, and shares information when you use our mobile application (the "App"). By using the App, you agree to the practices described below.

Controller: Poshan AI LLC ("Poshan AI") acts as the data controller for personal information processed in connection with the App and uses carefully selected processors to deliver the service.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address and basic profile information when you sign in with Google.
• Profile Information (optional): Age, gender, height, weight, activity level, and dietary goals.
• Food and Meal Data: Information about meals, food items, portions, and caloric intake you log via text or voice input.
• Voice Data: If you use voice input, audio is captured on your device to generate text. Poshan AI does not receive or store the raw audio. Depending on your device/OS settings, your device’s speech services provider (e.g., Google) may process audio per their policies. Only the resulting text may be sent to our servers for analysis.
• Health Goals: Weight goals, calorie targets, and dietary preferences.
• Exercise Data: Physical activity information and step data (if you choose to provide or connect it).

2.2 Information We Collect Automatically

• Device Information: Device type, operating system, device identifiers, and mobile network information.
• Usage Data: How you interact with the App, features used, time spent, app performance data, pages/screens visited, and timestamps.
• Network Information: IP address and general network metadata.
• Location Data (optional): Approximate location if you grant permission (e.g., to suggest nearby restaurants or stores).
• Diagnostic Data: Crash reports and performance metrics to improve app stability.

2.3 AI Processing Data

• Food Recognition & Nutritional Analysis: Text you provide (including text converted from voice input on device) is processed by our AI and OpenAI API or Google Gemini API to identify foods and estimate calories, macros, and other nutrition information.
• Model Interaction Metadata: Pseudonymous request identifiers, timestamps, and performance metrics used to operate and secure the AI features.
• AI Model Training: Per OpenAI's API policy, data sent via the OpenAI API is not used to train OpenAI's models. Similarly, Google Gemini API follows Google's data handling policies. We transmit data securely and limit requests to the minimum necessary.

3. How We Use Your Information

• Provide Core Services: Track calories, analyze meals, and provide nutritional insights.
• AI Analysis: Process text input (including text derived from voice) to identify foods and estimate nutritional content.
• Personalized Recommendations: Suggest meals, recipes, and dietary adjustments based on your goals and usage patterns.
• Exercise Integration: Use exercise/step data (if provided) to inform calorie and nutrition guidance.
• Communications: Send app updates, transactional messages, and respond to support requests.
• App Improvement & Security: Analyze usage to enhance features, improve AI accuracy, prevent fraud/abuse, and maintain security.
• Legal Compliance: Comply with laws and enforce our terms.

4. Information Sharing and Disclosure

We do not sell your personal information. We share information only as described below:

4.1 Service Providers (Processors)

• AI Processing: OpenAI API and Google Gemini API for natural language processing of meal descriptions and nutritional analysis.
• Infrastructure & Storage: Google Cloud Platform (GCP) for hosting and databases.
• Subscriptions & Payments: Google Play Billing and RevenueCat to manage purchases and entitlements. We do not store your full payment card details on our servers.
• Analytics & Crash Reporting: Google Firebase Crashlytics for crash reporting and app stability monitoring (no personal health data is included in crash reports).
• Authentication: Google Sign-In and similar identity providers.

4.2 Legal Requirements

• Comply with legal obligations, court orders, or government requests.
• Protect and defend our rights or property and the security of our App.
• Prevent or investigate possible wrongdoing.
• Protect the personal safety of users or the public.

4.3 Business Transfers

If we engage in a merger, acquisition, financing, or sale of assets, your information may be transferred to the new entity. We will provide notice before your data is transferred and becomes subject to a different policy.

4.4 With Your Consent

We may share information for other purposes with your explicit consent.

5. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

• Encryption of data in transit and at rest.
• Secure authentication and role-based access controls.
• Regular security assessments and vulnerability management.
• Least-privilege access to production systems.
• Secure cloud infrastructure and backups.

No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

6. Data Retention

• Account Data: Retained until you delete your account, or up to 24 months after last activity for compliance and record-keeping, unless a longer period is required by law.
• Meal & Nutrition Logs: Retained until you delete them or delete your account. You control this data in the App.
• Usage & Diagnostic Data: Retained for approximately 90 days for troubleshooting and performance monitoring.
• Voice Data: Raw audio is not transmitted to our servers; only text generated on-device may be processed by our systems and AI APIs (OpenAI or Google Gemini).

You can request deletion of your data within the App (see Section 7) or by contacting us at help@poshanai.app. We may retain certain information as required by law or to resolve disputes.

7. Your Rights and Choices

7.1 Account Controls

• Update profile information within the App.
• Delete specific food logs or entire meal entries.
• Manage connected data sources (e.g., exercise integrations).
• Manage subscriptions via Google Play / RevenueCat.

7.2 Data Access, Portability, and Deletion

• In-App Deletion: You may delete your account and associated data from Settings → Delete Account. This triggers deletion of account data and meal logs from our production systems (subject to legal retention obligations and backup schedules).
• Access/Export: You may request a copy of your data by emailing help@poshanai.app.
• Correction: You may update or correct your information in the App or via support.

We will verify requests and respond within applicable legal timeframes.

7.3 Communication Preferences

• Opt out of non-essential emails; you will continue to receive transactional/security messages.
• Adjust push notifications within the App or device settings.

8. Children’s Privacy

The App is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us personal data, contact us and we will take appropriate steps to delete it. In certain jurisdictions where parental consent is required for users under a higher age threshold, we will comply with local requirements.

9. International Data Transfers & Hosting

We primarily host and process data on Google Cloud Platform in the United States. Your information may be transferred to and processed in countries other than your own, where data protection laws may differ. When transferring data, we implement appropriate safeguards (e.g., Standard Contractual Clauses, adequacy decisions, or your explicit consent).

10. Third-Party Services

The App may link to or integrate with third-party services (e.g., Google Sign-In, Google Play Billing, RevenueCat, OpenAI API, Google Gemini API, Firebase Crashlytics). Their privacy practices are governed by their own policies. We encourage you to review those policies:

• OpenAI: https://openai.com/privacy/
• Google (Gemini, Firebase, Sign-In): https://policies.google.com/privacy
• RevenueCat: https://www.revenuecat.com/privacy/

We are not responsible for the content or practices of third-party sites or services.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you by:

• Posting the updated policy on this page,
• Updating the Last Updated date above, and
• Providing in-app or email notices where required.

Your continued use of the App after changes take effect constitutes acceptance of the updated policy.

12. Contact Us

13. California Consumer Privacy Act (CCPA) Rights

If you are a California resident, you have specific rights regarding your personal information under the CCPA/CPRA:

13.1 Your Rights

• Right to Know/Access: Request details about the categories and specific pieces of personal information we collect, use, and disclose.
• Right to Delete: Request deletion of personal information (subject to legal exceptions).
• Right to Correct: Request correction of inaccurate personal information.
• Right to Opt-Out of Sale/Sharing: We do not sell personal information or share it for cross-context behavioral advertising.
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights.

13.2 Submitting Requests

Email help@poshanai.app with the subject line "CCPA Request." We will verify your identity and respond within the required timeframe (typically 45 days, with permitted extensions).

14. Legal Basis for Processing (GDPR/EEA)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, our legal bases include:

• Contract Performance: To provide the services you request.
• Legitimate Interests: To improve services, ensure security, and communicate with you.
• Consent: Where you have given consent (e.g., for certain analytics or marketing).
• Legal Obligation: To comply with applicable laws.

15. Jurisdiction

This Privacy Policy is governed by the laws of California, United States, without regard to conflict of law principles.

16. Health & Medical Disclaimer

Poshan AI is not a medical device and does not provide medical advice. The App offers general nutrition information and estimates for educational and informational purposes only. It is not a substitute for professional medical advice, diagnosis, or treatment. Always seek the advice of a physician or other qualified health provider with any questions you may have regarding a medical condition, diet, or fitness regimen. Never disregard professional medical advice or delay seeking it because of information provided by the App.

---