Gutopia Privacy Policy
1. Summary (Plain English)
- Your health data stays on your device - We do not upload it to our servers
- Cloud data is minimal - Limited to authentication (email, encrypted password, tokens)
- No selling or sharing - We don't sell your data or use it for advertising
- You control backups - iCloud/Google backups are managed by you through your device
- Delete anytime - Remove your account and all local data whenever you want
2. Data Controller
Gutopia Inc. is the controller of personal data we process (limited to authentication and support).
Contact: privacy@gutopia.ai
3. What We DO NOT Collect or Store
We do NOT upload to our servers:
- Health logs, symptoms, or metrics
- Medication records
- Food diaries and entries
- Photos stored in the app
- Precise location data
- Contacts or calendar data
- Cross-app tracking data
- Third-party advertising data
4. What We Collect and Why
A. Account & Authentication (Cloud)
- Email address or OAuth identifier
- Encrypted and salted password (if email signup)
- Authentication tokens and session identifiers
- Account creation date and last login time
- Account tier status (free/premium)
Purpose: To create and secure your account
B. Food Analysis (Anonymous & Temporary)
When you use our nutrition analysis feature:
- Food photos or text descriptions are sent to AI services
- NO identifying information is included (no user ID, email, or metadata)
- Data is processed immediately for nutritional information
- We do not store these photos or descriptions
- Only nutritional results are returned and saved locally on your device
Purpose: To provide nutritional information
Privacy Protection: Completely anonymous - the AI service cannot connect this data to you
C. API Usage Monitoring
- Timestamps of API feature usage (e.g., food analysis requests)
- Daily and monthly usage counts
- Request type and status (success/failure)
- No health content is logged, only usage metadata
Purpose: Prevent abuse, ensure fair use, manage service costs, and maintain quality for all users
D. Security and Operations
- IP address and user agent (processed temporarily at login)
- Error events related to authentication (not health content)
Purpose: Fraud prevention and service integrity
E. Support Communications
- Email address and message content when you contact us
- Kept only as long as needed to resolve your request
Purpose: Customer support
F. Optional Push Notifications
- Device push token (only if you opt in)
- Used only for app reminders, never for marketing
Purpose: Reminder notifications
G. Payments (if applicable)
- Purchase metadata from App Store (product ID, transaction status)
- No credit card numbers are received or stored by us
Purpose: Subscription management
5. Legal Basis for Processing (GDPR/UK GDPR)
- Contract: To create and maintain your account
- Legitimate Interests: Security, fraud prevention, service integrity
- Consent: Push notifications and optional features
6. On-Device Storage
- Health data is stored locally using device encryption
- OS-level backups (iCloud/Google) are controlled by you
- Data exports and sharing are initiated and controlled by you
7. Data Retention
- Account data: Kept while account is active, deleted upon account deletion
- API usage logs: Retained as needed for abuse prevention and service operations
- Support communications: Retained as needed, then deleted or anonymized
- Security logs: Kept briefly, then deleted or aggregated
- Local health data: Retained until you delete the app or clear data
8. Third-Party Services
We use minimal third-party services:
- Supabase: Authentication and account data
- AI Services (OpenAI/Gemini): Anonymous food nutrition analysis (no user data sent, no storage)
- Apple/Google: Push notifications
- App Stores: Payment processing
All third parties are required to protect your data and process it only per our instructions.
9. Security Measures
We implement:
- Encryption in transit (TLS) for all communications
- Strong password hashing (Argon2/bcrypt)
- Access controls and monitoring
- Regular security updates
Your device security is your responsibility — please use a passcode/biometric lock.
10. Your Rights
You have the right to:
- Access your account data we hold
- Correct inaccurate account data
- Delete your account and authentication data
- Export your local health data (via app features)
- Object to certain processing
- Data portability for data you provided
To exercise rights, contact: privacy@gutopia.ai
California Residents (CPRA)
- We do not sell or share personal information
- No discrimination for exercising privacy rights
EEA/UK Residents
- Right to lodge complaints with supervisory authorities
- Data may be transferred to the US with appropriate safeguards
11. Children's Privacy
- Service not directed to children under 13
- We don't knowingly collect data from children under 13
- Contact us immediately if you believe a child has provided data
12. Data Breach Notification
If a security incident affects your account data, we will notify you and/or regulators as required by law.
13. HealthKit/Google Fit (Future Integration)
- Only access data you explicitly permit
- Never used for advertising or data brokerage
- Processed locally, not uploaded to servers
14. Biometric Authentication
- Face ID/Touch ID data never leaves your device
- Managed entirely by your device's operating system
- We have no access to biometric data
15. International Transfers
Account data may be processed in the United States where our providers operate. We ensure appropriate safeguards are in place.
16. Changes to This Policy
We'll notify you of material changes via:
- Updated "Last Updated" date
- In-app notice or email (if available)
17. Contact Us
Gutopia Inc.
Email: privacy@gutopia.ai
For privacy-related questions or to exercise your rights, please email us with "Privacy Request" in the subject line.
This Privacy Policy forms part of our Terms of Service. By using Gutopia, you acknowledge that you have read and understood this Privacy Policy.