Privacy Policy for Gut Score

Last Updated: February 2, 2026

This Privacy Policy describes how Gut Score ("we", "our", or "us") collects, uses, and shares information about you when you use our mobile application.

1. Information We Collect

1.1 Personal Information

• Account Information: When you sign in with Google, we collect your email address and name.
• Device Information: We generate and store a unique device identifier to track your usage across sessions.
• Meal Data: Photos of meals you upload, food items detected, timestamps, and gut health scores.

1.2 Automatically Collected Information

• Device type and operating system version
• App usage patterns and feature interactions
• Timestamps of meal logs and score calculations

2. How We Use Your Information

We use the collected information to:

• Analyze meal photos using AI to identify food items and calculate gut health scores
• Provide personalized health insights and track your progress over time
• Authenticate your account and enable cross-device synchronization (for premium users)
• Process payments for premium features
• Improve our app's functionality and user experience
• Respond to your inquiries and provide customer support

3. Data Storage and Security

• Database: Your data is stored securely using Supabase, a cloud-based database service with encryption at rest and in transit.
• Images: Meal photos are processed by our backend API and are not permanently stored unless required for your meal history.
• Authentication: We use industry-standard JWT tokens for secure authentication.
• Encryption: All data transmission between your device and our servers uses HTTPS encryption.

4. Third-Party Services

We use the following third-party services that may collect and process your information:

• Supabase: Database hosting and authentication services
• Google Sign-In: Authentication provider for account login
• Stripe: Payment processing for premium subscriptions (Stripe's privacy policy applies)
• Backend API: Hosted at api.gutscore.sdmai.org for AI-powered meal analysis

Each service has its own privacy policy governing the use of your data. We recommend reviewing their policies.

5. Data Sharing and Disclosure

We do NOT sell, rent, or trade your personal information. We may share your information only in the following circumstances:

• Service Providers: With trusted third-party services (listed above) that help us operate our app
• Legal Requirements: If required by law, court order, or governmental regulation
• Business Transfers: In the event of a merger, acquisition, or sale of assets

6. Data Retention

• Account data is retained as long as your account is active
• Meal logs and scores are kept to provide historical tracking
• You may request deletion of your data at any time (see section 8)

7. Your Rights and Choices

You have the right to:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and associated data
• Opt-Out: Discontinue use of the app at any time
• Data Portability: Request your data in a structured, machine-readable format

8. Account Deletion

To delete your account and all associated data, please contact us at support@sdmai.org with your account email address.

Upon account deletion, all your personal data, meal logs, and scores will be permanently removed within 30 days.

9. Children's Privacy

Gut Score is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately.

10. International Users

Our services are hosted in the United States, but our business operates from India. If you are accessing our app from outside India or the US, please be aware that your information may be transferred to, stored, and processed in the US where our servers are located.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy in the app or via email. Your continued use of the app after changes constitutes acceptance of the updated policy.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information
• Right to opt-out of the sale of personal information (we do not sell your data)
• Right to non-discrimination for exercising your privacy rights

13. GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Legal basis for processing: Consent and legitimate interests
• Right to withdraw consent at any time
• Right to lodge a complaint with a supervisory authority