This article is a plain-English summary. The full legal version is in our Privacy Policy — that's the source of truth if anything below is ambiguous.
The short version
- Most of your data stays on your device. Meal logs, photos, and nutrition goals are stored locally on your iPhone (and in your iCloud if you've enabled iCloud Sync) — not uploaded to our servers.
- A small amount is on our servers. Your account record (email, name, Apple ID identifier), the basics of your profile (name, height, weight, activity level), and API usage counts.
- Meal photos pass through a third-party AI provider, then get thrown away. Each photo is sent for AI analysis and not retained on our side.
- We don't sell your data. Ever.
What's stored where
| Data | Where it lives | Who can read it |
|---|---|---|
| Meal logs, photos, nutrition goals | Your iPhone (and iCloud if enabled) | Just you |
| Profile basics (name, height, weight, activity level) | Your iPhone and our servers | Us |
| Account record (email, name, Apple ID hash) | Our servers | Us |
| API usage counts (per-day, per-endpoint) | Our servers | Us |
| Meal photos at analysis time | Sent to our AI provider, not stored by us | The AI provider during analysis |
| Barcode numbers at lookup time | Sent to external food databases | Those databases during lookup |
| Crash reports | Our crash-reporting service | Us |
| Feedback messages | Our servers | Us |
What's not collected
- Your location. BeforeIBite never asks for or uses location data.
- Contacts, calendar, photos library beyond what you pick. The camera and photo picker only see the image you select for a specific scan.
- HealthKit data on our servers. If you grant Apple Health access, BeforeIBite reads body stats locally and writes meals back as dietary energy — Apple Health data is never sent to our servers.
- Advertising identifiers. BeforeIBite is ad-free, so we don't collect them.
Who else sees your data
BeforeIBite relies on a handful of service providers to run the app. Each one only receives what it needs for its specific job:
- Apple — Sign in with Apple, App Store payments, and iCloud sync.
- Google — handles authentication if you use Sign in with Google.
- Our cloud host — runs our backend and database.
- Our AI provider — receives meal photos, label photos, and free-text food queries for AI analysis.
- Our crash-reporting service — receives crash reports.
- External food databases — receive the barcode numbers you scan.
The Privacy Policy names each provider specifically, with a link to its own privacy policy — see section 3.5.
How long things are kept
- Local app data — until you delete it or delete the app.
- Account data on our servers — while your account is active. See Delete your account and your data for the wipe flow.
- API usage logs — up to 12 months, then automatically deleted.
- Feedback messages — up to 24 months, then deleted (sooner if you ask).
- Crash reports — follow our crash-reporting service's retention.
Your rights
You can:
- Delete your account and all server-side data — Settings → Profile → Delete account in the app.
- Revoke camera, photo library, or Health access — iPhone Settings → Privacy.
- Disable iCloud Sync — Settings → iCloud Sync inside BeforeIBite (or your iPhone iCloud settings).
- Ask us for a copy or deletion of your data — email
[email protected].
If you're in the EEA or California, you have additional rights under GDPR / CCPA — see sections 5.2 and 5.3 of the Privacy Policy.
Contact
Questions or data requests: [email protected].