Privacy Policy

1. Introduction and Data Controller

MyFoodFit is a food scanning and diet evaluation tool designed to help you understand the nutritional characteristics of foods.

The data controller for all personal data processed in connection with MyFoodFit is:

MyFoodFit is operated from the United Kingdom and complies with UK GDPR. The app is distributed via the Apple App Store.

We are committed to transparency and minimal data collection. We do not sell your data, display third-party advertising, or track you across other apps or websites.

2. What Data We Collect

2.1 Account Information

When you create an account, we collect:

• Email address -- used for account login, password recovery, and essential service communications.

We do not collect: your name, phone number, physical address, precise location data, or advertising identifiers. Health-related dietary information is collected only where you choose to save it to your account, and only with your explicit consent, as described in Section 2.4.

2.2 Food Scans and Usage Data

When you scan foods or evaluate your diet:

• Food scan data -- barcode information processed to identify products and retrieve nutritional data.
• Dietary preferences -- any preferences or settings you configure within the app.
• Usage patterns -- basic information about how you interact with the app (features used, frequency of scans).

This data is used solely to provide app functionality and improve your experience. It is associated with your account if you are logged in.

2.3 Technical Information

We automatically collect limited technical information to operate the service: device type and operating system version, app version, and error logs or crash reports. This information does not identify you personally and is used only for technical support and service improvement.

2.4 Health and Condition-Profile Data

3. How We Use Your Data

We use the data we collect for the following purposes:

• Service delivery -- to provide food scanning, nutritional analysis, and diet evaluation features.
• Account management -- to authenticate your login and manage your account.
• Customer support -- to respond to your enquiries and resolve technical issues.
• Analytics and service improvement -- to understand how the app is used and identify areas for improvement (subject to your consent where required).
• Legal compliance -- to comply with applicable laws and respond to lawful requests from authorities.

We do not use your data for third-party advertising, cross-app or cross-site tracking, selling or renting to third parties, or medical diagnosis or treatment recommendations.

4. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis for each purpose for which we process personal data. The table below sets out the purpose, the data involved, and the lawful basis we rely on.

5. Data Storage and Security

Your data is stored securely using industry-standard practices:

• Data is encrypted in transit using TLS/SSL protocols.
• Data at rest is stored on secure servers with access controls.
• We use reputable third-party infrastructure providers that comply with UK and EU data protection standards (see Section 6).

Some data may be processed on your device and not transmitted to our servers unless necessary for account synchronisation or specific features you choose to use.

While we implement appropriate security measures, no system is completely secure. You are responsible for maintaining the confidentiality of your account credentials.

6. Data Sharing and Named Processors

We do not sell your personal data to third parties.

We work with the following processors, each of which handles personal data on our behalf under a data processing agreement:

We may also share limited data in the following circumstances:

• Academic research partners -- with your explicit consent, we may share anonymised, aggregated data for research purposes. Individual users are not identifiable in such data.
• Legal requirements -- we may disclose data if required by law, court order, or to protect our rights or the safety of others.
• Business transfers -- if MyFoodFit is acquired or merged, your data may be transferred to the new entity subject to this Privacy Policy.

We do not share your data with advertising networks, data brokers, or social media platforms (unless you explicitly choose to share content).

7. Your Rights and Controls

Under UK GDPR, you have the following rights:

• Access -- request a copy of the personal data we hold about you.
• Correction -- update or correct inaccurate data.
• Deletion -- request deletion of your account and associated personal data.
• Portability -- request your data in a structured, machine-readable format.
• Objection -- object to processing based on legitimate interests.
• Withdrawal of consent -- where processing is based on consent, withdraw it at any time via in-app settings or by contacting us. Withdrawal does not affect the lawfulness of processing before withdrawal.
• Restriction -- request that we restrict processing of your data in certain circumstances.

To exercise these rights or delete your account, please contact us at the address in Section 12.

Account deletion will permanently remove your email address, food scans, and preferences from our systems. Some data may be retained for a limited period to comply with legal obligations or resolve disputes. Aggregate behavioural data collected without identifiers (such as anonymous scan patterns used to improve our scoring engine) is retained after account deletion. This data cannot be linked back to you and is used only in aggregate to improve the app for all users.

8. Cookies and Analytics

8.1 Website

Our website (www.myfoodfit.co.uk) uses only essential cookies required for basic functionality. We do not use third-party advertising cookies.

8.2 Mobile App Analytics

The mobile app uses Mixpanel to collect usage analytics (features used, session frequency, and similar behavioural data). This is processed under your consent (see Section 4). You may withdraw consent at any time via the in-app privacy settings, which will stop further analytics collection. We do not use analytics services that track you across other apps or websites.

9. Children’s Privacy

MyFoodFit is not intended for use by children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe we have inadvertently collected data from a child under 13, please contact us immediately and we will delete such data.

10. International Data Transfers

Some of our processors (listed in Section 6) are based outside the UK and EEA. Where data is transferred internationally, we ensure appropriate safeguards are in place, such as:

• UK International Data Transfer Agreements (IDTAs) or standard contractual clauses approved by the ICO or European Commission.
• Adequacy decisions recognising equivalent data protection standards.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make material changes, we will update the “Last updated” date above and notify you via email or in-app notification. Your continued use of MyFoodFit after changes are posted constitutes acceptance of the updated policy.

12. Contact and Complaints

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you believe your data protection rights have been violated. Visit ico.org.uk for more information.

13. Important Disclaimer

MyFoodFit is an informational tool designed to help you understand nutritional characteristics of foods. It is not a medical device and does not provide medical advice, diagnosis, or treatment. Always consult qualified healthcare professionals for medical guidance.

See also our Terms of Use for the full liability and warranty disclaimers applicable to the service.