GDPR Compliance

Your Data Rights

Under the General Data Protection Regulation (GDPR), you have specific rights regarding your personal data. Food Planner is committed to protecting your privacy and ensuring compliance with GDPR requirements.

1. Right to Access

You have the right to request access to the personal data we hold about you. This includes:

• Your profile information (age, weight, height)
• Your meal plan history and preferences
• Your account activity and usage data

2. Right to Rectification

You have the right to correct any inaccurate or incomplete personal data we hold about you. You can update your profile information directly in the app or contact us for assistance.

3. Right to Erasure ("Right to be Forgotten")

You have the right to request the deletion of your personal data when:

• The data is no longer necessary for the purposes it was collected
• You withdraw your consent
• You object to the processing
• The data was unlawfully processed

4. Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format. You can also request that we transfer this data directly to another service provider where technically feasible. Use the "Download My Data" feature in the app's Profile settings to export your data at any time.

5. Right to Object

You have the right to object to the processing of your personal data in certain circumstances, including processing for direct marketing purposes or based on our legitimate interests.

6. Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data in certain situations, such as when you contest the accuracy of the data or object to our processing.

7. Data We Collect

We collect and process the following types of personal data:

• Account information (email address, name)
• Health metrics (age, weight, height, fitness goals)
• Usage data (app interactions, meal plan requests)
• Device information (device type, operating system)

8. Legal Basis for Processing

We process your personal data based on:

• Your consent when you create an account and use the app
• Contract performance to provide meal planning services
• Legitimate interests to improve our services
• Legal obligations to comply with applicable laws

9. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. You can request deletion of your data at any time.

10. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, including standard contractual clauses approved by the European Commission.

11. Third-Party Data Processors

We do not sell your personal data. We share data only with the following third-party processors who help us operate the app:

• OpenAI — generates personalized meal plans. Your health metrics and dietary preferences are sent to OpenAI's servers. OpenAI processes this data in accordance with their privacy policy and GDPR compliance measures.
• Firebase (Google) — provides user authentication, account management, and cloud data storage. Your authentication and profile data is handled according to Google's privacy policies.
• RevenueCat — manages in-app subscriptions. Purchase and subscription status information is handled according to RevenueCat's privacy policy.

12. Rights Related to Automated Decision Making

Our app uses artificial intelligence (OpenAI) to generate personalized meal plans based on your health metrics (age, weight, height, fitness goal). Under GDPR Article 22, you have the right to:

• Request human review of AI-generated recommendations
• Express your point of view regarding AI-generated outputs
• Contest decisions based solely on automated processing

The AI-generated meal plans are suggestions only. They do not constitute medical advice and do not restrict your dietary choices. You are always free to modify or disregard any recommendation.

13. How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us at:

We will respond to your request within 30 days. You also have the right to lodge a complaint with your local data protection authority.

14. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encryption, secure servers, and regular security assessments.

15. Contact Information

For any questions or concerns about GDPR compliance or your data rights:

Data Protection Officer: dpo@foodplanner.app