Privacy Policy

Effective 25 April 2026

This Privacy Policy explains what information Trace Health (“Trace”, “we”, “us”) collects when you use our mobile app and the tracenutrient.com website, how we use it, who we share it with, and what choices you have. It applies to the Trace app, website, and any related services.

We designed Trace to collect only what we need to make the product work. We do not sell your personal data. We do not use your identifiable data to train third-party AI models.

1. Information we collect

Account information

  • Email address and display name (required to create an account)
  • A hashed password, if you sign up with email — we never store or see your plaintext password
  • A stable identifier from Apple or Google if you use social sign-in (we do not receive your Apple/Google password)

Health and profile information

  • Health concerns you select during onboarding (up to three medical conditions; plus any body goals and wellness focus areas you pick)
  • Dietary preferences (vegetarian, vegan, halal, kosher, gluten-free, etc.)
  • Body statistics: date of birth, biological sex, height, weight, activity level
  • Optional: GLP-1 medication status, kidney dialysis status

Meal data

  • Photos of meals you log (stored securely in our cloud storage)
  • Meal entries — foods identified, portion sizes, nutrient estimates, timestamps, the meal type (breakfast, lunch, dinner, snack)
  • Any edits or notes you add to a meal

Exercise, fasting, and water data

  • Manually logged exercise entries, intermittent fasting windows, and water intake

Device and technical data

  • A push-notification token (if you opt in to notifications)
  • Device type, operating system version, app version, timezone, and locale — used for correct scheduling of reminders and for diagnostics
  • Crash reports and error logs — used only to fix bugs

Subscription events

  • Your subscription status (Free or Subscribed), plan (monthly or annual), whether you have consumed a free trial, and the next renewal date
  • We do not receive, store, or process payment-card details. Billing is handled entirely by Apple and Google; Trace only receives signed event notifications from RevenueCat (our subscription management provider) confirming purchase, renewal, or cancellation.

Usage analytics

  • Aggregate events about how features are used (e.g. “user completed onboarding”, “user opened the insights tab”). This helps us understand which features matter and improve them.

2. How we use your information

  • To operate the Service — authenticate you, sync your data across devices, show your history
  • To analyse your meals — when you photograph a meal, we send the photo to our AI vision provider (see §3) to identify foods and estimate portions and nutrients
  • To calculate your personalised targets — we use your profile (age, sex, weight, activity, conditions, goals) to compute daily calorie and nutrient targets based on published scientific guidelines (Mifflin-St Jeor, WHO, USDA) and condition-specific adjustments
  • To generate insights — we analyse your logged meals across a week to surface patterns (e.g. “you're low on magnesium”) and suggest simple swaps
  • To send you notifications — reminders, weekly reports, and subscription notices, only where you have opted in
  • To prevent abuse and keep the Service secure — rate-limiting, fraud prevention, debugging
  • To communicate with you — for account matters (password reset, billing, policy updates)

3. Who we share data with

Trace uses a small number of trusted service providers to run the app. Each is granted only the data necessary for its specific function, and is contractually bound to confidentiality and data-protection obligations.

  • Neon (PostgreSQL) and Upstash (Redis) — our primary databases where your account, profile, and meal history are stored
  • Amazon S3 / Cloudflare R2 — object storage for your meal photos
  • Anthropic (Claude) or Google (Gemini) — AI vision providers that analyse your meal photos. Photos are sent over encrypted connections, analysed on their infrastructure, and then returned to Trace. Neither provider uses your content to train their models under our processing agreements.
  • RevenueCat — receives subscription events from Apple and Google, and forwards them to Trace so your Pro entitlement stays accurate
  • Apple App Store and Google Play — process all subscription payments. Trace does not receive your payment card details at any point.
  • Resend — delivers transactional emails (password reset, account notices)
  • PostHog — records pseudonymous usage events to help us improve the product
  • Sentry — captures crashes and errors so we can fix bugs
  • USDA FoodData Central and Edamam — food reference databases we query for nutrient data. These requests contain only the food name you've searched for — never your identity or profile.

We do not share your data with advertisers. We will only disclose your data to law enforcement if we are legally compelled to do so, and where permitted we will notify you.

4. Meal-photo retention

Meal photos are stored for up to 30 days after logging, then automatically deleted from our cloud storage. You can delete any photo manually at any time by deleting the meal from your history.

5. Data retention

We keep your account and health data for as long as your account is active. When you delete your account, we permanently delete your profile, meal history, and photos within 30 days. Limited records required for legal and accounting purposes (for example, subscription receipts) may be retained for up to seven years in line with tax law.

6. Your rights

You have rights over the data we hold about you. Depending on your region, these include:

  • Access — request a copy of the data we hold about you
  • Portability — export your data in a machine-readable format
  • Correction — update any inaccurate data
  • Deletion — delete your account and all associated data
  • Objection and restriction — object to, or restrict, certain processing
  • Withdrawal of consent — where processing relies on consent (for example, push notifications), withdraw it at any time

You can exercise most of these rights directly from the Profile screen in the app, including exporting your data and deleting your account. You can also email support@tracenutrient.com and we will respond within a reasonable time.

7. Security

We use TLS to encrypt data in transit between your device and our servers, and encryption at rest for stored data. Passwords are hashed with bcrypt. Access to production systems is restricted to authorised engineers and audited. No system is perfectly secure, but we take reasonable, industry-standard measures to protect your data.

8. Children

Trace is not intended for children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has created an account, please contact support@tracenutrient.com and we will delete it.

9. International data transfers

Trace is operated from a global set of cloud regions, and our service providers (listed in §3) may process your data in countries outside your own — including the United States, the European Union, Singapore, and the United Kingdom. Where we transfer data across borders, we rely on appropriate legal safeguards such as Standard Contractual Clauses or equivalent mechanisms.

10. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we'll notify you in-app or by email before they take effect. The “Effective” date at the top of this page always reflects the current version.

11. Contact

For privacy questions, data-access requests, or complaints, email support@tracenutrient.com. If you're in the EU or UK and you are not satisfied with our response, you have the right to lodge a complaint with your local data-protection authority.

Start your 3-day free trial.

Subscribe annually and the first 3 days are on us. Cancel anytime in your device settings before day 3.

Nutrition estimates, not medical advice.

Privacy Policy — Trace Health · Trace