Effective Date: Feb 1, 2025
The privacy and security of your data is extremely important to me. The policy below explains how your data is stored and secured and the measures I take to protect it. By using Feast, you agree to these practices.
Personal Data via SSO: We use Single Sign-On (SSO) through Apple or Google. This process provides us with your name, email address, and authentication tokens. We also store any additional context you choose to share in your "About Me" page, and let the AI models access it for more personalized recommendations.
Photo Data & Nutritional Information: When you snap a photo, it is securely transmitted to our servers and forwarded to OpenAI’s APIs for analysis. Nutritional data from this analysis is stored on our backend and on your iOS device. Photos are retained on our server to enable future reanalysis with enhanced models. In the future, we may begin using Google's APIs.
Health Data: Nutritional data can be synced with Apple Health via HealthKit.
Usage & Performance Data: We collect non-identifying data to monitor app performance and for bug tracking. Heroku and Sentry handle these functions with their performance and bug monitoring tools.
Personalization: To deliver nutritional insights, personalized recommendations, and challenges based on your logged meals and "About Me" data.
Service Improvement: To enhance app performance, resolve issues, and maintain the overall quality of Feast.
Future Analysis: Stored photos may be reprocessed with improved models as they become available, ensuring you receive the most accurate analysis over time.
OpenAI’s APIs: Your photos and relevant data are shared with OpenAI solely for analysis and recommendation generation.
Heroku: We use Heroku for hosting our backend and database. All data remains hosted within the United States, and the admin account enforces 2FA without SMS fallback.
No Sale of Personal Data: We do not sell, trade, or otherwise transfer your personal information to third parties outside of the services described above.
Storage & Retention: Data, including photos and nutritional details, is stored on Heroku servers. We do not enforce a fixed data retention policy; however, you may delete your account and all linked data via the app settings at any time.
Security Measures: Data in transit is encrypted via HTTPS. Administrative access to our systems is protected with two-factor authentication. We rely on the default security configurations provided by Heroku’s PostgreSQL.
Account Management: You may access, update, or delete your data at any time through the App’s settings. Deleting your account removes all associated information from our systems.
Feast is not directed at individuals under 13. We do not knowingly collect personal data from children. If such data is inadvertently collected, it will be promptly removed.
We may update this policy periodically. Any significant changes will be reflected by an updated effective date and, where necessary, by notifying you through the App.
For questions or concerns regarding this Privacy Policy, please contact [email protected]. To disclose a security or privacy vulnerability, please contact [email protected].