Privacy Policy
Last Updated: June 2026
1. Our Privacy Philosophy
Meal IQ was designed with one rule: your health data belongs to you. We collect the minimum data necessary to operate the service. Your food diary and nutrition log stay on your device. The only personal data that leaves your device is the meal photo, voice recording, or description you choose to submit for AI analysis — and only after you give explicit permission, after which it is deleted (see Section 2).
2. What We Collect
Stored only on your device
- Your food diary (meal entries, calorie logs, daily totals)
- Your profile settings (calorie goals, meal windows, body weight bracket, hand-length calibration)
- Meal photos saved as small local thumbnails for your log view
- Favorited meal templates
- App preferences
Sent to a third-party AI service for analysis (only with your permission)
To identify the food in your meals, Meal IQ sends the input you provide to a third-party AI service: Amazon Web Services — specifically Amazon Bedrock (and AWS Transcribe for voice), operating in the United States. Before anything is sent for the first time, the app shows an in-app disclosure that names exactly what is sent and who receives it, and asks for your explicit permission. You can decline and log meals by hand instead, and you can review or revoke this permission at any time in the app under Settings → Data & Privacy. The following is transmitted only after you agree:
- Meal photos are uploaded to a temporary AWS S3 bucket and analyzed by Amazon Bedrock's AI model. Uploaded photos are automatically deleted by an S3 lifecycle rule, typically within 24 hours. No photo is stored persistently by us or reviewed by a human.
- Voice recordings are uploaded to AWS S3 and transcribed by AWS Transcribe; the resulting text is sent to Amazon Bedrock to identify ingredients. Uploaded audio is automatically deleted by the same S3 lifecycle rule, typically within 24 hours.
- Typed meal descriptions are sent directly to Amazon Bedrock for ingredient identification and are not stored in S3.
Amazon Bedrock does not store your inputs after processing and does not use them to train AI models. This data is never sold and is never used to build a profile of you.
Data stored on Apple Health (only if you enable sync)
If you enable the "Sync to Apple Health" toggle in Settings, the app will:
- Write to Apple Health: calories, protein, carbohydrate, and fat values for each meal you log. These appear in the Health app under Dietary Energy, Protein, Carbohydrates, and Fat Total.
- Read from Apple Health: your most recent body weight entry (used to suggest a calorie goal during onboarding). The weight value never leaves your device.
Apple Health data is governed by Apple's policy. Meal IQ has no server access to your Apple Health data. You can revoke Health permission any time in iOS Settings → Privacy & Security → Health → Meal IQ.
On-device only (never sent to any server)
- Photos selected from your library: when you use the photo library picker, only the photo you select is read. The rest of your library is not accessed.
Anonymous operational data
- AWS CloudWatch logs from our Lambda functions contain ingredient names, confidence scores, and request metadata for debugging purposes. These logs contain no user identifiers, no device IDs, and no personal information. Logs are retained for 30 days, then permanently deleted.
- On the free tier, Google AdMob displays interstitial, app-open, and banner ads and collects anonymous ad interaction data per Google's privacy policy.
- The iOS App Tracking Transparency prompt appears once before the first ad is shown. If you allow tracking, Google may serve more relevant (personalized) ads. If you decline, ads are still served but are non-personalized. Either choice is fine; there is no penalty for declining.
Inaccuracy reports (only if you submit them)
When you tap "Flag inaccuracy" on a meal's nutrition label, the app
sends the analysis result (ingredients, matched USDA foods, computed
macros, the description text you provided, and the original photo if any)
to AWS S3 under a flag-reports/ prefix. These reports are
retained for 90 days, then automatically deleted. The submission contains
no device identifier, no user identifier, no IP-keyed tracking
beyond what AWS sees naturally. We review reports to improve the
AI's accuracy. Flagging is entirely optional.
What we do NOT collect
- No name, email address, or account credentials
- No precise location
- No device identifiers collected by us directly (on the free tier, Google AdMob may use the advertising identifier only if you allow tracking in the App Tracking Transparency prompt — see above)
- No biometric data beyond what you voluntarily enter or sync from Apple Health
- No contacts, calendar, or other system data
3. How We Use Your Data
The meal photos, voice recordings, and descriptions you submit are used solely to identify ingredients and estimate nutrition via AI, and are retained only transiently — uploaded media is automatically deleted within 24 hours (see Data Retention below). We do not build user profiles. We do not sell data. We do not share data with third parties except as described in this policy (AWS for AI processing, Google AdMob for ads on the free tier, Apple for in-app purchases and optional Apple Health sync).
Third-party protection. We have confirmed that the third parties with which we share your data for processing — Amazon Web Services (Amazon Bedrock and AWS Transcribe) — provide the same or equivalent protection of your data as described in this policy. In particular, Amazon Bedrock does not store your inputs after processing and does not use them to train its AI models.
4. Notifications
Meal IQ can send local notifications to remind you to log meals at the meal windows you configure. These are local notifications scheduled by iOS — they are not sent from any server and contain no personal data. You can disable notifications any time in iOS Settings → Notifications → Meal IQ.
5. Third-Party Services
- AWS (image, audio, text processing; inaccuracy reports): aws.amazon.com/privacy
- Amazon Bedrock — our third-party AI service for ingredient identification: Amazon Bedrock does not store inputs after processing or use them to train its models. Governed by the AWS privacy notice above.
- AWS Transcribe (speech-to-text for voice meal descriptions): governed by the AWS privacy notice above.
- Google AdMob (free tier only): policies.google.com/privacy
- Google User Messaging Platform (consent management for ads in some regions): governed by Google's policy above.
- Apple (in-app purchases, App Store, HealthKit, crash reporting): apple.com/legal/privacy
6. Data Retention
- All your diary data is on your device until you delete it.
- CloudWatch logs (no PII) are retained 30 days.
- Uploaded meal media (photos and audio) in S3 is automatically deleted by a 1-day (24-hour) lifecycle rule.
- S3 inaccuracy reports have a 90-day lifecycle rule.
- Apple Health data on your device is governed by your iOS Health app settings.
7. Your Rights
Because we hold no personal data on our servers, there is nothing to request, export, or delete from us. All your data resides on your device. Deleting the app removes all locally stored data immediately. To keep your diary if you switch devices, enable iPhone's iCloud Backup (Settings > [Your Name] > iCloud > iCloud Backup).
You can also export your full meal log as CSV at any time: Settings → Export meal log (CSV).
8. Children's Privacy
Meal IQ is not directed at children under 13. We do not knowingly collect data from minors.
9. Changes to This Policy
We will update the "Last Updated" date when this policy changes. Material changes will be noted in the App Store release notes.
10. Contact
Questions? Visit our support page.