NutriHex Privacy Policy
Effective 2026-05-22
The short version. NutriHex is a personal nutrition tracker. You can use it anonymously — no account required. When you scan food, the camera image is sent to Google's Gemini AI for identification and is not retained after the result returns. Your meal log is stored on our server, keyed to an anonymous device ID, and is never sold or shared with advertisers. If you sign in with Google, your data survives reinstalls. You can export or delete your data at any time from the Trust tab.
Who runs NutriHex
NutriHex is an independent app. For any privacy question, data export, or deletion request, contact us at nutrihex.app@gmail.com.
What we collect
- An anonymous device ID. The first time you open NutriHex, a random UUID (e.g.,
a1b2c3d4-…) is generated and stored locally on your device. It is sent with every request so the server can associate your data. It is not linked to any email, name, or personal identifier unless you choose to sign in with Google. - Google account information (optional). If you tap "Sign in with Google," we receive your Google account name, email address, and a stable account identifier (Google subject ID) from Google's OAuth service. This links your data to your Google account so it persists across reinstalls and devices. Sign-in is entirely optional; the app is fully functional without it.
- Camera frames (while you are actively using Smart Scan). When you tap Smart Scan, the live camera feed and microphone audio are sent to Google's Gemini Live API for real-time food identification. Frames are processed in real time and are not retained by NutriHex after the analysis returns a result.
- Voice transcripts (during Smart Scan). Speech you speak aloud during a Smart Scan, and the AI's spoken responses, are transcribed and stored in our database for analytics (e.g., measuring how often voice input is used). Transcripts are keyed to your anonymous device ID.
- Meal log entries. The foods you log: name, portion in grams, eight nutrition values (calories, protein, carbs, fat, saturated fat, sugar, sodium, cholesterol), time of day, meal type, data source (USDA, OpenFoodFacts, or AI estimate), and the barcode if you scanned one.
- Daily nutrition summaries derived from your meal log entries.
- Health profile preferences (whether you've enabled Diabetes, Hypertension, or Kidney sensitivity flags) and your daily nutrient goal and limit values. Stored on the server alongside your device ID.
- Recipe data. Recipes you save in the Recipe Builder, including ingredient names, portion weights, and nutrition values.
- Scan and usage events. When you tap a scan entry point (Smart Scan or Scan Barcode), a timestamped event is logged. No content is captured — only the fact that the button was tapped. Used for anonymous product analytics.
- Active calories burned (optional, Android only). If you grant Health Connect permission, NutriHex reads today's active calories burned from Health Connect to display a net-calorie figure. This value is read at runtime and is not stored on our servers.
- Subscription state. If you purchase a NutriHex Pro subscription, your subscription status (active, expired, cancelled), the billing platform (Google Play or Stripe), and the product purchased are stored on our server via RevenueCat's webhook. No raw payment card or billing details are stored by NutriHex — those are handled entirely by Google Play or Stripe.
What we do not collect
- No advertising identifiers. We do not run ads and do not use any ad SDKs.
- No location data, contact list, or photos beyond the live camera feed during a Smart Scan.
- No persistent camera or microphone access — both are only active while the scan screen is open.
- No raw payment card numbers or full billing details — those stay with Google Play or Stripe.
Who else sees your data
- Google Gemini Live API receives camera frames and audio during a Smart Scan. Google's handling is governed by Google's Generative AI API terms and privacy policy.
- Google provides the cloud infrastructure that hosts the NutriHex backend and stores your data. All data is stored in the United States. Encryption at rest and in transit is applied by default. Google also provides analytics services that receive a daily export of anonymized behavioral event counts (no meal content, no food names, no personal identifiers — only anonymous UUIDs and timestamps).
- USDA FoodData Central is queried server-side for nutrition values. Only the food name and portion are sent — no user identifier.
- OpenFoodFacts is queried server-side when a barcode isn't in the USDA database. Only the GTIN (bare barcode digits) is sent — no user identifier.
- RevenueCat processes subscription events from Google Play and Stripe and forwards normalized purchase/renewal/expiration events to our backend. RevenueCat's handling is governed by their privacy policy.
- Google Play Billing / Stripe handle payment processing for NutriHex Pro subscriptions. NutriHex never sees your full card number or billing address. Their respective privacy policies govern payment data.
We do not sell your data, do not share it with advertisers, and do not use it to train any AI models.
How long we keep your data
Your meal log entries, recipes, summaries, and preferences are retained for as long as your account is active, or until you request deletion.
- If you use NutriHex anonymously (no Google Sign-In), your data is tied to the UUID stored on your device. If you uninstall the app or clear app data, your device loses access to the server-side rows — but those rows persist on the server until you email us to delete them.
- If you signed in with Google, your data is linked to your Google account and persists across reinstalls until you request deletion.
Your controls
- Export your data. The Trust tab inside the app offers one-click JSON or ZIP download of everything we store about your device ID.
- Delete a single meal. Logged meals can be deleted directly from the Today tab.
- Revoke Health Connect access. Android Settings → Health Connect → App permissions → NutriHex → remove permissions.
- Cancel a subscription. Manage subscriptions via Google Play (Play Store → Profile → Payments & subscriptions) or via Stripe's customer portal if you subscribed on the web.
- Delete everything. Email nutrihex.app@gmail.com with "Delete my data" and include the device ID shown on the Trust tab (or your Google account email if you signed in). We'll wipe all server-side rows within 7 days.
Children
NutriHex is not directed at children under 13. If you believe a child has used the app on your device and you would like the associated data removed, please contact us at the address above.
Security
All requests use HTTPS. Your meal log is stored in a secured, access-controlled database accessible only by the NutriHex backend. We have not had a data breach to disclose.
Changes to this policy
If we change what we collect or how we use it, we'll update this page and bump the effective date at the top. Material changes will also be noted inside the app's Trust tab.
Contact
For any question or request related to this policy or your data: nutrihex.app@gmail.com.