TruvoFit is a calorie and wellness tracking app. This policy explains what personal data we collect, why we collect it, and how we protect it.
We keep this as short and plain-language as possible. By using TruvoFit, you agree to the practices described here.
Section 01
Who we are
TruvoFit is operated as an independent app. For privacy questions, contact us at privacy@truvo.fit.
Section 02
What data we collect
We collect only what's needed to make the app work:
- Account data — your email address, used to create and authenticate your account.
- Profile data — your name (optional), date of birth, height, weight, goal weight, activity level, and unit preferences. Used to calculate your calorie target.
- Food logs — meal descriptions, calorie and macro estimates, and the date logged.
- Weight logs — weight entries you record, with dates.
- Water logs — daily glass counts you record.
- AI usage logs — a count of AI estimates used per day, to enforce fair usage limits. Meal text is stored briefly for this purpose.
- Profile photo — if you choose to upload one. Stored securely and never shared.
We do not collect location data, contacts, health app data, or device identifiers beyond what Supabase collects for authentication.
Section 03
How we use your data
- To provide core features — calorie tracking, progress, coaching.
- To calculate your personalised daily calorie and macro targets.
- To power AI meal estimation — meal descriptions are sent to Google's Gemini API.
- To enforce per-user daily limits on AI estimates.
- To authenticate you securely.
We do not use your data for advertising, sell it to third parties, or share it with anyone except as described in the Third-party services section.
Section 04
Legal basis for processing (GDPR)
If you are in the European Economic Area, we process your data under the following bases:
- Performance of a contract — to provide the services you signed up for.
- Legitimate interests — to improve the app and ensure fair usage.
- Consent — for optional features like profile photos.
Section 05
Third-party services
TruvoFit uses the following third-party services:
Supabase
Our database and authentication provider. Your data is stored on Supabase infrastructure.
View Supabase Privacy Policy →Google Gemini API
Used to estimate calories from natural-language meal descriptions. Only meal description text is sent — no personally identifiable information.
View Google Privacy Policy →Open Food Facts
An open-source food database used for barcode scanning. No personal data is sent to Open Food Facts.
View Open Food Facts Privacy Policy →Section 06
Data retention
We keep your data for as long as your account is active. You can delete your account at any time by contacting privacy@truvo.fit, and we will delete all your personal data within 30 days.
AI usage logs are retained for 90 days then automatically deleted.
Section 07
Your rights
Depending on where you live, you may have the right to:
- Access the personal data we hold about you.
- Correct inaccurate data.
- Delete your data ("right to be forgotten").
- Export your data in a portable format.
- Object to or restrict how we process your data.
To exercise any of these rights, email privacy@truvo.fit. We will respond within 30 days.
Section 08
Children's privacy
TruvoFit is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, contact us and we will delete it promptly.
Section 09
Security
Your data is stored on Supabase infrastructure with encryption at rest and in transit. Authentication uses industry-standard JWT tokens. We apply row-level security so users can only access their own data.
Section 10
Changes to this policy
We may update this policy from time to time. When we do, we'll update the "Last updated" date at the top. Continued use of the app after changes constitutes acceptance of the updated policy.
Questions about your privacy? We're here.
privacy@truvo.fit