Privacy Policy

Last updated: May 6, 2026 — Effective immediately

The short version: Numi stores your meal data — including the photos you capture — in secure cloud storage so it syncs across your devices. We use AI to analyze food, which means your food photos are sent to OpenAI for processing each time you scan a meal. We don't sell your data, don't share it with advertisers, and don't use your photos to train AI models. You can delete everything at any time from inside the app.

1. Who We Are

Numi ("Numi," "we," "us," or "our") is a mobile nutrition app for iOS. The app and this website are operated by:

ФОП Ордынский Денис (FOP Ordynskyi Denys), an individual entrepreneur registered in Ukraine.
Contact: hello@getnumi.app

This Privacy Policy explains what personal data we collect when you use the Numi app or visit getnumi.app, how we use it, who we share it with, and what rights you have. For the purposes of the EU / UK GDPR, we act as the data controller for your personal data in the app.

2. Information We Collect

2.1 Information you give us directly

Account data: email address and display name when you create an account or sign in with Apple or Google.
Profile data: age, sex, height, weight, activity level, dietary restrictions, allergies, and goals (weight loss, maintenance, gain). This is optional but used to personalize calorie targets, macro splits, and AI recommendations.
Support messages: if you email us, we keep the message and any attachments so we can respond.

2.2 Information generated when you use the app

Meal photos. When you scan a meal, the image is (a) sent to our AI provider for analysis (see § 4) and (b) uploaded to our cloud storage so it appears in your meal history across your devices. Photos are stored in our Firebase Storage bucket, scoped to your user account, until you delete the meal entry or your account. We strip location metadata (EXIF GPS tags) from the photo before upload.
Nutrition logs: the meals, portions, nutrition values (calories, macros, micros), meal times, and user decisions ("I ate this," "I avoided this," "eat later") you record.
Text inputs: meal descriptions you type in text-entry mode. These are sent to our AI provider to estimate nutrition.
Hydration and weight entries: water intake and body-weight values you log.
Fasting windows: start and end times of your eating windows.
AI-derived data: the nutrition estimates, health scores, meal tags, and personalized recommendations our AI returns for your meals.

2.3 Information collected automatically

Device and app data: device model, iOS version, app version, locale, time zone — collected by Firebase and Google Analytics to understand how the app is used and which features need improvement.
Usage events: which screens you view, which features you use, and aggregated interaction counts (e.g. scans completed, meals logged). We do not attach personal identifiers to analytics events beyond a randomly-generated install ID.
Crash-adjacent diagnostics: when the app throws a recoverable error we may log the error type and the screen it happened on. We do not have a full crash-reporting SDK enabled (no Crashlytics, no Sentry).
Website analytics: getnumi.app uses Google Analytics 4 to measure visits. See § 9 for the cookies this uses and your choices.

2.4 Information we do not collect

We don't access your phone's contacts, calendar, microphone, or photo-library metadata. We access the Camera and, if you choose to import an image, your Photo Library — both require your permission via the iOS system prompt.
We don't track you across other apps or websites for advertising.
We don't use Apple's IDFA or any advertising identifiers.

3. How We Use Your Information

We use the information listed in § 2 for the following purposes:

To provide the core service: analyze your meal photos, calculate nutrition, show your history across devices, track fasting / water / weight, and present trends. Legal basis: performance of the contract between you and us (GDPR Art. 6(1)(b)).
To personalize recommendations: compute calorie and macro targets using your profile (Mifflin-St Jeor BMR, activity factor, goal), flag allergens, and generate AI-written insights grounded in your data. Legal basis: contract performance; for sensitive profile items like allergies or a stated weight goal, your explicit consent (GDPR Art. 9(2)(a)).
To send service messages: updates about your account, subscription, or material changes to these terms. Legal basis: contract performance and our legitimate interest in keeping you informed (Art. 6(1)(b) and (f)).
To improve the product: understand aggregate usage patterns and fix issues. Legal basis: our legitimate interest in running a functional product (Art. 6(1)(f)). We use anonymized / aggregated data for this wherever possible.
To process subscriptions: validate purchases and entitlements via RevenueCat (see § 5). Legal basis: contract performance and our legal obligations (Art. 6(1)(b) and (c)).
To comply with the law: retain records as required by tax, consumer-protection, or other laws. Legal basis: legal obligation (Art. 6(1)(c)).

We do not use your data to serve you advertisements. We do not sell your personal data in the sense meant by the CCPA or similar laws. We do not use your meal photos or nutrition logs to train AI models, ours or anyone else's.

4. AI Processing of Food Photos and Text

Food recognition and nutrition estimation are powered by OpenAI. When you scan a meal or enter a text description, the following happens:

The image (or text) is sent from your device to our Firebase Functions backend over TLS.
The backend forwards the image and a context block (see below) to OpenAI's API over TLS.
OpenAI returns the recognized foods, nutrition breakdown, and written recommendations. Our backend returns them to your device.
Separately, your device uploads the photo to our Firebase Storage bucket so it appears in your meal history (§ 2.2).

What gets sent to OpenAI in the "context block": to personalize recommendations, we attach a short text summary of your activity level, dietary restrictions, allergies, remaining calories/macros for the day, and weight goal. No email, name, or account ID is included — only the data relevant to nutritional reasoning. OpenAI processes this as a data processor on our behalf.

OpenAI's retention: we use OpenAI's API with zero data retention where available and via our enterprise terms that prohibit OpenAI from using your inputs to train their models. Per OpenAI's published API policies, API inputs and outputs are not used to train OpenAI's models by default.

Barcode scans: when you scan a product barcode, the barcode string (not your photo) is sent to Open Food Facts, USDA FoodData Central, and/or TheMealDB for a product lookup. Those services receive only the barcode — no identifying information about you.

AI-generated nutrition estimates are approximations. They should not be used as medical or clinical advice. See § 13 and our Terms of Service for the full health disclaimer.

5. Service Providers (Subprocessors)

We use the following third-party services to operate Numi. Each is contractually bound to process your data only as instructed by us. They act as our data processors / subprocessors.

        
              Provider
              Purpose
              Data involved
            
              Google — Firebase
Auth, Firestore, Storage, Functions, Remote Config, App Check, Analytics
              Account sign-in, data sync, AI backend hosting, meal-photo storage, product analytics.
              Account, profile, meal logs, photos, usage events.
            
              OpenAI
              AI food recognition and nutrition estimation.
              Meal photo or text description, nutritional context block (§ 4).
            
              Apple
App Store, Sign in with Apple, HealthKit, StoreKit
              Distribution, authentication, health-data integration, purchases.
              Apple ID (hashed), subscription state, HealthKit samples (on-device only, see § 10).
            
              Google Sign-In
              Optional sign-in method.
              Google account email and display name, if you choose this method.
            
              RevenueCat
              Manages subscriptions and entitlement checks.
              App Store transaction receipts, subscription status, pseudonymous user ID.
            
              Open Food Facts / USDA FoodData Central / TheMealDB
              Barcode and dish lookups.
              Barcode string or dish name only — no personal data.
            
              Google Analytics 4 (website only)
              Website traffic measurement.
              IP (truncated), browser, approximate country, page views.

Provider	Purpose	Data involved
Google — Firebase Auth, Firestore, Storage, Functions, Remote Config, App Check, Analytics	Account sign-in, data sync, AI backend hosting, meal-photo storage, product analytics.	Account, profile, meal logs, photos, usage events.
OpenAI	AI food recognition and nutrition estimation.	Meal photo or text description, nutritional context block (§ 4).
Apple App Store, Sign in with Apple, HealthKit, StoreKit	Distribution, authentication, health-data integration, purchases.	Apple ID (hashed), subscription state, HealthKit samples (on-device only, see § 10).
Google Sign-In	Optional sign-in method.	Google account email and display name, if you choose this method.
RevenueCat	Manages subscriptions and entitlement checks.	App Store transaction receipts, subscription status, pseudonymous user ID.
Open Food Facts / USDA FoodData Central / TheMealDB	Barcode and dish lookups.	Barcode string or dish name only — no personal data.
Google Analytics 4 (website only)	Website traffic measurement.	IP (truncated), browser, approximate country, page views.

Most of these providers are located in the United States. Data transfers outside Ukraine / the EU / the UK are protected by Standard Contractual Clauses or equivalent safeguards under GDPR Art. 46.

We may add or change subprocessors. Material changes will be reflected in this page and, where legally required, communicated to you directly.

6. Data Retention

Account and profile data, meal logs, photos: retained for as long as your account is active. Deleted when you delete your account.
Support messages: retained for up to 24 months after the last message, unless required longer by law.
Subscription records: retained for as long as required by tax law in Ukraine (typically 3 years after the end of the reporting period).
Aggregated / anonymized analytics: retained indefinitely. This data cannot be linked back to you.
Backups: Firebase keeps short-term backups (up to 30 days) that may contain residual copies of deleted data. After that window, deletion is complete.

You can delete your account and all associated data at any time from Profile → Account → Delete Account. Deletion is effective immediately in the live database; backup purge follows within 30 days.

7. Data Security

TLS 1.2+ for all data in transit.
Encryption at rest on all Firebase services (AES-256).
App Check enforced in production: only authenticated instances of our app can reach the backend.
Access to production data is restricted to the app owner (FOP Ordynskyi Denys) and is audited.
EXIF and GPS metadata is stripped from meal photos before upload.
Meal photos are stored in per-user paths; Firebase Security Rules prevent cross-user access.

No system is perfectly secure. If we ever discover a breach affecting your personal data, we will notify affected users without undue delay and, where applicable, notify the relevant supervisory authority within 72 hours as required by GDPR Art. 33.

8. Your Rights

If you are in the EU / EEA, UK, or another jurisdiction with equivalent data-protection laws, you have the following rights:

Access — request a copy of the data we hold about you.
Rectification — correct inaccurate or incomplete data. (You can edit your profile in the app.)
Erasure — request deletion of your data. (Self-serve via in-app account deletion, or email us.)
Restriction and objection — limit or object to certain processing.
Data portability — receive your data in a structured, commonly-used format.
Withdraw consent — where processing is based on consent, withdraw it at any time. This does not affect the lawfulness of processing before withdrawal.
Complain — lodge a complaint with your local data-protection authority. In Ukraine: the Commissioner of the Verkhovna Rada for Human Rights. In the EU: your national DPA. In the UK: the ICO (ico.org.uk).

California residents have the analogous rights under the CCPA / CPRA (to know, delete, correct, limit use, and non-discrimination for exercising those rights). We do not sell personal information.

To exercise any of these rights, email hello@getnumi.app. We will respond within 30 days.

9. Cookies and Similar Technologies

The Numi iOS app does not use cookies. The getnumi.app website uses:

Strictly necessary: none beyond standard browser operation.
Analytics (Google Analytics 4): loaded only after you interact with the page (first scroll, click, or touch). The cookies it sets (_ga, _ga_*) measure anonymized traffic. You can opt out by installing the Google Analytics opt-out browser add-on, by using your browser's "do not track" setting, or by blocking cookies from googletagmanager.com.

We do not use advertising cookies, retargeting pixels, or social-media trackers on our website.

10. Apple Health and HealthKit

Numi can optionally write nutrition data (calories, protein, carbs, fat, fiber, sugar, sodium, micros), water intake, and body weight into Apple Health if you grant permission. It can also read weight from Apple Health to keep your weight tracker in sync across other Apple Health sources.

Data that lives in HealthKit is stored on your device and controlled by Apple's own privacy framework. We do not copy HealthKit data to our servers. If you delete an entry from Apple Health, it is also removed from Numi's synced view. If you revoke HealthKit permissions in iOS Settings, the integration stops immediately.

11. Subscriptions and Payments

Numi offers in-app subscriptions. All purchases and renewals are processed by Apple (App Store / StoreKit) and managed by RevenueCat, our subscription-management partner. We do not see or store your payment card details. RevenueCat receives the App Store transaction receipt and subscription status in order to verify your entitlement to paid features.

For refund requests, use Apple's standard process at reportaproblem.apple.com. See our Terms of Service for the full subscription terms.

12. Children's Privacy

Numi is not intended for children under the age of 13 (or 16 in the EU, where that is the applicable digital-consent age). We do not knowingly collect personal information from children under those ages. If you are a parent or guardian and believe your child has provided us with data, contact us at hello@getnumi.app and we will delete it.

13. Health Disclaimer

Numi is a wellness and nutrition-awareness tool. It is not a medical device. AI-generated nutrition values are estimates and may vary from lab-measured values. Do not use Numi as a substitute for professional medical advice, diagnosis, or treatment, and do not rely on it for the management of medical conditions.

14. International Data Transfers

Numi is operated from Ukraine, but most of our infrastructure is provided by US-headquartered companies (Google, Apple, OpenAI, RevenueCat). When your data moves across borders, it is protected by one of the transfer mechanisms recognised under GDPR Art. 46, typically Standard Contractual Clauses. If you have questions about a specific transfer, contact us.

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes we will notify you through the app or by updating the "Last updated" date at the top. If the change materially reduces your rights, we will give you advance notice and ask for your consent where required.

16. Contact

Questions, complaints, or data-rights requests? Get in touch.

Privacy Contact

hello@getnumi.app Visit our Support page

Controller details (GDPR Art. 13(1)(a)): ФОП Ордынский Денис (FOP Ordynskyi Denys), Ukraine. Email: hello@getnumi.app.