Welcome to DietMaze. We are committed to protecting your privacy and handling your personal information with care. This Privacy Policy explains what data we collect, why we collect it, how we use and protect it, and what rights you have regarding your information.
By using the DietMaze mobile application, you acknowledge that you have read, understood, and agree to the data practices described in this Privacy Policy. If you do not agree, please discontinue use and delete the app.
1. Personal Information We Collect
We collect information you provide directly, as well as limited information generated through your use of the app. We do not collect data from third-party healthcare systems or medical providers.
1.1 Information You Provide Directly
When you create a DietMaze account and build your Health Blueprint, you provide us with the following:
| Category | Examples |
|---|---|
| Identity Information | Name, age, gender, location |
| Physical Characteristics | Height, weight |
| Health Profile Data | Chronic health conditions, food allergies |
| Dietary Preferences | Cuisine preferences, dietary restrictions (e.g., vegetarian, halal, kosher) |
| Location (General) | General area/region for restaurant recommendations |
| Account Authentication | Google or Apple account email address (via OAuth; no password stored by DietMaze) |
Important Notice Regarding Health Data:
Health condition and allergy information is sensitive personal data. This information is entered manually by you and is never automatically extracted from any healthcare system, EHR, insurance system, or medical device. You control what you disclose.
1.2 Content You Upload or Generate
When using core app features, you may provide:
-
Food photos uploaded for scanning and analysis
-
Restaurant menu images captured via camera
-
QR code scans of food products
-
Manual food journal entries (text descriptions of meals)
This content is used to provide you with safety recommendations and nutritional analysis based on your Health Blueprint.
1.3 Data Collected Automatically
We collect limited technical information to maintain app performance and security:
-
Device type and operating system (iOS)
-
App version and crash/error logs (for debugging purposes)
-
General app usage metrics (aggregate, non-user-specific) for performance improvements
We do not use cookies, advertising identifiers (IDFA/AAID), behavioral tracking pixels, or cross-app tracking technologies.
1.4 Information We Do NOT Collect
To be clear, DietMaze does not collect:
-
Use for real-time location tracking
-
Payment card numbers or full financial account details (processed by Apple Pay/Google Pay/Stripe only)
-
Biometric data (fingerprint, face ID) beyond what your device OS uses for authentication
-
Data from minors under 18 years of age
-
Data entered by one user about another person
2. How We Use Your Information
We use the information we collect for the following specific purposes:
| Purpose | Description |
|---|---|
| Safety Recommendations | Generating the propensity rated scoring with high/medium/low safety verdicts for scanned foods based on your Health Blueprint (conditions, allergies) |
| Nutrition Analysis | Analyzing nutritional content of scanned food items and restaurant menus |
| Personalized Recommendations | Suggesting restaurants and food items aligned with your dietary profile and constraints |
| Nutrient Goal Tracking | Tracking your daily nutrient goals set within the app profile |
| Health Reminders | Food and medication schedule reminders as configured by you |
| App Maintenance | Identifying and resolving technical errors, crashes, and performance issues |
| AI Model Improvement | Specific LLM responses (food item, health condition, allergy data combinations, ingredients, nutrient information, reasoning notes, not directly identifying) may be retained to improve model accuracy |
| Account Management | Enabling account creation, login, profile updates, and account deletion |
| Legal Compliance | Meeting applicable legal obligations under New Jersey law and applicable federal laws |
We do not use your personal health data for advertising, marketing profiling, or sale to third parties.
3. Data Sharing and Third Parties
DietMaze shares your data only as necessary to provide core app functionality. We do not sell your personal information.
3.1 Core Infrastructure and Service Providers
| Provider | Role | Data Shared / Notes |
|---|---|---|
| Google Cloud Platform (GCP) | Cloud infrastructure & data storage | All app data is stored on GCP servers. Data is encrypted at rest and in transit. |
| Google Gemini AI Models | AI-powered food analysis engine | Pseudonymized data only: internal user reference, age range, dietary preferences, and allergy-related exclusions. Not used to train Google's AI models. |
| Google Sign-In (OAuth) | User authentication | Email address for account creation. Google's privacy policy governs Google's data use. |
| Apple Sign-In (OAuth) | User authentication | Email address (real or relay) for account creation. Apple's privacy policy governs Apple's data use. |
| Apple Pay / Google Pay / Stripe / PayPal | Subscription payment processing | Payment card data is processed entirely by these providers. DietMaze does not receive or store full card numbers. |
3.2 Data We Do NOT Share
-
We do not sell personal data to data brokers, advertisers, or marketing firms.
-
We do not share your health profile, medical conditions, or allergy data with insurance companies, employers, or government agencies except as required by law.
-
We do not integrate with third-party analytics advertising platforms (no Meta Pixel, no Google Analytics for advertising).
3.3 Legal Disclosures
We may disclose your information if required to do so by law, court order, or government authority, or to protect the safety, rights, or property of DietMaze, its users, or the public.
3.4 Business Transfers
In the event of a merger, acquisition, or sale of all or substantially all of Uni7 LLC's assets, your data may be transferred as part of that transaction. You will be notified via in-app notification if such a transfer occurs.
4. Data Storage, Security, and Retention
4.1 Where Your Data Is Stored
All user data is stored on Google Cloud Platform (GCP) servers. Data is hosted in the United States. By using DietMaze, you consent to your data being stored in the United States.
4.2 Security Measures
We take the security of your health-related data seriously. Our technical and organizational safeguards include:
-
TLS (Transport Layer Security) encryption for all data in transit
-
Encryption at rest for all stored personal and health data
-
Role-Based Access Control (RBAC) limiting data access to authorized personnel only
-
Database-level security controls
-
Application-level logging and monitoring
While we implement industry-standard security measures, no system is 100% secure. We encourage you to use strong authentication methods on your device.
4.3 Data Retention
| Data Type | Retention Period |
|---|---|
| Account & Profile Data (name, email, health profile) | Retained until you delete your account. Deleted from primary and backup systems upon confirmed deletion request. |
| Food Journal Entries & Scan History | Retained until account deletion is requested. |
| AI Response Data (for model improvement) | Specific LLM response data (food item + health condition + allergy combination + ingredients + nutrient information + reasoning notes not linked to full identity) may be retained beyond account deletion for model fine-tuning. |
| Technical/Error Logs | Retained for a limited period for debugging; no permanent storage of user-specific log data. |
| Payment Transaction Records | Retained as required by applicable tax and accounting laws. |
Important: When you delete your account, all personal identification information (name, email, height, weight, age, allergies, medical conditions, gender, cuisine preferences) will be removed from our primary database and backup systems. However, pseudonymized AI response data, as mentioned above, that is retained for model improvement may persist in a de-identified form.
5. Your Privacy Rights
As a user of DietMaze, you have the following rights regarding your personal data:
5.1 General Rights (All Users)
| Right | How to Exercise |
|---|---|
| Access & Review | View and review your profile data directly in the app at any time. |
| Correction | Update any inaccurate health or profile data directly within the app. |
| Deletion | Request account and data deletion directly in the app. All personal identifying data will be permanently removed from primary and backup databases. |
| Notification of Changes | You will be notified of material changes to this Privacy Policy through in-app notifications. |
5.2 California Residents (CCPA/CPRA)
If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA), as amended by the CPRA:
-
Right to Know: Request disclosure of what personal information we collect, use, and share.
-
Right to Delete: Request deletion of your personal information.
-
Right to Correct: Request correction of inaccurate personal information.
-
Right to Opt-Out of Sale/Sharing: We do not sell personal information. If this changes, we will provide a prominent "Do Not Sell or Share My Personal Information" link.
-
Right to Limit Use of Sensitive Personal Information: You may request that we limit our use of sensitive personal information (health conditions, allergies) to what is necessary to provide the service.
-
Right of No Retaliation: You will not be discriminated against for exercising any CCPA rights.
To exercise California privacy rights, contact us at support@dietmaze.app with the subject line "California Privacy Rights Request."
5.3 No Data Download (Current Limitation)
At this time, DietMaze does not support exporting or downloading your data in a portable file format. We intend to implement this feature in a future release. To request a copy of your data in the interim, please contact support@dietmaze.app.
5.4 Exercising Your Rights
To exercise any privacy rights described above, you may:
-
Use the account management features within the DietMaze app
-
Email us at support@dietmaze.app
We will respond to verified requests within 45 days (or as required by applicable law). We may need to verify your identity before processing requests. If your request is denied, you have the right to appeal the decision by emailing support@dietmaze.app with the subject line "Privacy Rights Appeal."
6. Children's Privacy
DietMaze is intended for users who are 18 years of age or older. We do not knowingly collect personal information from individuals under 18 years of age.
If we become aware that we have collected personal information from a person under 18, we will take prompt steps to delete that information from our systems. If you believe a minor has provided us with personal information, please contact us immediately at support@dietmaze.app.
7. AI and Automated Processing Disclosure
DietMaze uses Google Gemini AI models to power its core food safety analysis and nutrition recommendation features. When you scan a food item or menu, your request is processed by these AI models.
7.1 What Data Is Sent to AI Systems
Only the minimum information necessary to generate your safety recommendation is transmitted to AI models:
-
A non-identifying internal user reference (not your name or email)
-
Your age range (not your exact date of birth)
-
Dietary preferences and ingredient exclusions (which may include allergy-related information)
This data is pseudonymized, transmitted over encrypted connections, and is contractually restricted from being used to train Google's AI models.
7.2 AI Limitations and No Medical Reliance
AI-generated safety verdicts are for informational purposes only. The app does not replace the judgment of a licensed healthcare professional. Please see Section 9 of our Terms of Use for full disclaimers regarding AI limitations.
8. No Cookies or Cross-App Tracking
DietMaze does not use cookies, web beacons, advertising identifiers (IDFA or AAID), Meta Pixels, Google Analytics advertising tags, or any cross-application tracking technologies.
The app does not track your behavior across other websites or apps, and your DietMaze usage data is not shared with advertising networks or data brokers.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or app features.
When we make material changes, we will notify you through in-app notifications at your next login. The updated Privacy Policy will also be made available within the app.
Your continued use of DietMaze after receiving notice of an updated Privacy Policy constitutes your acceptance of the revised terms. If you do not agree with the changes, you should stop using the app and delete your account.
10. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
| Privacy Inquiries | support@dietmaze.app |
|---|---|
| General Support | support@dietmaze.app |
| Legal Entity | Uni7 LLC |
| Jurisdiction | State of New Jersey, United States |
