Privacy Policy

Last updated: May 2, 2026

This Privacy Policy describes how Makrosas ("we", "our", "the app") collects, uses, and protects your personal data when you use our calorie and nutrition tracking application.

1. Important Disclaimer

Makrosas is not a professional nutrition, medical, or dietary advisory service. We are not licensed dietitians, nutritionists, or healthcare providers. The app, including all AI-powered features, provides general informational guidance only. Nutritional values, suggestions, and AI responses may be inaccurate or incomplete. Any decisions you make based on information from the app are entirely your own responsibility. Always consult a qualified healthcare professional before making significant changes to your diet.

2. Data Controller

The data controller is the operator of Makrosas. For data-related inquiries, contact: makrosas.app@gmail.com.

3. Data We Collect

  • Account data: Name, email address (provided during registration or via Google OAuth).
  • Health and nutrition data: Daily food logs (meals, items, macros), nutrition goals and targets, body measurements (weight, waist), training/rest day preferences. This data is considered special category data under GDPR Article 9.
  • Photos: If you use the camera or photo library to scan food or nutrition labels, images are processed for recognition and may be temporarily stored. Photos are not used for any purpose other than food identification.
  • AI interaction data: Messages sent to the AI nutrition advisor, AI-generated responses. Chat history is retained for 7 days, then automatically deleted.
  • Technical data: Device information and error logs for crash reporting and app stability.

4. How We Use Your Data

  • To provide calorie tracking, macro calculations, and nutrition insights.
  • To power AI features: food recognition, nutrition coaching, analytics.
  • To sync your data across devices via your account.
  • To improve app stability (crash reports).

We do not sell your data. We do not use your data for advertising.

5. Legal Basis (GDPR)

  • Consent (Article 9(2)(a)): Processing of health-related data (food logs, body measurements, nutrition goals) is based on your explicit consent, provided when you create an account.
  • Contract (Article 6(1)(b)): Processing necessary to provide the service you signed up for.
  • Legitimate interest (Article 6(1)(f)): Crash reporting and app stability.

6. Third-Party Service Providers

To deliver the service, we use trusted third-party providers in the following categories:

  • Cloud infrastructure: Database hosting, authentication, and serverless computing. Primary data storage is located in the EU.
  • AI service providers: Food recognition, photo analysis, and nutrition coaching features use third-party AI services. Only food descriptions, nutrition context, and food images are sent for processing. No personal identifiers (name, email) are included in AI requests.

7. Data Storage and Retention

  • Account and nutrition data is stored as long as your account is active.
  • AI chat messages are automatically deleted after 7 days.
  • Error logs are retained for 30 days.
  • When you delete your account, all associated data is permanently removed.

8. Your Rights

Under GDPR, you have the right to:

  • Access your personal data.
  • Rectify inaccurate data.
  • Erase your data ("right to be forgotten").
  • Export your data in a portable format.
  • Withdraw consent at any time by deleting your account.
  • Lodge a complaint with the Lithuanian State Data Protection Inspectorate (VDAI) at vdai.lrv.lt.

9. Data Security

We use industry-standard security measures: encrypted connections (HTTPS/TLS), row-level security on all database tables ensuring users can only access their own data, and secure authentication protocols.

10. Children

The app is not intended for children under 16. We do not knowingly collect data from anyone under 16.

11. Changes

We may update this policy from time to time. The "Last updated" date at the top reflects the most recent revision.