Privacy Policy

Last updated: 24 March 2026

Our core principle is data minimisation — we store as little personal data as possible, and we store health condition data exclusively on your device. We never see your medical information.

Overview

Ingredible is a food scanning application designed to help people managing chronic health conditions make informed dietary choices. This Privacy Policy explains how we collect, use, and protect your information when you use the Ingredible app.

Information we collect

Information stored on your device only

The following information is stored exclusively in encrypted local storage on your phone and is never transmitted to our servers:

Your health conditions (cardiovascular disease, hypertension, chronic kidney disease, type 2 diabetes)
Your CKD stage (if applicable)
Your scan history and computed RAG scores
Your unit preferences (metric or imperial)

This data is deleted permanently when you uninstall the app. We have no ability to access or recover it.

Information stored on our servers

When you create an account, we store the following on our servers hosted in the European Union:

Your user ID (generated by your Google or Apple account)
Your display name and email address (provided by Google or Apple Sign-In)
Your subscription status and trial expiry date
Your account creation date

We do not store any health condition data on our servers.

Anonymised analytics

If you have opted in to analytics (the default setting, which you can disable in Settings), we collect anonymised, non-identifiable data including aggregate counts of which conditions are selected by users (no user ID attached) and frequency of barcode scans by product (used to manage our product cache). This data cannot be linked back to any individual user.

Food product data

When you scan a barcode or search for a food, we query Open Food Facts and the USDA FoodData Central database. The product's nutritional data is cached in our database to improve performance. No personal data is included in these cache entries.

How we use your information

To provide and maintain the Ingredible service
To manage your subscription and trial period
To improve the app through anonymised usage analytics (if opted in)
To communicate with you about your account if necessary

We do not use your information for advertising, and we do not sell your data to third parties.

Legal basis for processing (UK GDPR)

We process your personal data under the following lawful bases:

Contract — processing your account data is necessary to provide the Ingredible service you have signed up for
Legitimate interests — anonymised analytics help us improve the app, and our use is proportionate and does not override your rights
Consent — for any processing beyond what is strictly necessary, we obtain your explicit consent

Data sharing

We do not sell, trade, or share your personal data with third parties except in the following limited circumstances:

Google and Apple — to facilitate sign-in authentication. Their privacy policies govern their handling of your data.
RevenueCat — our subscription management provider, who processes subscription status and payment information on our behalf.
Railway and Supabase — our cloud infrastructure providers, who host our servers and database in the EU. Both are GDPR-compliant processors.
Legal requirements — if required by law or to protect the rights and safety of our users.

Data retention

Account data is retained for as long as your account is active
When you request account deletion, all server-side data is permanently deleted immediately
Device-side data (conditions, scan history) is deleted when you uninstall the app
Anonymised analytics data contains no personal identifiers and may be retained indefinitely

Your rights under UK GDPR

Right to access

Request a copy of the personal data we hold about you.

Right to erasure

Delete your account and all associated data at any time from Settings.

Right to rectification

Update your display name and preferences within the app.

Right to restrict processing

Disable anonymised analytics in Settings at any time.

Right to data portability

Request your data in a portable format.

Right to object

Object to processing based on legitimate interests.

To exercise any of these rights, contact us at privacy@ingredible.co.uk. We will respond within 30 days.

For UK GDPR complaints, you may also contact the Information Commissioner's Office (ICO) at ico.org.uk.

Children's privacy

Ingredible is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the app or by email. The updated policy will always be available at ingredible.co.uk/privacy. Continued use of the app after changes constitutes acceptance of the updated policy.

Contact

If you have questions about this Privacy Policy or how we handle your data, please contact us:

Email: privacy@ingredible.co.uk
Website: ingredible.co.uk