Privacy Policy

Last updated: May 24, 2026

This Privacy Policy explains how Habitron (operated by Hassan El Imam, "we", "us", "our") collects, uses, and protects your personal information when you use the Habitron mobile application and habitronscan.com website (collectively, the "Service").

1. Information We Collect

1.1 Account information

• Name, email address, and (optional) profile photo
• Authentication identifiers from Google or Apple Sign-In if you choose those methods
• Password (stored as a salted bcrypt hash — we never see your plaintext password)

1.2 Health & nutrition data you provide

• Age, gender, height, weight, body fat percentage, and target weight
• Activity level, dietary preferences, allergies
• Health conditions you choose to share (e.g. diabetes, hypertension, pregnancy)
• Food scans, meal logs, water intake, fasting sessions, weight history, body measurements

1.3 Device & usage information

• Device push-notification token (only if you grant notification permission)
• Timezone (used to roll over daily counters at midnight in your local time)
• Approximate timestamps of scans and app usage

1.4 Photos

When you scan food, the photo is sent to our servers and to our AI provider (OpenAI) for analysis. We do not retain raw photos longer than necessary to compute the nutrition result. Avatar photos you upload are stored as base64 data URLs in your profile.

2. How We Use Your Information

• To calculate personalized calorie and macro targets (Mifflin-St Jeor BMR + activity TDEE)
• To generate condition-specific insights and warnings
• To recommend recipes that match your goals and restrictions
• To send push notifications (only if enabled) such as meal reminders and hydration nudges
• To process subscription payments via Apple App Store
• To respond to support requests

3. Third-Party Services

We share limited data with the following providers to make the Service work:

• OpenAI — food photos and text descriptions are sent for AI analysis. OpenAI's API privacy policy applies to that data.
• Apple Push Notification Service & Apple App Store — for push notifications and in-app purchases.
• Expo — push-notification delivery infrastructure.
• Google — only if you choose Sign in with Google (Google receives the OAuth identity request).
• OpenFoodFacts — public food-database lookups when you scan a barcode. We send only the barcode value.

We do not sell your personal information.

4. Data Storage

Personal data is stored on our MySQL database hosted in the European Union (Frankfurt, Germany). Connections are encrypted in transit (HTTPS). Passwords are hashed with bcrypt (cost factor 12).

5. Your Rights

You can, at any time and free of charge:

• Access — view all of your profile and meal data inside the app
• Edit — update or correct any field via the Profile screen
• Export — request a copy of your data by contacting us
• Delete — permanently delete your account from inside the app (Profile → Account → Delete account). This cascades to every meal, photo, weight log, and conversation.

For users in the EU, you also have the right to lodge a complaint with your local data protection authority.

6. Children's Privacy

Habitron is not intended for children under 13. We do not knowingly collect data from anyone under 13. If you believe a child has provided us with personal information, contact us and we will delete it.

7. Health-Information Disclaimer

Habitron is a wellness tool, not a medical device. The nutrition estimates and insights are for informational purposes only and are not medical advice. Always consult a qualified healthcare professional for medical decisions, especially if you have a health condition such as diabetes, hypertension, or are pregnant.

8. Subscription Auto-Renewal

The Habitron Premium subscription auto-renews monthly through Apple at the price displayed in the paywall. You can cancel at any time in your Apple ID settings. Apple's subscription terms apply.

9. Changes to This Policy

We may update this policy as the Service evolves. Material changes will be communicated via the app or email. The "Last updated" date at the top reflects the most recent revision.

10. Contact

Privacy questions? Email us at halemam226@gmail.com or use the contact form.

Habitron is operated by Hassan El Imam · Dubai, JLT, JBC1, Office 708, United Arab Emirates.