Skip to content
PlateStack

Legal

Privacy Policy

Effective: · Last updated:

PlateStack ("the App", "we", "our", or "us") is a fitness and nutrition tracking application developed by StackForge Studios. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use PlateStack on iOS or Android.

Please read this policy carefully. By using PlateStack, you agree to the collection and use of information in accordance with this policy. The short version: your data is yours, we don't sell it, and we don't track you across other apps.

1. Information we collect

1.1 Information you provide directly

  • Account information: email address and display name when you register.
  • Health and fitness data: calorie intake, macronutrients (protein, carbs, fat), food logs, workout logs (exercises, sets, reps, weight), body weight, body measurements, body fat %, and personal record history.
  • Profile data: age, height, weight, fitness goals, dietary preferences.
  • Food photos: images you capture for AI food analysis. These are processed in real time by a vision model and not permanently stored on our servers; only the resulting log entry (calories, macros, food name) is saved.

1.2 Information collected automatically

  • Usage data: features used, screens viewed, session duration, in-app events.
  • Device information: device type, operating system version, anonymous device identifier.
  • Crash and performance data: anonymous crash logs and performance metrics to improve stability.

1.3 Information we do NOT collect

  • Location: PlateStack does not request or store your GPS location.
  • Contacts: we don't access your address book.
  • Biometrics: Face ID, Touch ID, and fingerprint data never leave your device. PlateStack uses your operating system's biometric API; we never see the underlying data.
  • Financial information: payment processing is handled entirely by Apple (App Store) or Google (Play Store) and RevenueCat. We never receive or store your credit card or banking details.

2. How we use your information

  • Provide the service: store your nutrition and workout logs, calculate progress, and display personalized dashboards.
  • AI features: send food photos and query text to OpenAI (GPT-4.1) and Anthropic (Claude) APIs to generate nutrition estimates, coaching responses, and meal plans. See Section 5.
  • Gamification: calculate XP, levels, streaks, achievements, and quest progress.
  • Push notifications: send streak reminders, quest alerts, and milestone notifications (only if you grant permission).
  • Subscriptions: verify and manage your subscription status through RevenueCat.
  • Improve the app: analyze anonymous usage patterns to fix bugs and build new features.
  • Legal compliance: fulfill legal obligations, resolve disputes, and enforce our Terms of Service.

3. Data storage and security

  • Primary storage: your account data, food logs, and workout logs are stored in Supabase (PostgreSQL) hosted on AWS infrastructure in the United States.
  • Local storage: an encrypted cache of your session and recent data is stored on-device using Expo SecureStore.
  • Encryption: data in transit is encrypted via TLS 1.3. Data at rest is encrypted using AES-256.
  • Access controls: your data is protected by row-level security (RLS) policies — only your account can read or write your records.
  • Retention: your data is retained for as long as your account is active. If you delete your account, all your data is permanently deleted within 30 days. See /delete-account.

4. Tracking

PlateStack does not use any data to track you across other apps or websites. We don't sell your data. We don't share it with advertising networks. There is no advertising SDK in the app.

5. Third-party processors

We work with the following processors strictly to provide the service:

  • Supabase: primary database, authentication, edge functions.
  • AWS: hosting infrastructure under Supabase.
  • OpenAI: food photo and voice transcription via the GPT-4.1 vision API.
  • Anthropic: AI Coach chat and meal plan generation via the Claude API.
  • RevenueCat: subscription management for App Store / Play Store payments.
  • Apple App Store / Google Play: distribution and payment processing.
  • Expo (push notifications): delivery of push notifications, only if enabled.

Each processor handles your data per their own terms; we minimize what is sent to each. AI model providers do not train on your data per their commercial agreements with us.

6. Your rights

  • Access: view your data inside the app at any time.
  • Correction: edit profile, logs, and settings inside the app.
  • Export: request a data export by emailing [email protected].
  • Deletion: see /delete-account for account-deletion options. Full purge within 30 days.

7. Children's privacy

PlateStack is intended for users 13 years of age and older. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with information, contact [email protected] and we will delete it.

8. Health disclaimer

PlateStack is a fitness and nutrition tracker. It is not a medical device, not medical advice, and not a substitute for professional medical care. Calorie estimates from AI food scanning are best-effort and may be inaccurate; always review entries before logging. Consult a qualified professional before starting any fitness or nutrition program.

9. International users

PlateStack is hosted in the United States. If you use PlateStack from outside the US, your data will be transferred to and processed in the US. By using the app, you consent to this transfer.

10. Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top reflects the most recent revision. Significant changes will be communicated in-app.

11. Contact

Questions about this policy? Email [email protected].

StackForge Studios
United States