The privacy of your data is a big deal to us. It’s your data, not ours!
In this policy, we explain what data we collect and why, how your data is handled, and your rights to your data.
Our guiding principle is to collect only what we need. Here’s what that means in practice:
We don’t use any third-party analytics tools. We don’t use cookies, we don’t generate any persistent identifiers and we don’t collect or store any personal or identifiable data. We do not track you across your devices and all the data is anonymised and isolated to a single visit.
We measure only the most essential data points and nothing else. The goal is to measure overall trends in our Web App traffic and spot performance issues. It is not to track individual visitors.
Here is the complete list of what we collect and store:
We use this to know which pages have been viewed and for how long to better understand our Web App traffic and fix potential bugs.
If you’re on a site that allow header referrer and you click on a link to our Web App, the “HTTP referer” will the address of this site.
We use this to know the number of visitors referred to our Web App from links on other sites.
When your browser sends an HTTPS request, the browser and operating system version are included in the request header.
We use this to find and fix bugs related to specific browser and operating system versions.
We use this to find and fix bugs related to the display window width. For example, if we see that lot of visitors with small window leave the page only after few seconds, it may indicate that we have a display bug on small devices.
We store the country of the HTTPS request using the IP address and then we discard the IP address. We don’t store the IP address and we do not store anything more granular than the country.
We use this to know which countries generate the most traffic in order to improve your experience by adding new languages and deploying new servers in these countries for better performances.
We use this to count unique visitors in a single day without cookies.
Cookies are persistent identifier saved in your device. They are used to identify unique visitor and track their activities on the web. To stay respectful of your privacy we do not save cookies or any persistent identifier in your device. Also, we don’t save visitor IP address. To be able to count unique visitor, we generate a daily changing identifier using the visitor’s IP address and browser version. To anonymize these data, we make it random (technically, we run it through a hash function with a rotating salt that changes every day).
And that’s it! No tracking, no third-party data sharing, no cookies, no persistent identifier, no IP address storing. These are the reasons why you didn’t see a cookie banner in our Web App.
We collect data described in the above Visitor section.
Additionally, if you decide to create an account in our Web App, we invite you to provide the following data:
If you choose to register with Google or Facebook, we will store your first name and email address provided by Google or Facebook.
After creating an account and as part of your normal use of the Web App you can provide:
If you subscribe to a premium account, we will also collect the following data:
You are free to decide whether or not to consent to the processing of this data when you create your account. In the event of refusal, you will not be able to create an account and benefit from all the services offered through the Web App.
The processing of your personal data allows us to compute your personalized calorie intake, nutritional reports, default recommended dietary allowances and upper limits for essential nutrients.
We don’t process your personal data for purposes other than these and we don’t sell or share this data with any third-party.
Your personal data is kept for the duration of your user account and will be deleted when your account is deleted.
To delete your personal data, connect to your account, go in “settings” and click “delete my account”.
Your personal data is stored in our servers located in the European Union.
We take the security of your personal data very seriously.
First, our Web App is only available via HTTPS meaning that data communicating between your browser and our servers is encrypted with the TLS/SSL protocol.
Then, your data is stored in our server. We’ve put in place security procedures to secure and protect our servers.
Finally, your personal identifiers stored in our database like your email and your username are encrypted and your password is hashed with SHA-512 using a random pepper and salt to increase security even further against brute force attacks. This means that even if an attacker hack and gain access to our server, it will be very difficult to link the data to your identity.
You have the following rights about your personal data:
We reserve the right to make any changes to this Privacy Policy at any time. In which case we will publish the new version on the Web App.
We will inform you of the change by e-mail, to the extent possible, and if you do not agree with the new Privacy Policy, you have the possibility to request the deletion of your personal data.