Privacy Policy

Last updated: June 1, 2026

MyProtocol (“the App”) is a nutrition coaching app that uses AI to analyze your meals and help you follow a personalized nutrition protocol. This policy explains what data we collect, how we use it, and your choices.

Summary

  • Your data is primarily stored on your device: with optional cloud sync for multi-device access
  • Meal photos are sent to AI for analysis: when you request feedback, photos go to our server and then to AI providers (Google Gemini, with Anthropic and OpenAI as fallbacks)
  • Minimal analytics: we use Firebase for anonymous screen-view tracking only (no personal data)
  • Health Connect and Apple Health are optional: if connected, we use read-only activity and weight data to keep calorie targets, activity tiers, and weight trends accurate
  • You can delete your data anytime: in-app or by clearing app data

Data We Collect

Information You Provide

Profile Information: Name, age, height, weight, biological sex, activity level, fitness goals, dietary restrictions, allergies, medical conditions relevant to nutrition (e.g., diabetes, GLP-1 medications), and food preferences.

Meal Data:Photos of your meals, descriptions and notes, meal type and timing, and whether a meal is marked as a “treat.”

Nutrition Protocol: Personalized macro targets, meal timing preferences, supplement recommendations, and foods to emphasize or avoid.

Conversations: Messages exchanged with the AI coaching system, including clarifying questions and protocol adjustment requests.

Health Data: If you connect Health Connect on Android or Apple Health on iOS, MyProtocol may read active calories or active energy, total calories burned, steps, and body weight. This access is optional and read-only.

Automatically Generated Data

Device Identifier:A random ID generated on first use. It is not linked to your phone's IMEI or any identifying information.

Progress Data: Daily nutrition grades, streak information, and weekly patterns.

How We Use Your Data

On-Device Processing

Most features work entirely on your device: storing your profile, tracking meals, viewing history and progress, and managing your pantry and shopping list.

Server Communication

When you request AI feedback on a meal, we send the meal photo (compressed), your description, your nutrition protocol and goals, and recent meal context. Our server processes this and forwards it to an AI provider for analysis.

AI Providers

We use the following AI services to analyze your meals:

  • Google (Gemini): Primary provider
  • Anthropic (Claude): Fallback provider
  • OpenAI (GPT): Fallback provider

Each provider has their own data retention policies (typically 30–90 days). See their respective privacy policies for details.

Barcode Lookups

When you scan a barcode, we query Open Food Facts (openfoodfacts.org), a free, open-source food database. Only the barcode number is sent; no personal data.

Health Connect and Apple Health

If you choose to connect Health Connect or Apple Health, MyProtocol reads selected health and fitness data to support visible nutrition features in the app.

  • Active calories / active energyhelps estimate movement and workout energy, classify the day's activity level, and adjust the day's calorie target.
  • Total calories burned is used on Android when a wearable reports active calories inconsistently. MyProtocol subtracts estimated resting burn from total calories burned to derive movement energy for daily targets.
  • Steps are shown in the health sync preview and used as activity context.
  • Weight / body mass keeps your weight trend chart current and helps recalculate targets as your body weight changes.

Health Connect and Apple Health access is read-only. MyProtocol does not write data back to those services, does not use this data for advertising, does not sell it, and does not send it to analytics providers.

Data Storage

Local Storage (Your Device)

Your data is stored locally on your device: profile and preferences (encrypted by the operating system), meal history and photos, nutrition protocols, reports, and conversation history. Photos are stored in the app's private storage area, inaccessible to other apps.

Cloud Sync (Optional)

If you sign in with Apple or Google, your data is synced to our server (hosted on Supabase) for multi-device access. Data is encrypted in transit (HTTPS) and at rest. You can delete your cloud data at any time from the app. If you connect Health Connect or Apple Health, derived daily activity rows and imported weight entries may sync with your account so your targets and progress stay consistent across devices.

Server Storage

For signed-in users, we store synced profile, meal entries, and journey data, plus basic telemetry (request counts, response times, error rates) and token usage for cost monitoring. We do not permanently store meal photos or AI conversation content on our servers.

Analytics

We use Firebase Analytics for anonymous screen-view tracking to understand which features are used. No personal information, meal content, Health Connect data, Apple Health data, or other specific health data is included in analytics events.

Data Sharing

We share data with:

  • AI Providers (Google, Anthropic, OpenAI): meal photos, descriptions, and profile context for nutrition analysis
  • Open Food Facts: barcode numbers for food database lookup
  • Supabase: account, profile, meals, synced activity rows, weight entries, and progress data when cloud sync is enabled

We do not sell your data or share it with advertisers.

Permissions

  • Camera: Taking meal photos and scanning barcodes
  • Microphone: Recording voice notes for meal entry
  • Internet: Communicating with our server for AI analysis
  • Notifications: Sending meal reminders and daily summaries
  • Health Connect / Apple Health: Optional read-only import of active calories, total calories burned, steps, and weight to improve daily calorie targets, activity classification, and weight trends

All permissions are optional. The app works offline for logging meals; AI analysis requires internet.

Your Rights and Choices

  • View your data: all your data is visible in the app
  • Delete individual items: remove specific meals, photos, or reports
  • Delete all data: use Settings → My Data → Delete Account in the app, or uninstall to clear local data
  • Revoke health access: on Android, use Health Connect settings to revoke MyProtocol's permissions; on iOS, use Apple Health settings. Revoking access stops future reads but does not automatically delete activity or weight entries already imported.
  • Opt out of AI analysis: log meals without sending them for feedback
  • Use offline: the app works entirely without internet

Data Security

All network communication uses HTTPS encryption. The local database and preferences are stored in your operating system's encrypted storage (Android Keystore / iOS Data Protection). Photos are stored in app-private storage. Device ID is a random UUID, not a device fingerprint.

Children's Privacy

MyProtocol is not intended for children under 13. We do not knowingly collect data from children.

Changes to This Policy

We may update this policy occasionally. Significant changes will be noted with a new “Last Updated” date.

Contact

For questions about this privacy policy or your data: support@theprotocol.cc