Privacy Policy

Last updated: April 21, 2026

Introduction

FoodClue (“we,” “us,” or “our”) prioritizes your privacy while using foodclue.app and related services (the “Service”). This policy explains how we collect, use, and protect your information. By using the Service, you accept this policy. Review our Terms of Service for additional terms.

Information We Collect

Personal Information

We collect personal information when you:

  • Create an account (email address, password)
  • Complete the onboarding quiz (symptom profile, suspected triggers, eating habits)
  • Subscribe to a paid plan (payment information via third-party processor)
  • Contact us for support

Health & Wellness Data

As a food-symptom tracking tool, FoodClue collects:

  • Meal photos (processed for ingredient analysis, not stored after processing)
  • Meal records (food names, ingredients, timestamps, meal slots)
  • Symptom check-in data (gut, energy, mood, skin scores; context tags)
  • AI-generated trigger correlation analysis results
  • Water intake logs
  • Diet balance and meal recommendation preferences

Non-Personal Information

We may collect browser type, device information, and usage patterns through standard web analytics. Non-personal data cannot identify you individually.

How We Use Your Information

We use your information to:

  • Provide AI-powered food-symptom correlation analysis
  • Generate personalized trigger reports and safe meal recommendations
  • Process and bill subscriptions
  • Send symptom check-in reminders (if enabled)
  • Improve the accuracy of our AI analysis algorithms
  • Provide customer support
  • Comply with legal requirements

We may de-identify and aggregate data for research and product improvement. Aggregated data cannot be used to identify individual users.

AI Processing & Third-Party APIs

FoodClue uses third-party AI providers to analyze your meal photos:

  • Anthropic (Claude AI) — meal photo ingredient analysis using Claude Haiku and Sonnet Vision models

Meal photos are sent to Anthropic's API for ingredient identification only. Anthropic does not use your data for model training. Photos are processed in real-time and are not stored by us or Anthropic after analysis is complete.

Cookies and Related Technologies

FoodClue uses cookies for:

  • Authentication — httpOnly secure cookies to maintain your login session (JWT token, 7-day expiry)
  • Preferences — localStorage for UI preferences (e.g., photo tip display count)

We do not use third-party tracking cookies or advertising pixels. You can clear cookies through your browser settings, though this will require re-authentication.

Information Sharing

We do not sell, exchange, or publish your personal or health data to third parties, except:

  • AI processing providers — as described above (Anthropic), solely for ingredient analysis
  • Payment processors — to process subscription payments
  • Law enforcement — when legally compelled (court orders, subpoenas)
  • Corporate transactions — in the event of a merger, acquisition, or asset sale

We will never sell your health data to advertisers, insurers, employers, or any other third party.

Data Security

We implement industry-standard security measures:

  • Passwords hashed with bcrypt (cost factor 10)
  • JWT authentication with httpOnly, Secure, SameSite cookies
  • All API inputs validated with Zod schema validation
  • Security headers: HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy
  • Parameterized SQL queries (SQL injection prevention)
  • HTTPS encryption in transit
  • Environment variable validation (no hardcoded secrets)

While we take reasonable precautions, no Internet transmission method is 100% secure. We cannot guarantee absolute security against unauthorized access.

Data Access and Deletion

You may access, export, and delete your data at any time:

  • Export — Download all your meals and symptoms as a CSV file from Settings
  • Delete data — Permanently remove all meals, symptoms, and analysis data from Settings
  • Delete account — Request full account deletion by contacting support

Upon deletion, we remove your personal and health data within 30 days, subject to legal retention requirements.

Children's Privacy

FoodClue is designed for adults managing dietary health conditions. The Service is not directed at children under 16. We do not intentionally collect personal information from children under 16. If you believe such information has been collected, contact us immediately.

Medical Disclaimer

FoodClue is a wellness tool for tracking food and symptoms. It does not provide medical diagnosis, treatment, or advice. Patterns shown are observational correlations, not medical conclusions. Always consult a healthcare professional before making dietary changes based on FoodClue data.

Policy Changes

We reserve the right to modify this Privacy Policy at any time. Material changes will be communicated via email or prominent in-app notice. Continued use of the Service after changes constitutes acceptance of the updated policy.

Contact Us

For questions about this Privacy Policy, contact:

Email: support@foodclue.app

© 2026 FoodClue. All rights reserved.