Privacy Policy
Last updated: April 2026
In plain English
- We collect your profile data (name, weight, height, age, dietary preferences) to personalise nutrition analysis.
- Meal photos are sent to our AI for analysis and are not stored on our servers.
- Your nutrition data stays on your device (encrypted local database).
- We use Google Sign-In for authentication and RevenueCat for subscription management.
- We do not sell your data. We do not use tracking pixels or behavioural analytics.
1. Data we collect
We collect the following categories of personal data:
- Profile information: name, weight, height, age, sex, country, activity level, dietary restrictions, and nutritional goals.
- Meal data: photographs of food, ingredient lists, macro estimates, and meal timestamps.
- Authentication data: Google account ID and email address (via Google Sign-In).
- Purchase data: subscription status, transaction identifiers, and platform (via RevenueCat).
2. How we use your data
We use your data solely to provide the Soma service:
- To analyse food photos and estimate nutritional content.
- To generate personalised meal plans and recommendations.
- To calculate your daily Balance Score and macro progress.
- To manage your subscription and trial status.
- To authenticate you across devices.
3. Data processors
We rely on the following sub-processors:
- Cloudflare Workers AI — processes food photographs for AI inference (transient, no storage).
- RevenueCat — manages in-app purchases and subscription state.
- Google Sign-In — provides authentication services.
4. Data retention
Meal photos are processed in real-time and are not retained on our servers. Your profile and meal history are stored locally on your device in an encrypted database (Isar). We retain authentication records for as long as your account is active. Subscription records are retained per RevenueCat's policies.
5. Your rights (GDPR)
If you are in the European Union, you have the right to:
- Access the personal data we hold about you.
- Request correction of inaccurate data.
- Request deletion of your account and associated data.
- Object to processing based on legitimate interests.
- Request a portable copy of your data.
To exercise these rights, email us at hola@somameals.com.
6. Children's policy
Soma is not intended for children under 13. We do not knowingly collect data from children under 13. If you believe we have collected data from a child under 13, please contact us immediately.
7. Changes to this policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via the app or email. The "Last updated" date at the top of this page reflects the most recent revision.
8. Contact
For privacy-related questions, contact us at hola@somameals.com.