AllergyLens Data Processing Statement

This Data Processing Statement describes the categories of personal data AllergyLens processes, the purposes and legal bases of processing, and the safeguards we apply. It complements the AllergyLens Privacy Policy.

1. Roles & Definitions

AllergyLens acts as the data controller for personal data you provide directly (allergen profiles, optional contact info) and as a data processor on behalf of you for photos submitted for analysis. Sub-processors act on our behalf under written contracts.

2. Categories of Data Processed

  • Profile data: name, age range, allergen list, severity, optional emergency contact and hospital;
  • Photos: ingredient labels or product images you submit for detection;
  • Detection records: timestamps, identified ingredients, matched allergens;
  • Account & subscription metadata: pseudonymous user ID, App Store entitlement state;
  • Diagnostics: anonymized crash logs and aggregated usage events.

3. Purposes of Processing

  • Deliver the allergen detection feature you request;
  • Personalize results based on your stored allergen profile;
  • Operate, secure, and improve the Service;
  • Manage paid subscriptions and entitlements;
  • Comply with legal, tax, and accounting obligations.
  • Performance of a contract — to deliver the Service you requested;
  • Consent — for processing of sensitive health-related data (allergens, severity);
  • Legitimate interests — for security monitoring, fraud prevention, and product improvement;
  • Legal obligation — for tax records and lawful requests.

5. Sub-processors

We engage carefully selected sub-processors to support specific functions. Each sub-processor signs a data-processing agreement with confidentiality and security obligations no less protective than this statement. Categories include:

  • Cloud infrastructure (compute, object storage);
  • Image analysis pipelines;
  • Crash and performance monitoring;
  • Customer support tooling;
  • Apple — for receipt validation and entitlement delivery.

6. Security Measures

  • Encryption in transit using TLS and at rest using industry-standard ciphers;
  • Principle-of-least-privilege access controls and audit logs;
  • Pseudonymization of user identifiers in analytics pipelines;
  • Regular vulnerability scanning and dependency updates;
  • Incident response procedures for data breach notifications.

7. Retention Periods

  • Photos uploaded for analysis: up to 30 days, then automatically deleted;
  • Detection records: stored on device until you delete them;
  • Profile data: stored on device and synced via iCloud at your option;
  • Server logs: 90 days;
  • Subscription / payment records: as required by applicable tax law.

8. Cross-border Transfers

Where data is transferred across borders, we rely on Standard Contractual Clauses, adequacy decisions, or other mechanisms recognized by the user's local data protection law.

9. Your Data Rights

You may exercise data subject rights (access, rectification, erasure, portability, objection, restriction) by contacting us. We respond within the timeframe required by applicable law (typically within 30 days).

[email protected]