AllergyLens Privacy Policy

Last updated: 2026-02-01 · Effective: 2026-02-01

This Privacy Policy explains how AllergyLens ("we", "us") collects, uses, and shares information when you use the AllergyLens app and related services (the "Service"). We aim to keep data collection minimal and meaningful.

1. Information We Collect

We collect the following categories of information:

  • Allergen profile (e.g., name, age range, allergens, severity, optional emergency contact and hospital info)—provided by you;
  • Photos you submit for analysis—uploaded to our processing service only when needed for cloud-side analysis;
  • Detection records (timestamp, identified ingredients, matched allergens) saved on your device, optionally backed up via iCloud;
  • Subscription and entitlement status—from Apple App Store receipts;
  • Diagnostic and crash logs—aggregated, no personal photos.

2. How We Use Information

  • Provide and improve the allergen detection service;
  • Personalize the app experience based on your profile (e.g., highlight your allergens in results);
  • Process subscriptions and entitlements;
  • Diagnose technical issues and improve product reliability;
  • Comply with legal obligations.

3. Photo Handling

Photos are uploaded only when cloud-side analysis is required. Once analysis completes, the source image is deleted from our servers within 30 days. We do not use your photos to train AI models without your explicit, separate opt-in.

4. Data Sharing

We do not sell your personal information. We share data only with:

  • Sub-processors who provide infrastructure (cloud hosting, object storage, error monitoring) under written confidentiality and data-protection obligations;
  • Apple, for receipt validation and subscription management;
  • Authorities, when required by law, court order, or to protect the safety of users.

5. Data Retention

Allergen profiles and detection records remain on your device until you delete them. Server-side analysis artifacts are retained for up to 30 days for debugging and abuse prevention. Subscription transaction records are retained as long as required by tax and accounting laws.

6. Your Rights

Subject to applicable law (including GDPR and CCPA where relevant), you have the right to:

  • Access the personal data we hold about you;
  • Correct inaccurate data through the app or by contacting support;
  • Delete your account and associated data;
  • Export a portable copy of your data;
  • Object to or restrict certain processing.

To exercise these rights, contact us at the email below.

7. Children's Privacy

AllergyLens is not directed to children under 13 (or the equivalent minimum age in your jurisdiction). If we learn that we have collected personal data from a child without verified parental consent, we will delete it promptly.

8. International Data Transfers

Your data may be processed in countries other than the one where you reside. When we transfer data internationally, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms recognized by your local law.

9. Security

We use industry-standard encryption in transit (HTTPS/TLS) and at rest, scoped access controls, and routine vulnerability monitoring. No system is perfectly secure—if you discover a vulnerability, please contact us responsibly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The "Effective date" at the top reflects the most recent revision. Material changes will be highlighted in-app.

[email protected]