Privacy Policy
Last updated: June 2, 2026 · Effective date: June 2, 2026
The short version. Macro AI requires you to create an account and stores your profile, food log, recipes, body check-ins, and progress photos in your account on Supabase (our cloud infrastructure provider). Data is encrypted in transit and at rest. We do not run ads and do not sell personal information. Meal photos you choose to analyze with AI are sent to OpenAI for that single request and are not retained by us. You can delete your account and all associated data from inside the App at any time (Profile → Settings → Delete account), or contact us at info@meralte.io.
- Scope and Definitions
- Information We Collect
- How and Where Data Is Stored
- How We Use Information
- Third-Party Services
- Sensitive and Health-Related Data
- Device Permissions
- Data Retention and Deletion
- Your Rights
- Children's Privacy
- International Users
- App Store and Google Play Disclosures
- Security
- Changes to This Policy
- Contact Us
1. Scope and Definitions
This Privacy Policy describes how Meralte Labs ("we", "us", "our") collects, uses, and shares information through the Macro AI mobile application ("the App", "Macro AI") available on the Apple App Store and Google Play. It applies only to the App and not to other services operated by Meralte Labs. For the company-wide policy covering meralte.io and other products, see our Meralte Labs Privacy Policy.
2. Information We Collect
2.1 Information You Provide
During onboarding and ongoing use, you may provide:
- Profile data: first name (optional), age, biological sex, height, current weight, target weight, activity level, fitness goal.
- Body measurements: waist, hips, chest, arms, thighs (all optional).
- Health context: dietary preferences, allergies, medical conditions you choose to disclose for plan personalization (e.g. diabetes, PCOS).
- Food log: meals you record, including names, macro values, portion sizes, and timestamps.
- Photos: meal photos you capture or select for AI analysis, and progress / body-check-in photos.
- Custom recipes: recipes you create within the App, including ingredient lists.
- Workout log: exercises you complete, including sets, reps, and weights.
- Fasting timer state: start and end times of fasting windows you track.
2.2 Information Collected Automatically
Macro AI does not include third-party analytics SDKs, advertising SDKs, or device-fingerprinting tools. The App does not collect IP address, advertising identifiers, contacts, location, or browsing history.
The platforms that distribute the App (Apple App Store, Google Play) may collect usage and crash data on our behalf as described in their own privacy policies.
2.3 Purchase Information
When you purchase a subscription, your payment is processed by Apple or Google. We do not receive your full payment card details. We receive a purchase receipt (anonymous transaction identifier) from RevenueCat so we can validate your subscription and unlock premium features.
3. How and Where Data Is Stored
Your profile, food log, custom recipes, workout log, body measurements, and progress photos are stored in your account on Supabase, our cloud database and storage provider. Supabase encrypts data at rest and in transit (HTTPS / TLS for every connection). Servers are located in regions specified at the project level (currently the United States). Some non-personal app preferences (such as the active theme and language) are also cached locally on your device for performance.
The App does include limited cloud assets: pre-generated illustrations of exercises and recipes are loaded from Supabase Storage. Loading these images does not transmit any personal information about you — the App only requests the image file by name.
4. How We Use Information
We use the information you provide to:
- Calculate personalized daily macro and calorie targets.
- Recommend recipes, meals, exercises, and fitness plans that match your goal and preferences.
- Display your food log, body progress, and workout history within the App.
- Send AI requests on your behalf to identify foods in photos you capture or to translate user-provided text.
- Validate active subscriptions and unlock premium features through RevenueCat.
We do not use your information to target advertising, build behavioral profiles, or train AI models.
5. Third-Party Services
The App connects to the following third-party services. Each service receives only the minimum data required to perform its function.
| Service | Purpose | Data Sent | Provider Policy |
|---|---|---|---|
| OpenAI (GPT-4o Vision) | Analyze meal photos to estimate nutritional content | The meal photo and a text prompt for that single request | openai.com/policies/privacy-policy |
| OpenAI (GPT-4o) | Translate App content into selected language | Text strings (no personal data) | openai.com/policies/privacy-policy |
| Spoonacular | Search a third-party food and recipe database | Your text query (e.g. "grilled chicken") | spoonacular.com/food-api/terms |
| Open Food Facts | Look up packaged food by barcode | The scanned barcode number | openfoodfacts.org/terms-of-use |
| Supabase Storage | Host the App's exercise and recipe illustrations | Public image-file requests only (no personal data) | supabase.com/privacy |
| RevenueCat | Validate and manage in-app subscriptions | An anonymous app user ID and the store-issued purchase receipt | revenuecat.com/privacy |
| Apple App Store / Google Play | Distribute the App and process purchases | Whatever the relevant platform collects under its own policies | apple.com/legal/privacy · policies.google.com/privacy |
We do not sell your personal information to any third party.
6. Sensitive and Health-Related Data
Information you enter about your body, weight, food intake, exercise, and medical conditions is sensitive personal information. Macro AI treats this information as confidential. It is stored in your account on Supabase under row-level-security policies that prevent any other user from reading your data, and is not shared with third parties except in the limited cases described in Section 5 (for example, a meal photo sent to OpenAI for analysis at your request).
Macro AI is a wellness and fitness app. It is not a medical device, does not provide medical advice, and is not a substitute for consultation with a qualified healthcare professional. Macro AI does not integrate with Apple Health, Google Fit, or any electronic health record system, and does not transmit data to insurers, employers, or healthcare providers.
7. Device Permissions
The App requests the following device permissions, each for a single specific purpose:
- Camera: required to capture meal photos for AI analysis, to scan barcodes, and to take progress photos. Camera frames are processed on-device until you choose to log a meal or submit a photo for AI analysis.
- Photo library: required so you can select existing meal or progress photos from your photo library. The App only accesses photos you explicitly select.
- Notifications: used to send local reminders you opt into (meal logging, fasting timer, hydration). No notifications are sent from a remote server.
- Microphone (optional): reserved for future voice-logging features. Not currently used to record audio.
You can revoke any permission at any time in your device settings.
8. Data Retention and Deletion
You control your data and can delete it at any time:
- Individual entries: remove logged meals, photos, or custom recipes from within the App.
- Your entire account and all associated data: tap Profile → Settings → Delete account inside the App. Your authentication record, profile, food log, recipes, check-ins, photos, workouts, and favorites are removed immediately.
- Email request: if you no longer have access to the App, email info@meralte.io from the address tied to your account. We process requests within 3 business days.
- Subscription records: Apple App Store, Google Play, and RevenueCat retain anonymous transaction identifiers for tax and consumer-protection compliance (typically 7 years). These are not personal data.
Photos and queries sent to OpenAI for analysis are subject to OpenAI's own retention practices. As of the date of this policy, OpenAI states that API inputs and outputs are retained for up to 30 days for abuse-detection purposes and are not used to train OpenAI models.
9. Your Rights
Subject to your local law (including GDPR in the EEA / UK and CCPA / CPRA in California), you have rights to access, correct, delete, restrict, or object to processing of your personal information, and to receive a copy of your personal information in a portable format.
You can exercise most of these rights directly within the App (edit your profile, delete entries, delete your entire account). For any remaining rights or for assistance, contact info@meralte.io. We will respond within the timeframes required by your applicable law.
If you are in the EEA / UK and believe we have not handled your data properly, you have the right to lodge a complaint with your local data protection authority.
10. Children's Privacy
Macro AI is not directed to children under the age of 13 (or 16 where required by local law) and is intended for users aged 17+. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact info@meralte.io and we will take steps to address it.
11. International Users
Macro AI is offered globally. Your data is stored on Supabase servers in the United States, and may be processed by the third-party services listed in Section 5 in the United States and elsewhere. Where required, the relevant providers offer standard contractual clauses or other transfer mechanisms covering EEA / UK / Swiss data transfers.
12. App Store and Google Play Disclosures
We complete Apple's App Privacy questionnaire and Google Play's Data Safety form for Macro AI. The data types disclosed there mirror this Privacy Policy. None of the data collected is linked to your identity by Meralte Labs and none is used for tracking across other companies' apps or websites.
13. Security
We use industry-standard practices to protect data in transit (HTTPS / TLS for every API call) and at rest (Supabase encrypts stored data and applies row-level security so only the authenticated owner can read their own records). No method of transmission or storage is 100% secure; we cannot guarantee absolute security.
14. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be announced in-App or by updating the "Last updated" date at the top of this page. Continued use of the App after an update constitutes acceptance of the revised policy.
15. Contact Us
Meralte Labs
Email: info@meralte.io
Website: meralte.io