Privacy Policy

Contents

Who We Are
What Data We Collect
How We Use Your Data
Data Sharing & Third Parties
Data Storage & Security
Your Rights (GDPR)
Cookies
Children's Privacy
Changes to This Policy
Contact

1. Who We Are

Dietio ("we", "us", "our") operates the website dietio.app and provides personalized nutrition and meal planning services. By using our service, you agree to the collection and use of information as described in this policy.

For all privacy inquiries, contact us at: hello@dietio.app

2. What Data We Collect

Data you provide directly

Account data: name, email address, encrypted password
Body measurements: height, weight, target weight, BMI (entered voluntarily)
Quiz responses: age group, gender, activity level, dietary preferences, allergies, food preferences
Progress data: weekly weight entries and notes you log voluntarily

Data collected automatically

Usage data: pages visited, features used, session duration
Technical data: browser type, device type, IP address, timezone
Cookies: session cookies and preference cookies (see Section 7)

Payment data

All payment processing is handled by Stripe, Inc. We do not store credit card numbers or full payment card details. We receive only a transaction confirmation and customer identifier from Stripe.

3. How We Use Your Data

We use the data we collect for the following purposes:

To create and manage your account
To generate your personalized meal plans based on your quiz responses
To deliver weekly meal plans and shopping lists to your email
To display your progress in your personal dashboard
To process payments and manage your subscription
To send transactional emails (welcome, plan delivery, password reset)
To send marketing communications, where you have given consent
To improve our service and fix technical issues
To comply with legal obligations

We do not use your data for automated decision-making that would produce legal or similarly significant effects on you.

4. Data Sharing & Third Parties

We do not sell your personal data. We share data only with the following trusted service providers, strictly to operate our service:

Stripe, Inc. — payment processing (governed by Stripe's Privacy Policy)
Namecheap — hosting and infrastructure
Anthropic, PBC / OpenAI — AI content generation for meal plans (data is not retained for training)

All third-party providers are required to protect your data and are prohibited from using it for their own marketing purposes.

We may disclose data if required by law, court order, or to protect the rights and safety of our users or the public.

5. Data Storage & Security

Your data is securely stored. We implement appropriate technical and organizational security measures including:

HTTPS encryption for all data in transit
Bcrypt hashing for all stored passwords
HMAC-signed tokens for download links
Access controls and rate limiting
Regular security reviews

We retain your account data for as long as your account is active. If you delete your account, we remove your personal data within 30 days, except where retention is required by law.

6. Your Rights (GDPR)

If you are located in the European Economic Area, you have the following rights under the General Data Protection Regulation:

Right of access — request a copy of the personal data we hold about you
Right to rectification — correct any inaccurate data (most data can be updated directly in your profile)
Right to erasure — request deletion of your account and personal data
Right to restrict processing — request that we limit how we use your data
Right to data portability — receive your data in a structured, machine-readable format
Right to object — object to processing based on legitimate interests or for direct marketing
Right to withdraw consent — where processing is based on consent, withdraw it at any time

To exercise any of these rights, contact us at hello@dietio.app. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

7. Cookies

We use the following types of cookies:

Essential cookies: Required for the service to function (session management, login state). Cannot be disabled.
Preference cookies: Remember your settings and choices.
Analytics cookies: Help us understand how the service is used (anonymized). You can opt out.

You can manage cookie preferences through your browser settings. See our Cookie Policy for full details.

8. Children's Privacy

Our service is not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe we have inadvertently collected such data, please contact us immediately and we will delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify registered users by email and update the "Last updated" date at the top of this page. Your continued use of the service after changes constitutes acceptance of the updated policy.

10. Contact

For any questions, requests or concerns regarding this Privacy Policy or your personal data:

Email: hello@dietio.app
Or visit our Contact & Support Center