← MacroMint

Privacy Policy

Effective date: May 19, 2026 · App: com.macromint.app

Summary: MacroMint collects health metrics, food photos, and usage data to provide personalized macro tracking. We use Firebase (Google), FatSecret, and Google Gemini AI as service providers. You have the right to access, correct, delete, and export your data at any time from within the app. We do not sell your data.

1. Who We Are

MacroMint ("we," "us," or "our") operates the MacroMint mobile application (the "App") available on iOS and Android under bundle identifier com.macromint.app. For questions about this policy, contact us at privacy@macromint.dev.

2. What Data We Collect

Account data: Email address, display name, and encrypted password (managed by Firebase Authentication).

Health and body metrics: Height, weight, age, gender, body fat percentage, lean body mass, body measurements (neck, waist, hips), activity level, and dietary goal (fat loss or muscle gain). This data is "special category" personal data under GDPR Article 9 and is processed only with your explicit consent.

Food and nutrition data: Food logs, meal entries, pantry/inventory items, barcode scans, and AI-parsed food data.

Camera and photo data: Food photos you choose to upload for AI recognition. Photos are transmitted to Google Gemini AI (via Firebase Cloud Functions) for analysis and are not stored by MacroMint beyond the duration of the analysis request.

Voice/audio data: Voice input for food logging. Audio is processed locally or transmitted for transcription and is not retained.

Device and usage data: App interactions, crash reports, and performance data collected automatically via Firebase.

Subscription and billing data: Subscription tier and AI credit balance (managed by RevenueCat and the App Store/Google Play). We do not store your payment card details.

3. How We Use Your Data

  • To calculate your personalized macro targets using Lean Body Mass (LBM) formulas (Deurenberg, US Navy).
  • To log food and provide nutritional analysis via the FatSecret food database.
  • To analyse food photos and generate recipes using Google Gemini AI.
  • To authenticate your account and maintain session security via Firebase Authentication.
  • To store your profile, food logs, and pantry data in Firebase Firestore.
  • To process in-app purchases and manage your subscription via RevenueCat.
  • To send you transactional emails (e.g., email verification, account notifications).
  • To improve app performance and diagnose bugs via Firebase Analytics and Crashlytics.

We do not use your health data for advertising. We do not sell your personal data to any third party.

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), UK, or Switzerland, our legal bases for processing are:

  • Explicit consent (GDPR Art. 6(1)(a) and Art. 9(2)(a)): processing special-category health data (body metrics, food logs) — you provide consent at registration.
  • Contract performance (Art. 6(1)(b)): processing necessary to deliver the App's core features.
  • Legitimate interests (Art. 6(1)(f)): security monitoring, fraud prevention, and app improvement.
  • Legal obligation (Art. 6(1)(c)): where required by applicable law.

You may withdraw consent at any time by deleting your account (Settings → Delete Account). Withdrawal does not affect the lawfulness of processing before withdrawal.

5. Third-Party Service Providers

We share data with the following sub-processors. Each processes data only as directed by us and under data processing agreements (DPAs) where required.

ProviderPurposeData sharedLocation
Firebase / Google CloudAuth, database, cloud functionsAccount, health, food dataUS (us-central1)
Google Gemini AIFood photo recognition, recipe generationFood photos, pantry data, macro contextGoogle infrastructure
FatSecretFood nutrition databaseFood search queriesUS
RevenueCatIn-app purchase managementSubscription tier, device IDUS
Apple / GoogleApp distribution, IAP processingPurchase recordsUS

6. International Data Transfers

Your data is stored on Firebase infrastructure in the United States (us-central1 region). If you are located in the EEA or UK, this constitutes a transfer to a third country. We rely on Standard Contractual Clauses (SCCs) and/or Google's Data Processing Addendum as the transfer mechanism.

7. AI Processing — Google Gemini

MacroMint uses Google Gemini AI (accessed via Firebase Cloud Functions) to analyse food photos and generate recipes. When you use these features:

  • Your food photos and relevant macro context are transmitted to Google's servers for processing.
  • AI-generated food estimates and recipes are approximate and may contain errors.
  • AI estimates do not account for individual food allergies or dietary restrictions.
  • MacroMint is not responsible for errors in AI-generated nutritional estimates.
  • Google may process this data subject to Google's Privacy Policy and the Firebase/Gemini API Terms of Service.

8. Data Retention

We retain your personal data for as long as your account is active. When you delete your account (Settings → App Settings → Delete Account), we delete your Firebase Authentication user and all associated Firestore documents within 30 days. Food photos submitted for AI analysis are not stored by MacroMint. Firebase and Google may retain operational logs for shorter periods per their own retention policies.

9. Your Rights

Depending on your location, you have the following rights:

  • Access: request a copy of your personal data (Settings → App Settings → Export My Data).
  • Correction: update your profile and body metrics in the app at any time.
  • Deletion (right to erasure): delete your account and all associated data (Settings → App Settings → Delete Account).
  • Portability: export your data as a PDF (Settings → App Settings → Export My Data).
  • Objection / restriction: contact us at privacy@macromint.dev to restrict processing.
  • Withdraw consent: delete your account to withdraw consent for health data processing.
  • Lodge a complaint: EU/UK users may lodge a complaint with their national data protection authority (e.g., the ICO in the UK, or the relevant EU supervisory authority).

10. Children's Privacy

MacroMint is not directed at children under 13 (or under 16 in EEA member states where a higher age applies). We do not knowingly collect personal data from children below the applicable minimum age. If we become aware that a child below the minimum age has provided personal data, we will delete it promptly. If you are a parent or guardian and believe your child has registered, contact us at privacy@macromint.dev.

11. Security

We implement industry-standard security measures including Firebase App Check to restrict unauthorized API access, encrypted authentication tokens, and HTTPS for all data transmissions. API keys and credentials are managed server-side and are not exposed in the app binary. No security measure is perfect; if you discover a security issue, please report it to privacy@macromint.dev.

12. FatSecret Attribution

Food nutrition data in MacroMint is powered by the FatSecret food database. FatSecret is a third-party data provider and we comply with FatSecret's Terms of Service, including attribution requirements.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the effective date above and, where required, by in-app notification or email. Continued use of the App after the effective date constitutes acceptance of the updated policy.

14. Contact Us

For privacy questions, rights requests, or complaints, contact us at:

privacy@macromint.dev

© 2026 MacroMint · Terms of Service · Health Disclaimer · Support