Privacy Policy

Last updated: January 25, 2025

1. Introduction

Streak ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application Streak (the "App").

Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access the App.

2. Information We Collect

2.1 Personal Information You Provide

When you create an account or use our App, you may provide us with:

  • Account Information: Email address, name, and password when you register
  • Profile Data: Date of birth, sex, height, weight, and activity level
  • Nutrition Data: Meals logged, calorie intake, macronutrient information (protein, carbohydrates, fat)
  • Goal Information: Your fitness goals (fat loss, body recomposition, lean bulk), body state, and plan preferences
  • Photos: Food images you choose to analyze using our AI feature (processed but not permanently stored)

2.2 Information from Third-Party Services

  • Google Sign-In: If you choose to sign in with Google, we receive your name, email address, and profile picture from Google
  • Apple Health (HealthKit): With your explicit permission, we may read and write weight data to Apple Health for seamless tracking

2.3 Automatically Collected Information

  • Device Information: Device type, operating system version, unique device identifiers
  • Usage Data: Features used, interactions with the App, crash reports, and performance data
  • Analytics Data: Anonymous usage statistics to help us improve the App

3. How We Use Your Information

We use the information we collect to:

  • Create and manage your account
  • Generate personalized nutrition plans based on your goals and body metrics
  • Calculate your BMR, TDEE, and daily calorie/macro targets
  • Track your nutrition intake and progress over time
  • Provide AI-powered food analysis from photos you submit
  • Enable barcode scanning to quickly log packaged foods
  • Sync your data across your devices
  • Send you important updates about your account or the App
  • Improve and optimize the App's performance and features
  • Respond to your inquiries and provide customer support

4. Third-Party Services

We use the following third-party services to operate the App:

4.1 Supabase

We use Supabase for user authentication and secure cloud data storage. Your data is encrypted at rest and in transit. Supabase is GDPR compliant and maintains SOC 2 Type II certification.

4.2 Google Gemini AI

When you use the AI food analysis feature, your food photos are sent to Google's Gemini AI service for processing. Images are used solely for analysis and are not stored by Google for training purposes. See Google's Privacy Policy for more information.

4.3 OpenFoodFacts

Our barcode scanning feature uses the OpenFoodFacts database, an open-source food product database. No personal information is shared with OpenFoodFacts.

4.4 PostHog

We use PostHog for anonymous product analytics to understand how users interact with our App and to improve the user experience. This data is anonymized and cannot be used to identify you personally.

4.5 Apple HealthKit

With your permission, we integrate with Apple Health to read and write weight data. This data is only accessed locally on your device and synced to our servers only if you enable cloud sync. We never sell HealthKit data or use it for advertising.

5. Data Storage and Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

  • Encryption of data in transit using TLS 1.3
  • Encryption of data at rest using AES-256
  • Secure authentication protocols
  • Regular security audits and updates
  • Access controls limiting employee access to user data

Your data is stored on secure servers provided by Supabase, located in the European Union (Frankfurt, Germany), ensuring compliance with GDPR requirements.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal, tax, or regulatory purposes.

7. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate or incomplete data
  • Erasure: Request deletion of your personal data
  • Data Portability: Request a copy of your data in a machine-readable format
  • Withdraw Consent: Withdraw consent for data processing at any time
  • Object: Object to processing of your personal data
  • Restrict Processing: Request restriction of processing in certain circumstances

To exercise any of these rights, please contact us at hello@getstreak.app.

8. Children's Privacy

The App is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable data protection laws.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

← Back to Home