Privacy Policy

Last updated: January 26, 2025

1. Introduction

Streak ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application Streak (the "App").

Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access the App.

2. Information We Collect

2.1 Personal Information You Provide

When you create an account or use our App, you may provide us with:

  • Account Information: Email address, name, and password when you register
  • Profile Data: Date of birth, sex, height, weight, and activity level
  • Nutrition Data: Meals logged, calorie intake, macronutrient information (protein, carbohydrates, fat)
  • Goal Information: Your fitness goals (fat loss, body recomposition, lean bulk), body state, and plan preferences
  • Photos: Food images you choose to analyze using our AI feature (processed but not permanently stored)

2.2 Information from Third-Party Services

  • Google Sign-In: If you choose to sign in with Google, we receive your name, email address, and profile picture from Google
  • Apple Health (HealthKit): With your explicit permission, we may read and write weight data to Apple Health for seamless tracking

2.3 Health and Fitness Data

With your consent, we collect health and fitness-related data to provide our core services:

  • Health Data: Body weight measurements (from manual entry or Apple Health integration)
  • Fitness Data: Training schedule, workout days, activity level, and exercise frequency
  • Nutrition Data: Daily calorie intake, macronutrient consumption (protein, carbohydrates, fat), meal logs, and food items
  • Body Measurements: Height, weight, and derived metrics (BMI, BMR, TDEE)

This data is essential for generating personalized nutrition plans and tracking your progress. We treat all health and fitness data with the highest level of privacy protection.

2.4 Automatically Collected Information

  • Device Information: Device type, operating system version, device model, and screen resolution
  • App Performance Data: Crash reports, error logs, and performance metrics to improve app stability

2.5 Analytics Data

To improve our App and understand how users interact with our features, we collect anonymous analytics data including:

  • Feature Usage: Which screens you visit, features you use, and buttons you interact with
  • Session Data: App open/close times, session duration, and frequency of use
  • Onboarding Progress: Steps completed during account setup (to improve the user experience)
  • User Journeys: Navigation patterns and feature discovery flows
  • Aggregated Statistics: Non-identifiable trends such as popular features and common workflows

Analytics data is collected in a privacy-preserving manner. We do not use this data for advertising, and it cannot be used to personally identify you. You can opt out of analytics collection in the App settings.

3. How We Use Your Information

We use the information we collect to:

  • Create and manage your account
  • Generate personalized nutrition plans based on your goals and body metrics
  • Calculate your BMR, TDEE, and daily calorie/macro targets
  • Track your nutrition intake and progress over time
  • Provide AI-powered food analysis from photos you submit
  • Enable barcode scanning to quickly log packaged foods
  • Sync your data across your devices
  • Send you important updates about your account or the App
  • Improve and optimize the App's performance and features
  • Respond to your inquiries and provide customer support

4. Third-Party Services

We use trusted third-party service providers to operate the App. These providers are contractually obligated to protect your data and use it only for the purposes we specify:

4.1 Authentication & Cloud Storage

We use secure cloud infrastructure for user authentication and data storage. Your data is encrypted at rest using AES-256 encryption and in transit using TLS 1.3. Our infrastructure providers are GDPR compliant and maintain industry-standard security certifications.

4.2 AI Food Analysis

When you use the AI food analysis feature, your food photos are sent to a secure AI service for processing. Images are used solely for nutritional analysis and are not stored permanently or used for AI model training. Photos are processed in real-time and discarded after analysis.

4.3 Food Database

Our barcode scanning feature uses an open-source food product database to retrieve nutritional information. No personal information is shared when looking up food products — only the barcode number is transmitted.

4.4 Analytics

We use privacy-focused analytics to understand how users interact with our App and to improve the user experience. Analytics data is anonymized and cannot be used to personally identify you. We do not sell analytics data or use it for advertising purposes.

4.5 Apple HealthKit

With your explicit permission, we integrate with Apple Health to read and write weight data. This integration is governed by Apple's HealthKit guidelines and our strict privacy commitments:

  • Data Types Accessed: We only access weight (body mass) data from HealthKit
  • Purpose: To provide seamless weight tracking and progress monitoring within your nutrition plan
  • No Advertising: HealthKit data is never used for advertising or marketing purposes
  • No Sale of Data: We never sell, license, or share HealthKit data with third parties for any purpose, including advertising or data brokering
  • No Third-Party Disclosure: HealthKit data is not disclosed to third parties except as necessary to provide the core functionality of the App, and only with your explicit consent
  • Local Processing: HealthKit data is processed locally on your device whenever possible
  • Secure Sync: If you enable cloud sync, HealthKit data is encrypted end-to-end during transmission and storage

You can revoke HealthKit access at any time through your device's Settings > Privacy > Health > Streak.

5. Data Storage and Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

  • Encryption of data in transit using TLS 1.3
  • Encryption of data at rest using AES-256
  • Secure authentication protocols
  • Regular security audits and updates
  • Access controls limiting employee access to user data

Your data is stored on secure servers provided by Supabase, located in the European Union (Frankfurt, Germany), ensuring compliance with GDPR requirements.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal, tax, or regulatory purposes.

7. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate or incomplete data
  • Erasure: Request deletion of your personal data
  • Data Portability: Request a copy of your data in a machine-readable format
  • Withdraw Consent: Withdraw consent for data processing at any time
  • Object: Object to processing of your personal data
  • Restrict Processing: Request restriction of processing in certain circumstances

To exercise any of these rights, please contact us at hello@getstreak.app.

8. Children's Privacy

The App is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable data protection laws.

10. Apple App Store Privacy

10.1 App Privacy Labels

In accordance with Apple's App Store requirements, we provide transparent information about our data practices through App Privacy Labels (also known as "Nutrition Labels"). These labels are displayed on our App Store listing and summarize:

Data Used to Track You:

  • None — We do not track you across apps or websites owned by other companies

Data Linked to You:

  • Contact Info: Email address (for account creation and communication)
  • Health & Fitness: Weight data, nutrition intake, calorie and macro tracking
  • User Content: Food photos (processed for AI analysis, not stored)
  • Identifiers: User ID (for account management)

Data Not Linked to You:

  • Usage Data: Feature interactions, navigation patterns, session data
  • Diagnostics: Crash logs, performance data

10.2 App Tracking Transparency

Streak respects your privacy and does not engage in cross-app or cross-website tracking for advertising purposes. We do not:

  • Display targeted advertisements based on data collected from other apps or websites
  • Share your data with data brokers
  • Use device advertising identifiers (IDFA) for tracking purposes
  • Combine your data with third-party data for advertising

Our analytics are configured to be privacy-focused and do not constitute "tracking" as defined by Apple's App Tracking Transparency framework, as they are used solely for first-party analytics to improve our App.

10.3 Required Reasons APIs

In compliance with Apple's privacy manifest requirements, we use certain APIs that require disclosed reasons:

  • User Defaults: Used to store user preferences and app settings locally on your device
  • File Timestamp: Used to manage cached data and determine file modification dates for sync purposes
  • System Boot Time: Used for analytics session management only

These APIs are used solely for their stated purposes and not for fingerprinting or tracking users.

11. Account Deletion

In accordance with Apple's App Store requirements and data protection regulations, you have the right to delete your account and all associated data. You can request account deletion in two ways:

  • In-App: Navigate to Profile > Settings > Delete Account. This will immediately initiate the deletion process.
  • Email Request: Contact us at hello@getstreak.app with the subject line "Account Deletion Request"

When you delete your account:

  • Your account and profile information will be permanently deleted
  • All nutrition plans, meal logs, and progress data will be removed
  • Any data synced to our servers will be deleted within 30 days
  • Data stored locally on your device will be removed immediately
  • We may retain anonymized, aggregated data that cannot be linked back to you
  • We may retain certain data where required by law or for legitimate business purposes (e.g., transaction records for tax purposes)

Please note that account deletion is irreversible. If you use Sign in with Apple, you should also revoke access in your Apple ID settings at Settings > [Your Name] > Password & Security > Apps Using Apple ID.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

← Back to Home