Privacy Policy

Welcome to Fyll ("we," "our," or "us"). Fyll is operated by MPTEE UNIGROUP DISTRIBUTION LLC, a New York limited liability company. Fyll is an AI-powered nutrition tracking app designed to help busy women understand how food affects their energy, mood, and wellbeing.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the "App"). Please read this policy carefully. If you do not agree with the terms of this privacy policy, please do not access the App.

We are committed to protecting your privacy. Your health data belongs to you, and we've built Fyll with privacy as a core principle.

2.1 Information You Provide Directly

Account Information

When you create an account, we collect:

• Email address (used for authentication and account recovery)
• First name (for personalized experience)
• Password (stored as a secure bcrypt hash - we never see your actual password)

Profile & Health Information

To provide personalized nutrition insights, you may optionally provide:

• Biometric data: Age, weight (kg), height (cm), biological sex
• Health goals: Your primary wellness objective
• Activity level: How active you are
• Dietary information: Dietary restrictions and allergies
• Women's health data: Menstrual cycle length and last period date
• Nutrition targets: Calorie, protein, carb, and fat goals

Meal & Food Data

When you log meals, we collect:

• Meal photos (if you choose to take/upload them)
• Meal descriptions (if you describe meals via text)
• Meal type and timing
• Nutrition analysis results
• Ingredient information as analyzed by our AI

Beverage Data

When you log beverages, we collect:

• Beverage type (coffee, tea, water, soda, alcohol, other)
• Volume consumed
• Add-ins and customizations
• Caffeine and alcohol content (calculated automatically)

Reflections & Wellbeing Data

You may optionally log:

• Emoji reactions to meals
• Energy levels (1-10 scale)
• Mood ratings
• Notes about how you feel

Communications

When you interact with our AI assistant ("Phine"), we store:

• Your questions and messages
• AI responses provided
• Conversation timestamps

Subscription & Payment Information

If you subscribe to Fyll Premium:

• Subscription status: Whether you have an active Premium subscription
• Subscription tier: Monthly or Annual plan
• Subscription start/end dates: To manage your access to Premium features
• App store transaction identifiers: To verify your purchase

2.2 Information Collected Automatically

Device & Usage Information

We may automatically collect:

• Device type and operating system
• App version
• Anonymous usage patterns (which features you use, not content)
• Crash reports (technical errors, not personal data)

Analytics Data (Optional)

If analytics are enabled, we collect:

• App events (meal logged, feature used - NO meal content, NO photos, NO nutrition data)
• Error events (to improve app stability)
• Performance metrics

Note: Analytics are disabled by default and only enabled if we configure them. We explicitly do NOT track PII, meal photos, or nutrition data in analytics.

3.1 Provide Core Services

• Analyze meal photos using AI to provide nutrition estimates
• Track your nutrition against your personal goals
• Identify patterns between food and energy/mood
• Provide personalized coaching tips based on your data
• Support your health goals through insights and recommendations

3.2 Improve the App

• Debug and fix issues using anonymized crash reports
• Understand feature usage to improve the experience
• Develop new features based on aggregate usage patterns

3.3 Communicate With You

• Send notifications about meal reflections (if enabled)
• Provide in-app guidance and tips
• Respond to support requests

3.4 What We Do NOT Do

4.1 Technical Safeguards

Encryption

• Data in transit: All data encrypted using TLS
• Data at rest: Sensitive health fields encrypted using AES-256-GCM
• Passwords: Stored using bcrypt hashing
• Local storage: Auth tokens stored in device's secure enclave

Photo Privacy

When you upload a meal photo, we automatically remove ALL metadata including:

• GPS location
• Device information
• Camera settings
• Timestamps embedded in the photo

Your meal photos are only accessible to you and our AI analysis system.

Infrastructure Security

• Secure cloud hosting on AWS with enterprise-grade security
• Access controls - only essential systems can access your data
• Rate limiting for protection against brute-force attacks

4.2 Organizational Safeguards

• Minimal data access: Team members only access data when necessary for support
• No third-party data sales: We will never sell or rent your data
• Regular security reviews: We continuously assess and improve our security

5.1 AI Analysis

5.2 Cloud Infrastructure

Data Location: Data is stored in US-based AWS data centers.

5.3 Payment Processors

5.4 Optional Services (Disabled by Default)

These services are only active if we enable them:

6.1 How Long We Keep Your Data

• Account data: Retained while your account is active
• Meal history: Retained while your account is active
• Meal photos: Retained while your account is active
• Reflections: Retained while your account is active
• Conversations: Retained while your account is active
• Subscription records: Retained while your account is active (see 6.3)

6.2 After Account Deletion

When you delete your account:

• All data is immediately and permanently deleted from our database
• This includes: Profile, meals, photos, reflections, conversations, rewards
• Photos are removed from cloud storage
• We cannot recover deleted data - deletion is permanent and irreversible

6.3 Subscription Records After Deletion

When you delete your account:

• Your subscription status record is deleted from our database
• However, Apple/Google may retain their own records of your purchase history per their privacy policies
• Important: Deleting your Fyll account does NOT automatically cancel your subscription. You must cancel through Apple/Google settings before deletion to avoid continued charges.

7.1 Access Your Data (GDPR Article 15 / CCPA)

You can view all your data directly in the app, or request a complete export.

7.2 Export Your Data (GDPR Article 20)

You have the right to data portability. In the app:

1. Go to Settings → Export My Data
2. Receive a JSON file with ALL your data

7.3 Delete Your Data (GDPR Article 17)

You have the right to erasure. In the app:

1. Go to Settings → Delete Account
2. Confirm deletion
3. All data is permanently deleted (cannot be undone)

7.4 Notification Preferences

You can control notifications in Settings → Notifications.

7.5 California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

• Know what personal information we collect
• Delete your personal information
• Opt-out of the sale of personal information (we don't sell data)
• Non-discrimination for exercising your rights

Fyll is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

If you are accessing Fyll from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located. By using the App, you consent to this transfer.

For EU/EEA users: We process your data based on:

• Contractual necessity: To provide you with the service
• Legitimate interests: To improve and secure the App
• Consent: For optional features like analytics

For transparency with Google Play's Data Safety requirements, here is our declaration:

Data Collected

*Photos are shared with Google Gemini AI for analysis only.

Note on Purchase History: We receive subscription status from app stores but NOT financial details like credit card numbers.

Security Practices

• ✅ Data is encrypted in transit (TLS)
• ✅ Sensitive data is encrypted at rest (AES-256-GCM)
• ✅ You can request data deletion
• ✅ Data deletion is immediate

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy in the App
• Updating the "Last Updated" date
• Sending an in-app notification for material changes

Your continued use of the App after changes constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or your personal data, contact us at:

Email: hello@fyllapp.com

Website: https://fyllapp.com

14.1 Not Medical Advice

Fyll provides nutritional information and wellness insights for educational purposes only. Fyll is NOT a substitute for professional medical advice, diagnosis, or treatment. Always seek the advice of your physician or qualified health provider with any questions about a medical condition or dietary changes.

14.2 AI Accuracy

Nutrition estimates provided by our AI are approximations based on visual analysis and may not be 100% accurate. For precise nutritional information, consult food labels or a registered dietitian.