Privacy Policy
Last updated: June 5, 2026
This Privacy Policy explains how ENTRA LLC ("we", "us", "our") collects, uses, shares, and protects your information when you use FoodMind AI (the "Service") — our AI nutritionist mobile application and related services.
By using FoodMind AI, you agree to the practices described here. If you do not agree, please do not use the Service.
1. Who We Are
Company: ENTRA LLC
Registered address: 30 N Gould St Ste R, Sheridan, Wyoming 82801, United States
Service: FoodMind AI mobile application (iOS) and supporting cloud services
Contact: support@foodmindai.app
Data Controller (for EU/UK users): ENTRA LLC
We are a US limited liability company. We do not operate offices in the EU or UK; if you reside in those regions, your data is transferred to the US under appropriate safeguards (see §10).
2. Information We Collect
We collect only the data needed to deliver the Service. We do not sell your personal data. We do not use your data to train external AI models.
2.1 Information You Give Us
| Category | Examples | Why we need it |
|---|---|---|
| Account | Email address, name (optional), Apple ID identifier (if you Sign in with Apple) | Create and protect your account |
| Profile | Age, gender, height, weight, weight goal, activity level, food sensitivities | Calculate your daily calorie + macro targets and Energy Score |
| Meal data | Photos of meals, text descriptions, voice transcripts of meal logs, foods searched, recipes saved | Provide AI nutrition analysis and meal history |
| Chat data | Messages you send to our AI nutritionist (text, voice, photos) | Generate AI responses; thread history visible only to you |
| Subscription data | Purchase receipts (via Apple), subscription tier, trial start date | Manage your premium access |
2.2 Information Collected Automatically
| Category | Examples | Why |
|---|---|---|
| Usage data | App screens viewed, features used, session duration, crashes | Improve the app, debug errors |
| Device data | Device model, iOS version, language, time zone, anonymous device identifier | Optimize for your device, prevent fraud |
| Performance data | App launch time, API latency, error logs | Quality monitoring |
2.3 Information from Apple (with your permission)
- Camera & Photo Library — only when you take or pick a food photo. Photos are not auto-uploaded.
- Microphone — only while you actively use the voice-log feature.
- Speech Recognition — runs on-device first; only sent to our servers if on-device recognition is unavailable.
- Apple HealthKit (optional, you must explicitly grant) — step count, weight, active calories. Used to enhance your Energy Score. We never write to HealthKit unless you opt in to logged-meal sync.
- Push Notifications (optional) — to remind you to log meals or alert you to weekly insights.
2.4 We Do NOT Collect
- Your contacts, calendar, location, social media accounts
- Financial details beyond what Apple shares for purchase validation
- Photos other than the ones you explicitly select for food logging
- Audio beyond what you record for the active voice-log session
3. How We Use Your Information
We use your information to:
- Operate the Service — authenticate you, deliver AI food analysis, calculate Energy Score, sync data across devices.
- Improve features — diagnose bugs, measure feature usage, prioritize improvements.
- Communicate with you — send transactional emails (account changes, subscription receipts), product updates, optional newsletters if you opt in.
- Comply with law — respond to lawful requests, prevent fraud, enforce our Terms of Service.
We do not use your data for advertising profiling, selling to third parties, or training generative AI models on your meals, photos, or chat content.
4. AI Processing Transparency (EU AI Act compliance)
FoodMind AI uses third-party AI models to analyze your food and respond to your questions. You should know:
- Models we use: Anthropic Claude (text + vision); on-device speech recognition.
- What gets sent to AI providers: the specific message or photo you're submitting at that moment, plus relevant context (your goal, recent meals).
- What gets stored: the AI response, the photo URL (in our storage), the transcript. Anthropic does NOT retain the data beyond 30 days for abuse monitoring and does NOT use it to train models (per Anthropic's commercial-API privacy terms).
- What AI is allowed to do: estimate nutrition, classify food, generate text responses, suggest recipes.
- What AI is NOT allowed to do: make medical diagnoses, prescribe diets, replace professional medical advice. Our system enforces a hardcoded safety filter (the "Tessa Rule") that intercepts and refuses any input or output that promotes restrictive eating, purging, or weight obsession before it reaches the AI model.
You can disable AI features and use the app in manual-log-only mode by toggling "Disable AI features" in Settings → Privacy.
5. Third-Party Service Providers
We work with the following providers. Each receives only the data they need to perform their function, under contractual obligations to protect your data.
| Provider | What they do | Data they receive |
|---|---|---|
| Anthropic (Claude API) | AI text + vision processing | Active message content + relevant context |
| Supabase | Database, file storage, authentication | All stored user data (encrypted at rest) |
| RevenueCat | Subscription receipt validation | Apple receipt + user identifier |
| Apple | App distribution, IAP, Sign in with Apple, HealthKit, push | Receipt data, anonymous device identifier, push token |
| Sentry | Crash reporting (no PII) | Anonymized crash stack traces |
We do not share data with advertising networks, brokers, or social media platforms.
6. How Long We Keep Your Data
| Data type | Retention |
|---|---|
| Account profile | Until you delete your account |
| Meals + photos + chat history | Until you delete the entry or your account |
| Subscription history | 7 years (US tax recordkeeping) |
| Crash logs (anonymized) | 90 days |
| Marketing email list (if opted in) | Until you unsubscribe |
When you delete your account, all personal data is removed within 30 days, except where retention is required by law (e.g., transaction records for tax purposes).
7. Your Rights
You have the right to:
- Access — request a copy of your data
- Correct — update inaccurate information
- Delete — request deletion of your account and data
- Export — receive your data in a portable format (JSON)
- Object — opt out of non-essential processing (analytics, marketing)
- Withdraw consent — disable AI features, HealthKit, push notifications
- Lodge a complaint — with your local data protection authority
How to exercise these rights
- In-app: Settings → Privacy → Manage My Data — most actions are one-tap (export, delete, opt-out toggles).
- By email: support@foodmindai.app
- We respond within 30 days as required by GDPR/CCPA.
EU/UK residents (GDPR)
You have all rights above under Articles 15–22 of the GDPR. The legal bases for processing are:
- Consent (Art. 6(1)(a)) — for optional features (HealthKit, push, marketing)
- Contract (Art. 6(1)(b)) — for delivering the Service you paid for
- Legitimate interest (Art. 6(1)(f)) — for security and core analytics
California residents (CCPA/CPRA)
You have the right to know what categories of personal information we collect, to opt out of any "sale" or "sharing" (we do neither), and to non-discriminatory treatment when exercising your rights. We do not sell personal information. We do not share personal information with third parties for cross-context behavioral advertising.
8. Children's Privacy
FoodMind AI is intended for users 17 years and older (per Apple's age rating for our app category and the nature of nutrition-related content). We do not knowingly collect data from anyone under 17.
If you believe a child has provided us data without consent, contact support@foodmindai.app and we will delete it.
In the EU/UK, we follow GDPR Article 8 — users under 16 must have verifiable parental consent (we recommend such users not use the Service).
9. Security
We protect your data with:
- Encryption in transit — TLS 1.3 for all network traffic
- Encryption at rest — Supabase database + storage encrypted with AES-256
- Session token security — stored in iOS Keychain (encrypted by the device's secure enclave), never in plaintext
- AI safety filters — hardcoded vocabulary filters (Tessa Rule §2.7) intercept harmful inputs before they reach AI models
- Access controls — only authorized ENTRA LLC personnel can access production systems, with MFA required
No system is 100% secure. If we become aware of a data breach affecting your personal data, we will notify you within 72 hours as required by GDPR.
10. International Data Transfers
Our servers are located in the United States. If you access the Service from outside the US, your data is transferred to the US.
For EU/UK users, we rely on:
- The EU-US Data Privacy Framework (where applicable to our processors)
- Standard Contractual Clauses with non-DPF-certified processors
- The UK International Data Transfer Agreement
You may request a copy of these safeguards from support@foodmindai.app.
11. Apple App Tracking Transparency
We do not track you across other companies' apps or websites for advertising or measurement. You will not see an App Tracking Transparency prompt because we have no need to track you.
12. Changes to This Policy
We may update this Privacy Policy as the Service evolves or law changes. Material changes will be announced:
- In-app banner before they take effect
- Email notification (if you have an account with email)
- Updated "Last updated" date at the top of this page
Continued use of the Service after changes take effect means you accept the new policy.
13. Contact Us
Privacy questions: support@foodmindai.app
Postal mail: ENTRA LLC · 30 N Gould St Ste R · Sheridan, Wyoming 82801 · United States
For urgent data deletion requests, please use Settings → Privacy → Delete My Account in the app — it is the fastest path.
FoodMind AI is a product of ENTRA LLC. © 2026 ENTRA LLC. All rights reserved.