← Back to Home

Privacy Policy

Effective Date: November 17, 2024

1. Introduction

Welcome to MealFlow ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application and related services (collectively, the "Service").

By using MealFlow, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Personal Information You Provide

  • Account Information: When you create an account, we collect your name, email address, and password.
  • Body Composition Data: Weight, height, age, gender, and other physical metrics you provide to help calculate your nutritional needs.
  • Health and Fitness Information: Activity level, fitness goals (e.g., weight loss, muscle gain, maintenance), and any health-related preferences.
  • Dietary Preferences: Food allergies, intolerances, dietary restrictions (vegetarian, vegan, gluten-free, etc.), favorite ingredients, and foods you dislike.
  • Meal and Recipe Data: Custom meals, recipes, meal plans, and any modifications you make within the Service.
  • Payment Information: When you subscribe to our Service, payment information is processed through our secure third-party payment processor. We do not store your full credit card details.

2.2 Automatically Collected Information

  • Device Information: Device type, operating system, browser type, IP address, and unique device identifiers.
  • Usage Data: Information about how you interact with our Service, including pages visited, features used, time spent on pages, click patterns, and navigation paths.
  • Log Data: Server logs that include your IP address, browser type, referring/exit pages, and timestamps.

2.3 Cookies and Similar Technologies

We use cookies, web beacons, and similar tracking technologies to collect information about your browsing activities and to remember your preferences. You can control cookie settings through your browser, but disabling cookies may limit your ability to use certain features of our Service.

3. How We Use Your Information

3.1 Service Provision and Personalization

  • Calculate your personalized calorie and macro targets using our Smart Nutrition Engine
  • Generate customized weekly meal plans aligned with your nutritional goals
  • Adapt meal plans based on your preferences, dietary restrictions, and lifestyle
  • Provide meal creation modes (Simple, Creative, Meal Prep, Budget, Craving, Edit)
  • Create and manage your weekly nutrition calendar
  • Generate accurate grocery lists and ingredient quantities

3.2 Third-Party Integrations

  • Facilitate one-click grocery ordering through our Instacart integration
  • Process subscription payments securely through our payment processor

3.3 Communication

  • Send you account-related notifications and updates
  • Respond to your inquiries and support requests
  • Deliver important Service announcements
  • Send marketing communications (with your consent)
  • Notify you about changes to our Service, policies, or terms

3.4 Service Improvement and Analytics

  • Analyze usage patterns to improve our Service and user experience
  • Develop new features and functionality
  • Monitor and maintain the performance and security of our Service
  • Conduct research and analysis to enhance our algorithms and recommendations

3.5 Legal Compliance and Protection

  • Comply with legal obligations and respond to lawful requests
  • Protect our rights, property, and safety, and that of our users
  • Prevent fraud, abuse, and security issues
  • Enforce our Terms of Service and other agreements

4. Sharing Your Information

4.1 Third-Party Service Providers

We share your information with trusted third-party service providers who assist us in operating our Service, including:

  • Payment Processors: To process subscription payments securely
  • Instacart: When you choose to use our grocery ordering feature, we share your grocery list with Instacart. Your use of Instacart is subject to their privacy policy and terms of service.
  • Cloud Hosting Providers: To store data and host our Service
  • Analytics Providers: To analyze usage patterns and improve our Service
  • Email Service Providers: To send communications to you
  • Customer Support Tools: To provide customer service

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of company assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

4.3 Legal Requirements and Protection

We may disclose your information if required to do so by law or if we believe in good faith that such action is necessary to:

  • Comply with legal obligations, court orders, or government requests
  • Protect and defend our rights or property
  • Prevent or investigate possible wrongdoing in connection with the Service
  • Protect the personal safety of users or the public

4.4 Aggregated and De-identified Information

We may share aggregated or de-identified information that cannot reasonably be used to identify you for research, marketing, analytics, or other purposes.

5. Data Storage and Security

5.1 Data Storage

Your information is stored on secure servers located in the United States. If you are accessing our Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located.

5.2 Security Measures

We implement industry-standard technical and organizational security measures to protect your personal information, including:

  • Encryption of data in transit using SSL/TLS protocols
  • Encryption of sensitive data at rest
  • Regular security assessments and updates
  • Access controls and authentication mechanisms
  • Monitoring for suspicious activity and security breaches

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5.3 Data Retention

We retain your personal information for as long as necessary to provide you with our Service and fulfill the purposes outlined in this Privacy Policy. When you delete your account, we will delete or anonymize your personal information within 90 days, except where we are required to retain it for legal, accounting, or security purposes.

6. Your Rights and Choices

6.1 Account Information

You can review, update, or correct your account information at any time by logging into your account settings. You are responsible for maintaining accurate and current information.

6.2 Communication Preferences

You can opt out of receiving promotional emails by clicking the "unsubscribe" link in any marketing email or by adjusting your email preferences in your account settings. Please note that you cannot opt out of receiving important service-related communications.

6.3 Cookies and Tracking

You can control cookies through your browser settings. Most browsers allow you to refuse or delete cookies. However, blocking cookies may affect your ability to use certain features of our Service.

6.4 Data Subject Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Restriction: Request restriction of processing of your information
  • Objection: Object to our processing of your information
  • Portability: Request transfer of your information to another service
  • Withdraw Consent: Withdraw your consent to processing where we rely on consent

To exercise any of these rights, please contact us at ryan@mealflow.ai. We will respond to your request within 30 days.

6.5 Account Deletion

You can delete your account at any time through your account settings or by contacting us. Upon deletion, your personal information will be removed from our active databases within 90 days, subject to legal retention requirements.

7. Children's Privacy

Our Service is not intended for children under 13 years of age (or under 16 in the European Economic Area). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete such information.

8. Third-Party Links and Services

Our Service may contain links to third-party websites or integrate with third-party services (such as Instacart). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing them with any personal information.

9. International Data Transfers

If you are accessing our Service from outside the United States, your information will be transferred to and processed in the United States. The United States may have data protection laws that differ from those in your country. By using our Service, you consent to the transfer of your information to the United States.

10. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect, use, and share
  • Right to request deletion of your personal information
  • Right to opt out of the sale of your personal information (we do not sell your information)
  • Right to non-discrimination for exercising your privacy rights

To exercise these rights, contact us at ryan@mealflow.ai.

11. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR). We process your personal information based on the following legal grounds:

  • Contract: To provide our Service as agreed in our Terms of Service
  • Consent: When you have given explicit consent (e.g., for marketing communications)
  • Legitimate Interests: To improve our Service, prevent fraud, and ensure security
  • Legal Obligation: To comply with applicable laws and regulations

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons. We will notify you of any material changes by:

  • Posting the updated Privacy Policy on this page with a new "Effective Date"
  • Sending you an email notification (if you have provided your email address)
  • Displaying a prominent notice within our Service

Your continued use of our Service after the effective date of the updated Privacy Policy constitutes your acceptance of the changes.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Email: ryan@mealflow.ai

By using MealFlow, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.