Legal

Privacy Policy

Last updated: May 6, 2026 ยท Effective: May 6, 2026

1. Overview

This Privacy Policy describes how Vita ("we", "us", or "our") collects, uses, and protects your personal information when you use the Vita application, website at vitafood.app, and related services (collectively, the "Service").

We built Vita to help you understand what's in your food. To do that, we collect a small amount of personal data โ€” but we don't sell it, share it with advertisers, or use it for marketing purposes outside of Vita. Ever.

Plain English summary: We collect what we need to run the app (your account, your dietary profile, the foods you scan). We use Stripe for payments, Supabase for storage, and Google Gemini for AI analysis. We don't sell your data. You can delete your account at any time.

2. Information we collect

Information you provide

  • Account information. When you sign up, we collect your email address and a password (or, if you sign in with a third-party provider, the basic identity claims they share with us, such as your name and email).
  • Dietary profile. The dietary conditions, allergies, restrictions, and goals you choose to add (e.g., celiac, vegan, nut allergy). This is sensitive information; we treat it accordingly and only use it to personalize your scan results.
  • Scan content. Photos of food, barcodes, ingredient labels, or restaurant menus that you submit through the app, along with the resulting analysis and any follow-up questions you ask.
  • Communications. If you email us at support@vitafood.app, we keep that correspondence so we can help you.

Information collected automatically

  • Device & usage data. Basic technical information such as IP address, browser type, operating system, referring URLs, and how you interact with the Service. Used for security, debugging, and aggregate product analytics.
  • Cookies & local storage. See our Cookie Policy for details.

Information from third parties

  • Payment data. If you subscribe to a paid plan, our payment processor Stripe collects your payment method and shares limited information back with us (e.g., subscription status, last four digits of card, country). We do not store your full card number or CVV.
  • Authentication providers. If you sign in via a third-party OAuth provider, we receive the basic profile information that provider sends.

3. How we use your information

We use the information we collect to:

  • Provide, maintain, and improve the Service, including delivering personalized scan analyses based on your dietary profile.
  • Process your subscription, send billing notifications, and provide customer support.
  • Detect, prevent, and respond to abuse, security incidents, and violations of our Terms of Service.
  • Send transactional emails (account confirmations, password resets, billing receipts, important service notices). We do not send marketing emails unless you opt in.
  • Comply with legal obligations and enforce our agreements.

Legal bases (for users in the EEA, UK, and Switzerland): we process your data on the bases of (a) performance of our contract with you, (b) your consent (for sensitive dietary information and any optional analytics), (c) our legitimate interests in operating and improving the Service, and (d) compliance with legal obligations.

4. AI processing & Gemini

Vita uses Google's Gemini API to analyze the food content you submit. When you scan an item:

  • The image, barcode, or text content is transmitted to Google's Gemini API for analysis.
  • Your dietary profile is sent along with the request so the analysis is personalized.
  • We do not transmit your name, email address, or other directly identifying information to Gemini with each scan request.
  • Per Google's published terms for Gemini API customers, your prompts and responses are not used to train Google's models.

The analysis is generated by an AI model and may be incorrect, incomplete, or out of date. Vita is not a substitute for professional medical, dietary, or allergy advice. See our Terms of Service for the full disclaimer.

5. How we share information

We do not sell your personal information. We do not share it with advertisers. We do not share it with third parties for their own marketing purposes.

We share information only in these specific cases:

  • Service providers (subprocessors) who help us operate the Service. As of the date above, our primary subprocessors are:
    • Supabase โ€” authentication and database hosting (United States).
    • Vercel โ€” application and website hosting (United States).
    • Stripe โ€” payment processing (United States).
    • Google (Gemini API) โ€” AI analysis of scanned content (United States).
  • Legal compliance. When required by valid legal process, court order, or to protect our rights, users, or the public. We will challenge overbroad requests where we believe it appropriate.
  • Business transfers. If Vita is acquired or merged, your information may transfer to the successor entity. We will notify you and your rights under this Policy will continue.

6. Data retention

We keep your personal information for as long as your account is active. After you delete your account, we remove your dietary profile, scan history, and account record within 30 days, except for limited records we are legally required to retain (such as tax and billing records, retained for up to 7 years).

Anonymous and aggregated data, which cannot be used to identify you, may be retained indefinitely to improve the Service.

7. Your rights

Depending on where you live, you may have the following rights regarding your personal information:

  • Access โ€” request a copy of the personal information we hold about you.
  • Correction โ€” ask us to fix inaccurate or incomplete information.
  • Deletion โ€” ask us to delete your personal information.
  • Portability โ€” receive your information in a structured, machine-readable format.
  • Restriction or objection โ€” restrict or object to certain types of processing.
  • Withdraw consent โ€” where we rely on your consent, you may withdraw it at any time.

For California residents (CCPA/CPRA): you have the additional rights to know what categories of personal information we have collected, the sources of that information, the purposes for collecting it, and the categories of third parties with whom we share it. You also have the right not to be discriminated against for exercising your rights. We do not sell or "share" personal information for cross-context behavioral advertising.

To exercise any of these rights, email us at support@vitafood.app. We will respond within the timeframes required by applicable law (typically 30 days).

8. International data transfers

Vita is operated from the United States, and our subprocessors process data primarily in the United States. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States.

For users in the EEA, UK, and Switzerland, we rely on Standard Contractual Clauses (SCCs) and other appropriate safeguards approved by the European Commission for transfers to countries that do not have an adequacy decision.

9. Children

Vita is not directed to children under 13 (or 16 in the EEA and UK). We do not knowingly collect personal information from children under these ages. If you believe a child has provided us with personal information, contact us at support@vitafood.app and we will delete it.

10. Security

We use industry-standard security measures to protect your information, including encryption in transit (TLS), encrypted database storage, and access controls limited to personnel who need it to operate the Service. No system is perfectly secure, however, and we cannot guarantee the absolute security of your information.

11. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through an in-app notice before the changes take effect. The "Last updated" date at the top of this page will always reflect the most recent version.

12. Contact

Questions about this Privacy Policy or our data practices? Email us at support@vitafood.app.