Legal Documentation

Privacy Policy

We built Nutri with your family’s privacy as a foundation. Effective date: June 1, 2026View CCPA Privacy Notice
Privacy-firstNever sell your data
Secure family health dataEncrypted at rest & in transit
Plain EnglishNo legal jargon
Children protectedCOPPA-compliant child profiles

1. Information we collect

Information you provide directly

Category
Examples
Why
Account
Name, email address, password
Create and secure your account
Household profiles
Member names, ages, roles (adult/child)
Personalize plans for each member
Health & nutrition goals
Dietary preferences, allergens, health conditions, calorie targets
Generate safe, appropriate meal plans
Meal logs
Foods eaten, portion sizes, meal timestamps, barcode scans
Track nutrition and improve recommendations
Grocery & budget data
Grocery lists, weekly budget, store preferences, purchase completions
Optimize spending and reduce food waste
Location
ZIP code (onboarding), optional precise location (store finder)
Surface nearby stores and regional pricing

Information collected automatically

When you use the Nutri app or website, we automatically collect:

  • Device information (device type, operating system, app version)
  • Usage data (features used, screens viewed, session duration)
  • Log data (IP address, access timestamps, error logs)
  • Performance data (crash reports, load times)

Information from third parties

If you connect a third-party service (such as a grocery retailer for real-time pricing), we receive only the data necessary for that integration. We do not purchase data from data brokers or advertising networks.

Health data promise

Information about your or your family’s health conditions, allergens, medications, and dietary restrictions are treated as sensitive data. We use it only to provide the service — never for advertising profiling, never sold to third parties, never shared with insurance companies or employers.

2. How we use your information

Purpose
Data used
Legal basis
Provide core app features (meal planning, tracking, grocery lists)
All profile and health data
Contract
Personalize AI recommendations
Dietary preferences, meal logs, household composition
Contract
Safety alerts (allergen warnings, nutrient deficiencies)
Allergen profiles, nutrition logs
Legitimate interest
Improve the service and train AI models
Anonymized, aggregated usage patterns
Legitimate interest
Send service notifications (streaks, reminders)
Email, push tokens
Contract
Display relevant sponsored content (see Section 5)
Dietary profile (no health conditions, no child data)
Consent
Fraud prevention and security
IP address, usage patterns
Legitimate interest
Comply with legal obligations
As required by applicable law
Legal obligation

We do not use your health or nutrition data to build advertising profiles, sell to data brokers, or make automated decisions that have legal or significant effects on you.

3. Children's privacy

COPPA compliance: Nutri is designed for use by adults managing family nutrition. Child profiles (under age 13) are created and managed exclusively by a verified parent or guardian. We comply with the Children’s Online Privacy Protection Act (COPPA).

How child profiles work

  • Child profiles under 13 may only be created by the primary account holder (a verified adult)
  • We collect only the minimum information needed for the child's profile: name or nickname, age, dietary restrictions, and allergens
  • Child profile data is never used for advertising or marketing purposes
  • Child profiles cannot participate in sponsored content, promotional offers, or sweepstakes
  • Child profile data is isolated from third-party analytics and advertising systems
  • No behavioral data from child profiles is shared with any partner

Parental rights

Parents and guardians may at any time:

  • Review all data collected about their child's profile
  • Request deletion of a child's profile and all associated data
  • Withdraw consent for collection of a child's personal information
  • Receive a copy of a child's profile data

To exercise any of these rights, contact us at privacy@nutrismarts.ai. We will respond within 5 business days.

Child-safe UI

When a child profile is the active session, the app automatically shows age-appropriate content (Wellness Stars instead of calorie scores), suppresses all sponsored content, and restricts community features. No advertising is shown to any profile identified as under 13.

4. How we share information

We do not sell your personal information. We share information only in the following limited circumstances:

Service providers

We share data with trusted service providers who help us operate Nutri — cloud infrastructure, analytics, customer support tools, and payment processing. All service providers are contractually bound to use your data only for the services they provide to us and to maintain appropriate security standards.

Within your household

Members of the same household account can see shared family meal plans, grocery lists, and household-level nutrition summaries. Individual member health profiles, personal goals, and detailed nutrition logs are visible only to that member and the primary account holder.

Legal requirements

We may disclose information if required by law, legal process, or government authority — for example, a valid court order or subpoena. We will notify you of such requests where legally permitted to do so.

Business transfers

If Nutri is acquired, merged, or sold, your information may be transferred as part of that transaction. We will provide notice before your data is transferred and becomes subject to a different privacy policy. You will have the right to delete your account before any transfer takes effect.

With your consent

We share information in other ways only when you give us explicit consent, which you can withdraw at any time.

We never share: Health conditions, allergen data, medication information, or any child profile data with advertisers, data brokers, insurance companies, employers, or marketing platforms.

6. Data retention

Data type
Retention period
Active account data
For the duration of your account
Meal logs and nutrition history
Retained while account is active; deleted 30 days after account deletion
Deleted member profiles
Deleted within 30 days of removal request
Child profile data
Deleted immediately upon parent request; deleted automatically within 30 days of account deletion
Anonymized analytics
Up to 3 years (no personal identifiers)
Legal / fraud records
As required by applicable law, typically 7 years

When you delete your account, we delete or anonymize your personal data within 30 days, except where retention is required by law. You can request immediate deletion by contacting privacy@nutrismarts.ai.

7. Security

We build Nutri with healthcare-grade security principles, because your family’s health data deserves that standard of care.

Encryption

All data encrypted in transit (TLS 1.3) and at rest (AES-256). Health and allergen data encrypted with separate keys.

Access controls

Role-based access controls ensure only authorized systems and personnel can access personal data. Child data is isolated in a separate access tier.

Audit logging

All data access is logged and audited. Anomalous access patterns trigger automatic alerts to our security team.

Incident response

In the event of a data breach affecting your personal information, we will notify you within 72 hours, consistent with applicable law.

No method of transmission or storage is 100% secure. If you discover a security vulnerability, please report it responsibly to security@nutrismarts.ai.

8. Your rights

Depending on your location, you may have the following rights regarding your personal information. We honor these rights for all users regardless of location.

Access

Request a copy of all personal data we hold about you and your family members.

Correction

Correct inaccurate or incomplete information in your account or member profiles.

Deletion

Delete your account and all associated personal data. We honor this within 30 days.

Portability

Export your data in a machine-readable format (JSON or CSV) to take it elsewhere.

Opt-out

Opt out of sponsored content, marketing communications, and non-essential analytics at any time.

Restriction

Request that we restrict processing of your data in certain circumstances while a dispute is resolved.

To exercise any right, email privacy@nutrismarts.ai from the email address associated with your account. We will respond within 30 days. California residents have additional rights under CCPA — see the full CCPA disclosure.

9. Cookies & tracking

Type
Purpose
Can opt out
Essential
Keep you logged in, maintain session state, security functions
No (required for the app to work)
Analytics
Understand how features are used to improve the app (anonymized)
Yes — Settings → Privacy
Preferences
Remember your language, theme, and notification preferences
Yes (clearing cookies resets preferences)

We do not use advertising cookies, cross-site tracking pixels, or fingerprinting technologies. We do not participate in advertising networks or real-time bidding platforms. For details on what we store locally, see our Cookies Policy.

10. Changes to this policy

We may update this policy from time to time. For material changes — those that affect how we use your health data or your rights — we will notify you by email at least 30 days before the change takes effect and require your affirmative consent before proceeding. Non-material updates (fixing typos, adding clarifications) will be noted in the “Last updated” date at the top of this page.

Previous versions of this policy are available upon request.

11. Contact us

For privacy questions, data requests, or to report a concern, reach us at:

  • Email: privacy@nutrismarts.ai
  • Response time: Within 5 business days for urgent matters; 30 days for general requests
  • Mailing address: Nutri, Inc. · [Address] · [City, State, ZIP]

Questions about your privacy?

Our team responds to all privacy inquiries within 5 business days.

privacy@nutrismarts.ai