Privacy Policy

Overview

Gutlog ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your information when you use our iOS and watchOS application.

Information We Collect

Gutlog is designed to be as private as possible. We collect minimal information:

• Health Data: Bowel movement logs, symptoms, meal data, mood entries, and habit tracking data you voluntarily enter into the app. This data is stored locally on your device using Apple's SwiftData framework.
• Account Information: Email address (if you sign up with email) or Apple ID token (if you use Sign in with Apple). This is used solely for authentication.
• Photos: Meal and stool photos you choose to capture. All photos are encrypted using AES-GCM encryption before storage and never leave your device unless you explicitly enable cloud sync.

How We Use Your Information

• To provide and improve the Gutlog app functionality
• To generate personalized gut health insights using AI analysis
• To authenticate your account and manage your subscription
• To sync your data across devices (if you enable cloud sync)

AI Analysis

When you use the meal photo analysis feature, your photo is sent to our secure backend (Supabase Edge Functions) which forwards it to Google Gemini AI (via OpenRouter) for analysis. The photo is processed in transit and not stored on our servers. Analysis results (ingredients, allergens, fiber estimates) are stored only on your device.

Data Storage & Security

• Local Storage: All health data is stored locally on your device using Apple's SwiftData framework with iOS encryption.
• Photo Encryption: Photos are encrypted with AES-GCM using a key stored in the iOS Keychain.
• Cloud Sync: When enabled, data is synced to Supabase (hosted on AWS) with row-level security ensuring only you can access your data.
• Authentication: Handled by Supabase Auth. We do not store passwords.

Third-Party Services

• Supabase: Backend services, authentication, and data storage. Supabase Privacy Policy
• RevenueCat: Subscription management. RevenueCat Privacy Policy
• Google Gemini AI (via OpenRouter): Meal photo analysis. Google AI Privacy
• Apple: Sign in with Apple, StoreKit. Apple Privacy Policy

Data Sharing

We do not sell, rent, or share your personal health data with third parties for marketing purposes. Your data is shared only with service providers necessary to operate the app (listed above).

Data Retention

Your data is stored as long as you use the app. You can delete your account and all associated data at any time through the app's Settings screen, which permanently removes all data from our servers.

Your Rights

• Access your data at any time through the app
• Delete your data through Settings > Delete Account
• Revoke authentication through your Apple ID or email provider settings
• Opt out of cloud sync at any time (data remains local only)

Children's Privacy

Gutlog is not intended for children under 13. We do not knowingly collect data from children.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected in the "Last updated" date above.

Contact Us

If you have questions about this Privacy Policy, contact us at support@mygutlog.com.