Privacy Policy
Your privacy is important to us. This Privacy Policy explains how we collect, use, and protect your information when you use any of our mobile applications published on the Apple App Store (collectively, "our Apps").
Data Controller: Jakub Laszczyk, Ontario, Canada ("we", "our", or "us"). For any privacy-related inquiries, contact us at support@jakubl.com.
What Data Our Apps May Collect
Local Data: Our Apps store user-created content locally on your device using Apple's SwiftData framework. This may include food logs, workout history, fasting sessions, journal entries, body measurements, weight records, foraging data, gamification progress, and profile settings. This data is not transmitted to our servers.
Photos & AI Analysis: Some of our Apps allow you to take photos for AI-powered analysis (such as food recognition, mushroom species identification, or Fitzpatrick skin-type assessment from a selfie and an optional forearm photo). When used, photos are sent to AI services (Google Gemini AI or Firebase Vertex AI / Firebase AI Logic) for real-time, one-shot processing. Photos are not stored on our servers, are not retained by us, and are not used to train any AI model. The AI returns only the analysis result (e.g. a skin-type number or a synthesized preview image); the original photo is discarded after the request completes.
Face Data: Sunmaxxing and any future sun-safety apps may capture optional selfies during onboarding (for one-time Fitzpatrick skin-type classification and a one-time "tan goal" preview visualization). These photos may include the user's face. We do not perform facial recognition, do not generate face embeddings or landmarks, and do not link any photo to an identity. The photos are sent transiently to Google's Gemini AI for the one-shot analyses described above and are not retained by us or Google after the response is returned. We do not collect biometric face data of any kind.
Selfies & Tan Journal: Some of our Apps (e.g. Sunmaxxing) allow you to take selfies for a personal visual diary — for example, tracking tan progression over time. These photos may include your face. They are stored locally on your device using Apple's SwiftData framework, and may be synced to your private Apple iCloud account via CloudKit if you have iCloud sync enabled. Tan Journal selfies are never sent to any third-party AI service, never shared with us, and never used for facial recognition, biometric identification, or any other analysis. You can delete individual selfies inside the app at any time, or delete all of them by removing the app from your device.
Health Data: Some of our Apps may read or write data to Apple HealthKit with your explicit permission. HealthKit data stays on your device and in your iCloud Health data. We never access your HealthKit data on our servers. HealthKit data is never used for advertising, marketing, or data mining purposes.
Location Data: Some of our Apps may use your location with your permission. Location data is stored locally on your device and may be synced via iCloud. Your location is never sent to our servers. In Apps that calculate solar position or fetch local weather/UV data, your coordinates are sent directly to Apple's WeatherKit servers; we do not see or store these requests.
Weather & UV Data: Some of our Apps (such as sun-exposure and vitamin D trackers) fetch real-time UV index, cloud cover, and temperature from Apple WeatherKit using your approximate location. WeatherKit requests are made device-to-Apple; we do not operate any intermediate server.
iCloud Sync: Some of our Apps sync data across your devices via Apple's CloudKit framework, subject to Apple's Privacy Policy.
Subscriptions: Some of our Apps offer optional subscriptions. Subscriptions are billed and managed by Apple via the App Store using your Apple ID. In some Apps, we additionally use RevenueCat as a subscription-status middleware; in other Apps, we use Apple StoreKit 2 directly with no third-party subscription provider. Either way, your payment details are handled by Apple and never reach us.
Abuse Protection (Firebase App Check): Some of our Apps use Firebase App Check with Apple's App Attest to verify that calls to our backend AI services originate from a genuine, unmodified copy of the App. App Attest produces a device-bound attestation; it does not collect any personal data and is described in Apple's App Attest documentation.
Widgets & App Groups: Some of our Apps use app groups to share data with their widgets. This data stays entirely on your device.
Analytics & Crash Reporting
All of our Apps use Firebase Analytics and Firebase Crashlytics to help us understand feature usage patterns and fix bugs. These services collect anonymous device identifiers (such as app instance IDs and installation UUIDs), device model, OS version, session data, and crash stack traces. No names, email addresses, or account information is shared with these services.
How We Use Your Information
- To provide AI-powered analysis and content generation where applicable
- To store and organize your personal health, fitness, and nutrition data
- To sync your data across devices via iCloud where supported
- To personalize your experience based on your profile settings
- To manage subscriptions and unlock premium features
- To improve our Apps and fix bugs
Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data under the following legal bases:
- Consent: AI-powered features, HealthKit access, location access, and camera access, as applicable to each App. You provide consent through iOS system permission prompts.
- Contract performance: Core app functionality such as data tracking, logging, and iCloud sync — necessary to deliver the services you requested.
- Legitimate interest: Analytics and crash reporting via Firebase, used to improve app quality and fix bugs.
Consent & How to Withdraw It
Where we rely on your consent, it is obtained through iOS system permission prompts (e.g., camera access, HealthKit access). You can withdraw consent at any time by revoking permissions in your device's Settings > Privacy & Security. Withdrawing consent does not affect the lawfulness of processing performed before withdrawal.
International Data Transfers
Some of your data is transferred to and processed in the United States by third-party service providers:
- Google (AI services, Firebase Analytics, Crashlytics) — protected by the EU-US Data Privacy Framework and Standard Contractual Clauses.
- RevenueCat (subscription management in applicable Apps) — protected by Standard Contractual Clauses.
Apple processes iCloud/CloudKit and HealthKit data according to their own data transfer mechanisms described in Apple's Privacy Policy.
Automated Decision-Making
Some of our Apps use AI to analyze photos, generate plans, or identify items. These AI-generated results are suggestions only and do not produce legal or similarly significant effects. You can always use manual entry instead of AI features, and you may edit or discard any AI-generated content.
Important: Mushroom identifications are for educational purposes only and should never be used as the sole basis for consuming wild mushrooms. Always consult an experienced mycologist.
Third-Party Services
Our Apps use the following third-party services:
- Google Gemini AI / Firebase AI: AI-powered analysis in applicable Apps, subject to Google's Privacy Policy.
- Firebase Vertex AI: AI content generation in applicable Apps, subject to Google's Privacy Policy.
- Firebase Analytics & Crashlytics: Anonymous analytics and crash reporting in all Apps.
- RevenueCat: Subscription management in applicable Apps, subject to RevenueCat's Privacy Policy.
- Apple HealthKit: Health data integration in applicable Apps, subject to Apple's Privacy Policy.
- Apple CloudKit: iCloud data sync in applicable Apps, subject to Apple's Privacy Policy.
- Apple WeatherKit: UV index and weather data in applicable Apps, subject to Apple's Privacy Policy.
- Apple StoreKit 2 / App Store: App distribution, in-app purchases, and subscriptions, subject to Apple's Privacy Policy.
- Apple App Attest / Firebase App Check: Backend abuse protection in applicable Apps, subject to Apple's Privacy Policy.
Data Storage & Security
Your data is stored locally on your device and may be synced via iCloud if enabled. We do not operate our own servers for storing user data. We implement appropriate security measures to protect your information. However, no method of electronic storage is 100% secure.
Data Retention
Your local data remains on your device until you delete the app or clear the app's data. Photos sent for AI analysis are processed in real-time and are not retained by us.
Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: View all your data within the Apps or request a copy of data we process.
- Rectification: Request correction of inaccurate personal data.
- Deletion: Delete your data by removing entries or uninstalling the Apps, or request that we delete data processed by third-party services on our behalf.
- Restrict processing: Request that we limit how your data is used.
- Data portability: Request your data in a machine-readable format.
- Withdraw consent: Revoke previously granted permissions at any time through your device's Settings.
- Opt-out of AI features: You can use manual entry instead of AI-powered analysis at any time.
EEA/UK residents: You have the right to lodge a complaint with your local data protection authority. In the UK, this is the Information Commissioner's Office (ICO). In the EU, contact your national data protection authority.
California residents (CCPA/CPRA): We do not sell or share your personal information as defined by the California Consumer Privacy Act. You will not be discriminated against for exercising any of your privacy rights.
To exercise any of these rights, contact us at support@jakubl.com.
Children's Privacy
Our Apps are not intended for children under 13. We do not knowingly collect personal information from children under 13.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.
Contact Us
If you have any questions about this Privacy Policy, please contact us at:
Last Updated: June 10, 2026