IngreIQ

Privacy Policy

Last updated: May 29, 2026

Under attorney review. This document has been drafted for US legal compliance and is currently under review by qualified US legal counsel. It will be finalised before IngreIQ's public launch.

IngreIQ (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the IngreIQ mobile application and website. Please read it carefully.

1. Information We Collect

We collect the following categories of information:

Account information: Email address, display name, and authentication credentials when you create an account.

Health profile information: Health conditions, allergens, dietary preferences, and medications you voluntarily provide to receive personalised ingredient analysis. This is sensitive health data and is protected accordingly (see Section 4).

Scan history: Records of products you have scanned, including barcodes, timestamps, and composite health scores.

Location data: Your postal code (US: 5-digit ZIP; UK: outward code only, e.g. SW1A) and country, collected at onboarding (see Section 5).

Family profile information: For household members you add to your account: a parent-defined label (not a real name), approximate age, conditions, allergens, and dietary preferences. Date of birth is never collected (see Section 9).

Device and technical information: Device type, operating system, app version, and crash reports collected automatically for service improvement.

Usage data: Features used, scan frequency, and anonymised interaction patterns to improve the App.

2. How We Use Your Information

We use the information we collect to:

  • Provide and personalise the ingredient health analysis service
  • Score products against your specific health profile and allergen list
  • Display family matrix scores for all household members simultaneously
  • Send transactional account emails (registration, subscription confirmation, deletion confirmation)
  • Build anonymised, aggregated regional analytics for our B2B data product (see Section 3)
  • Improve the accuracy of our ingredient database and scoring engine
  • Respond to your support requests
  • Comply with legal obligations

We do not use your health information for advertising, sell it to data brokers, or share it with employers, insurers, or government agencies.

3. Information Sharing and Disclosure

We share information only with the following categories of third parties:

Service providers (processors): Supabase (database and authentication), Anthropic (AI ingredient analysis), Stripe and RevenueCat (subscription billing), Sentry (error monitoring), PostHog (product analytics), and Resend (transactional email). Each processor is contractually required to protect your data and may only use it to provide services to us.

B2B analytics customers: We share anonymised, aggregated, regional basket trend data with business customers (retailers, brands). This data never contains individual user identifiers, email addresses, health conditions, or any data linked to a specific person. K-anonymity is enforced: no postcode-level data is shared when fewer than 50 households match. Child profile data is never included in any B2B product.

Legal requirements: We may disclose information if required by law, court order, or to protect the rights and safety of IngreIQ and its users.

We do not sell your personal information. Ever.

4. Health Data Protection

Health condition data, allergen information, and medication information are classified as sensitive personal data. We apply the following protections:

  • Encryption at rest: AES-256 encryption for all health data stored in our database
  • Encryption in transit: TLS 1.3 for all data transmitted between the App and our servers
  • Access controls: Row Level Security (RLS) on all database tables — your health data is accessible only to you and the service processes that serve your requests
  • Minimisation: We collect only the health information you choose to provide and that is necessary to deliver personalised scoring

We process health data under your explicit consent, given when you choose to enter this information into the App. You may delete this data at any time (see your rights in Sections 7 and 8).

5. Location Data

We collect your approximate location at the postcode level during onboarding. This is used to:

  • Match products to your regional supermarket formulations (ingredients can differ by country)
  • Contribute to anonymised regional basket trend analytics (for our B2B product)
  • Determine applicable legal jurisdiction for your account

US users: We store your full 5-digit ZIP code. This covers approximately 10,000 residents on average and is not considered directly identifying at this level of granularity.

UK users: We store only the outward code portion of your postcode (e.g., SW1A not SW1A 1AA). Full UK postcodes cover approximately 15 addresses and constitute personal data under UK GDPR. We never store or process full UK postcodes.

We do not collect GPS coordinates, precise real-time location, or track your physical movements.

6. Data Retention

  • Account data: Retained until you delete your account
  • Health profile data: Retained until you delete your account or specific profiles
  • Scan history: Retained for 2 years, then automatically deleted
  • Family (child) profile data: Deleted within 30 days of a parent deletion request (COPPA and GDPR-K requirement — see Section 9)
  • Anonymised aggregate analytics: Retained indefinitely (no personal data)
  • Account deletion: When you delete your account, all personal data is removed within 30 days. Anonymised aggregate data that cannot be linked to you is retained.

7. Your Privacy Rights — United States (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you the following rights:

  • Right to Know: You may request a copy of the personal information we have collected about you in the past 12 months
  • Right to Delete: You may request deletion of your personal information, subject to certain exceptions
  • Right to Opt-Out of Sale: We do not sell personal information. No opt-out is required
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights
  • Right to Correct: You may request correction of inaccurate personal information we hold about you

To exercise these rights, contact us at privacy@ingreiq.com or use the account deletion feature in the App. We will respond within 45 days. You may designate an authorised agent to make requests on your behalf.

8. Your Privacy Rights — United Kingdom and European Union (UK GDPR / GDPR)

If you are located in the UK or EU, you have the following rights under UK GDPR and EU GDPR:

  • Right of Access: Obtain a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure (“Right to be Forgotten”): Request deletion of your data in certain circumstances
  • Right to Restriction of Processing: Request that we limit how we use your data
  • Right to Data Portability: Receive your data in a machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Rights related to automated decision-making: We do not make solely automated decisions with legal or similarly significant effects

Our legal bases for processing are: contract (to provide the App service),explicit consent (for health data), and legitimate interests(for analytics and service improvement).

To exercise your rights, contact privacy@ingreiq.com. We will respond within 30 days. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) or your local EU supervisory authority.

9. Children's Privacy (COPPA)

IngreIQ does not permit children under 13 to create accounts. The App is designed for adults who manage household food choices.

Family profiles for children under 18 may only be created by a parent or legal guardian. When creating a child profile, the parent must provide explicit consent using the following verbatim language:

“I am the parent or legal guardian of this child. I consent to storing this dietary safety information to personalise food scanning for my household. I understand this is health information to help me shop, not medical advice, and I can delete this data at any time from Settings.”

What we collect for child profiles: A parent-defined label (never a real name), approximate age in years, health conditions, allergens, and dietary preferences. We never collect or store a child's real name or date of birth.

Deletion of child data: Parents may delete all child profile data at any time via Settings > Delete All Family Profile Data. Deletion is completed within 30 days. A confirmation email is sent when deletion is complete.

IngreIQ provides the following simple-English notice to parents before creating any child profile: “We want to help your family eat safer. To do this, we need to know your kids' ages and any health needs. We don't store their real names, and this info is only used to run our safety checks for you. It's never shared with anyone, and you can delete it anytime.”

If you believe a child under 13 has provided us with information without parental consent, please contact privacy@ingreiq.com immediately and we will delete it promptly.

10. Cookies and Tracking Technologies

Mobile App: The IngreIQ mobile App does not use browser cookies. We use device storage (AsyncStorage) solely to maintain your session and app preferences.

Website (ingreiq.com, /terms, /privacy): Our website uses the following cookies:

  • Strictly necessary cookies: Required for the website to function. Cannot be disabled.
  • Analytics cookies: Used with PostHog to understand how visitors use our site. These are anonymised and do not track you across other websites. You may opt out via your browser settings or by contacting us.

We do not use advertising, tracking, or profiling cookies on any of our web properties.

11. Third-Party Services

IngreIQ integrates with the following third-party services. Each has its own privacy policy:

  • Supabase — Database, authentication, and storage (supabase.com/privacy)
  • Anthropic — AI ingredient analysis. Ingredient data is sent to Anthropic's API for processing. Your personal health profile is not sent; only anonymised product ingredient data and a hashed profile context are transmitted. (anthropic.com/privacy)
  • Stripe — Payment processing for web subscriptions (stripe.com/privacy)
  • RevenueCat — In-app purchase management for iOS and Android (revenuecat.com/privacy)
  • PostHog — Product analytics (posthog.com/privacy)
  • Sentry — Error monitoring. Crash reports may include device metadata but not health data (sentry.io/privacy)
  • Resend — Transactional email delivery (resend.com/privacy)
  • Open Food Facts — Product ingredient data source (openfoodfacts.org/privacy)
  • USDA FoodData Central — US product data source (fdc.nal.usda.gov)

12. Security

We implement administrative, technical, and physical safeguards to protect your personal information:

  • AES-256 encryption for all health data at rest
  • TLS 1.3 encryption for all data in transit
  • Row Level Security (RLS) on all database tables — enforced at the database layer
  • API keys stored as SHA-256 hashes only — raw keys never retained
  • Regular security reviews and dependency audits
  • Principle of least privilege for all internal access

No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security. In the event of a data breach that affects your rights and freedoms, we will notify affected users and applicable authorities as required by law.

13. Contact Us

For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact our Privacy team:

Email: privacy@ingreiq.com
Response commitment: We will respond to all privacy requests within 30 days.
Subject line: Please use “Privacy Request” to ensure prompt routing.

UK and EU residents may also contact the UK Information Commissioner's Office (ICO) at ico.org.uk or their local EU data protection supervisory authority if they have unresolved concerns.