Nutix
Nutix

Privacy Policy

Last updated: December 15, 2025 | Effective: December 15, 2025

At Nutix, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered calorie tracking application. Please read this policy carefully to understand our practices regarding your personal data.

Data Controller

The data controller responsible for your personal data is:

Hakim Mohamed
Email: kemstroarab@gmail.com

Information We Collect

We collect information that you provide directly to us when using the Nutix app:

  • Account Information: Your name and email address when you create an account
  • Authentication Data: Information received from Apple or Google when you use Sign in with Apple or Sign in with Google
  • Device Information: Device tokens for sending push notifications
  • Health and Fitness Data: Nutrition information, meal logs, weight measurements, fasting records, and data synced from Apple HealthKit
  • Photo Data: Food photos you take for AI nutritional analysis
  • Usage Data: Information about how you interact with the app, including app preferences and settings

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Create and manage your account
  • Analyze food photos using AI to estimate nutritional content
  • Sync health data with Apple HealthKit at your request
  • Send you push notifications about meal reminders, fasting timers, and other app-related updates
  • Analyze usage patterns to enhance the user experience
  • Diagnose technical issues and improve app stability
  • Respond to your inquiries and support requests

Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide you with the Nutix service, including account creation, meal tracking, and AI nutritional analysis
  • Consent: For processing health data from HealthKit and sending marketing communications. You can withdraw consent at any time
  • Legitimate Interests: For improving our services, ensuring security, and analyzing app usage to enhance user experience
  • Legal Obligations: When we need to comply with applicable laws and regulations

Health and Fitness Data

Nutix collects sensitive health and fitness information to provide our core service. This includes:

  • Nutritional intake and calorie consumption
  • Weight and body measurements
  • Fasting schedules and duration
  • Data from Apple HealthKit (with your explicit permission)

Important: We treat health data with the highest level of protection. Your health data is:

  • Encrypted in transit and at rest
  • Never sold to third parties
  • Never used for advertising purposes
  • Never used to train AI models - your personal data remains private and is only used to provide services to you

Photo Data and AI Processing

When you take photos of food for nutritional analysis:

  • Photos are processed by our AI to estimate nutritional content
  • Photos are stored securely on our servers
  • Your photos are NOT used to train our AI models
  • You can delete your photos at any time through the app

Apple HealthKit Integration

If you choose to connect Nutix with Apple HealthKit:

  • We only access HealthKit data with your explicit permission
  • HealthKit data is used solely to provide and improve your nutrition tracking experience
  • We do not share HealthKit data with third parties for advertising or marketing
  • HealthKit data is not sold to data brokers or information resellers
  • You can revoke HealthKit access at any time in your device settings

Third-Party Services

We use the following third-party services that may collect information:

  • Sign in with Apple: If you choose to sign in with Apple, we receive your name and email address (or a relay email if you choose to hide your email) from Apple. Apple's Privacy Policy
  • Sign in with Google: If you choose to sign in with Google, we receive your name and email address from Google. Google's Privacy Policy
  • Firebase Crashlytics: We use Crashlytics to collect crash reports and diagnostic information to improve app stability. This may include device information, app state, and crash logs. Firebase Privacy Policy
  • Amazon Web Services (AWS): We use AWS to host our servers and store your data securely. AWS Privacy Policy

Data Sharing and Sale of Information

We do not sell your personal information to anyone.

We may share your information only in the following circumstances:

  • With Service Providers: We share data with Apple, Google, and AWS as necessary to provide authentication services, crash reporting, and data hosting
  • For Legal Compliance: We may disclose information if required by law or in response to valid legal requests
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred

Data Storage and International Transfers

Your data is stored on secure servers located in the European Union (AWS EU region).

Some of our third-party service providers (such as Firebase Crashlytics) may process data in the United States. When data is transferred outside the EEA, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Transfers to countries with adequate data protection laws
  • Certification schemes such as EU-US Data Privacy Framework

Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS/SSL)
  • Encryption of data at rest
  • Secure authentication mechanisms
  • Regular security assessments

However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data
  • Data Portability: Request a copy of your data in a structured, machine-readable format
  • Restriction: Request restriction of processing in certain circumstances
  • Object: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw your consent at any time where we rely on consent to process your data

Right to Lodge a Complaint: If you are in the EEA, you have the right to lodge a complaint with your local data protection supervisory authority if you believe we have violated your privacy rights.

To exercise any of these rights, please contact us at kemstroarab@gmail.com. We will respond to your request within 30 days.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You can request information about the categories and specific pieces of personal information we have collected about you
  • Right to Delete: You can request deletion of your personal information, subject to certain exceptions
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

Notice Regarding Sale of Personal Information: We do not sell personal information as defined by the CCPA. We have not sold personal information in the preceding 12 months.

To exercise your California privacy rights, contact us at kemstroarab@gmail.com.

Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes.

Account Deletion

You can delete your account and all associated data at any time:

  • Open the Nutix app
  • Go to Settings
  • Select "Delete Account"
  • Confirm your decision

Upon deletion, all your personal data, including meal logs, photos, and health data, will be permanently removed within 30 days.

Children's Privacy

Nutix is not intended for children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under the applicable age, we will take steps to delete that information promptly. If you believe we have collected information from a child, please contact us immediately.

Tracking Technologies

Mobile App: We do not use advertising trackers or sell data to advertisers. We only use Firebase Crashlytics for crash reporting and app stability monitoring.

Website: Our website does not use cookies for tracking or advertising purposes.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page, updating the "Last updated" date, and where appropriate, notifying you via the app or email. We encourage you to review this Privacy Policy periodically for any changes.

Contact Us

If you have any questions about this Privacy Policy, our privacy practices, or wish to exercise your data protection rights, please contact us at:

Hakim Mohamed
kemstroarab@gmail.com