This Privacy Policy (“Policy”) describes how NSL Nutrition (Naama Sahar Levitt Nutrition) (“we”, “us”, or “our”) collects, uses, and shares your information when you use the SmartEat app (“Service”). By using the Service, you agree to the collection and use of information in accordance with this Policy. This Policy complies with Israel’s Protection of Privacy Law, 5741-1981, and other applicable regulations.
Interpretation and Definitions
Interpretation
Words with capitalized initial letters have meanings defined under the Definitions section. These definitions apply whether the terms appear in singular or plural.
Definitions
- Account: A unique account created for you to access the Service or its features.
- Application: The SmartEat mobile application.
- Country: Israel.
- Device: Any device used to access the Service, such as a smartphone, tablet, or computer.
- Personal Data: Any information relating to an identified or identifiable individual, such as name, email, or health metrics.
- Sensitive Personal Data: Health-related data, including date of birth, height, sex, sleep data, steps, and weight, accessed with your explicit consent via Apple’s Health app.
- Service: The features and functionalities provided by the SmartEat app, as described in the app and its documentation.
- Third-Party Service Provider: Entities that process data on our behalf, such as Firebase for authentication or OpenAI for AI-driven insights.
- Usage Data: Data collected automatically, such as device details, IP address, or interaction logs.
- You: The individual or entity accessing or using the Service.
Collecting and Using Your Personal Information
How We Collect Information
We collect information based on your interactions with the Service, including data you provide directly, data collected automatically, and data accessed with your consent from third-party integrations like Apple’s Health app. By using the Service, you consent to our collection, processing, and storage of your data as described in this Policy. You may withdraw consent at any time by discontinuing use of the Service and requesting data deletion.
Your Responsibility for Data Accuracy
You are responsible for ensuring the accuracy of any data you provide to the Service, including health data or personal information. We are not liable for any consequences arising from inaccurate or incomplete data provided by you.
Types of Data Collected
Personal Data
We may collect the following Personal Data when you use the Service:
- Identifiers: Name, email address, phone number, and login credentials.
- User Content: Data you upload to the app.
Sensitive Personal Data
With your explicit consent, we access the following health data from Apple’s Health app:
- Date of Birth: To personalize recommendations based on age.
- Height: To calculate metrics like BMI.
- Sex: To tailor health insights to sex-specific needs.
- Sleep Data: To analyze sleep patterns and provide wellness insights.
- Steps: To track daily activity and movement goals.
- Weight: To monitor progress toward weight management goals.
We also collect authentication data (e.g., FaceID, TouchID, or pattern lock) to secure your account.
Usage Data
Usage Data is collected automatically and may include:
- Device information (e.g., IP address, operating system, browser type).
- Interaction logs (e.g., pages visited, time spent, features used).
- Diagnostic data (e.g., crash reports, performance metrics).
Use of Your Personal Data
We use your data to:
- Provide health tracking, personalized insights, and recommendations.
- Authenticate users securely via biometric or other login methods.
- Enhance app functionality and user experience through analytics.
- Communicate with you about updates, subscriptions, or support inquiries.
- Comply with legal obligations under Israeli law.
- Leverage OpenAI APIs to personalize health insights (e.g., AI-driven recommendations).
Sharing of Your Personal Data
We may share your data with:
- Third-Party Service Providers: Trusted partners like Firebase (for authentication) and OpenAI (for AI personalization) process data on our behalf, adhering to strict privacy standards. We are not liable for the acts or omissions of Third-Party Service Providers, including any data breaches or privacy violations caused by them. You agree to review the privacy policies of these providers before using the Service.
- Legal Authorities: If required by law or to protect our rights, property, or user safety.
- Business Transfers: In the event of a merger, acquisition, or sale, your data may be transferred, with notice provided.
We do not sell or share your health data with third parties for marketing purposes.
Cookies and Tracking Technologies
The Service uses cookies and similar technologies to enhance your experience, analyze usage, and improve functionality. Cookies are small files stored on your device that help remember your preferences and settings.
Types of Cookies We Use
- Essential: Necessary for core functionality (security, routing, session integrity).
- Functional: Remember your choices (e.g., language, dismissing consent banners).
- Analytics: Aggregated usage statistics to improve content and performance (e.g., Google Analytics via gtag/Google Tag Manager).
Legal Basis and Consent
For Essential cookies, our legal basis is legitimate interests (site operation and security). For Analytics cookies, we rely on your consent. A consent banner may be shown; until you consent, only Essential and Functional cookies are active.
Retention Periods
- Session cookies are deleted when you close the browser.
- Persistent cookies may be stored longer (typically up to 13 months) unless you delete them sooner.
Managing Cookies
- Adjust your choice in the consent banner (if shown again), or request a reset at [email protected];
- Block/delete cookies in your browser settings (see your browser’s help pages);
- Opt out of Google Analytics via browser tools and/or your Google account settings.
Disabling Essential cookies may affect site functionality.
Third-Party Cookies and Providers
Some cookies are set by third parties when we integrate their services. Those providers process data under their own policies.
| Provider / Domain | Purpose | Type | Typical Duration |
|---|---|---|---|
Google Analytics / .google.com, .googletagmanager.com |
Aggregated visit statistics | Analytics | Up to 13 months |
| Firebase (Google) (if web authentication is used) | Sign-in session support, security | Essential | Session / up to 13 months |
See also: Google Privacy Policy.
Do Not Track Signals
There is no standardized response to browser “Do Not Track” signals. We will monitor developments and update this Policy if standards emerge.
Cookie Questions
If you have questions about cookies or want to change your choices, contact [email protected].
Crash and Diagnostic Data
We collect crash reports and diagnostic information via Firebase Crashlytics, including device details (e.g., device model, OS version, app version) and error reports. This data is used solely to:
- Identify and fix bugs and malfunctions;
- Improve app stability and performance.
Crash data is collected in an anonymized manner, is not linked to your identity, and is not used for advertising or cross-app tracking.
Data Protection Mechanisms
We implement robust security measures to protect your data, including:
- Encryption: Data is encrypted in transit (SSL) and at rest.
- Access Controls: Only authorized personnel can access your data, based on role.
- Regular Audits: We review our practices to prevent unauthorized access.
- Secure Storage: Health data is stored securely, with processing often occurring locally on your device.
While we strive to ensure data security, no system is infallible. You use the Service at your own risk.
Data Breach Notification
If a data breach may affect your Personal Data, we will notify you promptly as required by Israeli law, using the contact information you provided. We are not liable for damages resulting from a breach unless caused by our gross negligence or willful misconduct.
Retention of Your Personal Data
We retain your data only as long as necessary to provide the Service or comply with legal obligations. Upon account deletion, we securely erase your data, except where retention is required by law.
Transfer of Your Personal Data
The Service is hosted in Israel. By using the Service, you consent to your data being transferred to and processed in Israel, even if your region has different data protection laws. If you do not consent, please discontinue use and request data deletion at [email protected].
Delete Your Personal Data
You have the right to delete your data. To do so:
- Use in-app account settings to delete specific data or request account deletion.
- Contact [email protected] to request full data deletion.
We may retain certain data if required by law or for legitimate business purposes (e.g., resolving disputes).
Business Transactions
If we are involved in a merger, acquisition, or asset sale, your Personal Data may be transferred. We will provide notice before your data is transferred and becomes subject to a different Privacy Policy.
Your Privacy Rights in Israel
Under Israel’s Protection of Privacy Law, 5741-1981, you have the following rights:
- Access: Request access to your Personal Data and health data.
- Correction: Request corrections to inaccurate data.
- Deletion: Request deletion of your data, subject to legal obligations.
- Withdraw Consent: Revoke consent for health data access via your device settings.
To exercise these rights, contact [email protected]. We will respond within the legally required timeframe.
Children’s Privacy
We do not knowingly collect data from children under 13 without verifiable parental consent, in compliance with Israel’s privacy laws and GDPR (where applicable). If we discover such data, we will delete it promptly. Contact [email protected] if you believe a child’s data was collected without consent.
Links to Other Websites
The Service may link to third-party websites (e.g., icon/media providers). We are not responsible for their privacy practices. Review their privacy policies before interacting.
Disclaimer of Warranties
To the fullest extent permitted by Israeli law, we provide the Service “as-is” without warranties, express or implied, regarding the security, accuracy, or availability of your data. We disclaim liability for any data breaches or service interruptions, though we take reasonable measures to protect your information.
Changes to This Privacy Policy
We may update this Policy to reflect changes in our practices or legal requirements. Continued use of the Service after updates indicates your acceptance. Review this Policy periodically in the app’s settings.
Contact Us
For questions about this Privacy Policy or your data, contact us at:
- Email: [email protected]
We are committed to addressing your inquiries promptly. View our Terms and Conditions for details on Service usage.