Privacy Policy

Mivro ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application, website, and services (collectively, the "Services").

1. Information We Collect

1.1 Information You Provide

• Account Information: Email address, password (encrypted), display name, profile photo, and phone number.
• Health Profile: Age, gender, height, weight, BMI, allergies, dietary preferences, and medical conditions.
• User-Generated Content: Chat messages with our AI assistants (Lumi, Savora, Swapr), uploaded images, and files.

1.2 Automatically Collected Information

• Product Scan Data: Barcode numbers and product information from scanned items.
• Usage Data: Search queries, scan history, favorite products, and interaction patterns.
• Technical Data: Device type, browser information, IP address, and session data.

1.3 Third-Party Data

• Product Information: We retrieve product data from OpenFoodFacts API based on barcode scans.

2. How We Use Your Information

• Service Provision: To analyze product nutritional content, provide personalized health recommendations, and generate AI-powered recipe suggestions.
• Personalization: To tailor product recommendations and health insights based on your health profile and dietary preferences.
• Account Management: To create and manage your account, authenticate access, and enable profile updates.
• Service Improvement: To analyze usage patterns, identify products not found in our database, and enhance our AI models.
• Communication: To send password reset emails and account-related notifications.

3. Data Storage and Security

• Cloud Storage: Your data is stored using Firebase Firestore, a secure cloud database service provided by Google.
• Local Storage: The mobile app stores authentication status and session data locally on your device using SharedPreferences.
• Encryption: Passwords are hashed using industry-standard encryption (Werkzeug security).
• Access Control: API requests require authentication via email and password headers for protected routes.

4. Third-Party Services

We use the following third-party services:

• Firebase (Google): Authentication and database services.
• Google Gemini AI: AI-powered nutrient analysis, recipe generation, and product recommendations.
• OpenFoodFacts: Product information database (public API).

These services may collect information as described in their respective privacy policies.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share data only in the following circumstances:

• AI Processing: Your health profile and product data are sent to Google Gemini AI for analysis and recommendations.
• Legal Compliance: When required by law or to protect our rights and safety.
• Service Providers: With trusted partners who assist in operating our Services (Firebase, Google Cloud).

6. Your Rights and Choices

• Access and Update: You can view and update your profile information through the app settings.
• Delete Data: You can delete your scan history, favorite products, chat history, and flagged products through the app.
• Account Deletion: You can permanently delete your account, which will remove all associated data from our database.
• Email Updates: You can update your email address through account settings.
• Logout: You can log out at any time to end your session.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide Services. When you delete your account, we permanently remove all your data from our database, including scan history, chat history, health profile, favorite products, and all personal information. No data is retained after account deletion.

8. Children's Privacy

Our Services are not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place through our use of Firebase and Google Cloud services, which comply with international data protection standards.

10. Cookies and Tracking

Our website uses cookies and similar technologies for authentication, session management, and analytics. The mobile app uses local storage for session persistence. You can control cookie preferences through your browser settings.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by updating the "Last Updated" date. Continued use of our Services after changes constitutes acceptance of the updated policy.

12. Open Source

Mivro is an open-source project. Our source code is publicly available on GitHub. While the code is open, user data remains private and protected as described in this policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: privacy@mivro.org
GitHub: github.com/1MindLabs