Privacy Policy

Last Updated: September 1, 2025

FitScan AI ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how Little Grass Co. Limited collects, uses, discloses, and safeguards your information when you use our mobile application (the "App").

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the App.

            Key Summary for AI Features: Our App uses Artificial Intelligence to analyze food. This
            means we process images you upload to estimate calories and nutrients. We may use anonymized image data to
            improve our AI models.
        

1. Information We Collect

We collect information that you provide directly to us, information automatically collected when you use the App, and information from third-party sources.

a. Personal Data You Provide

Account Information: Name, email address, password, and profile photo when you register.
Health and Fitness Data: Age, gender, height, weight, activity level, dietary goals, and allergies. This is considered sensitive personal data, and we process it with your explicit consent.
User Content: Photos of food you upload for scanning, meal logs, and notes.

b. Information Collected Automatically

Device Information: Device model, operating system version, unique device identifiers (UDID), and mobile network information.
Usage Data: Information about how you use the App, such as features used, time spent, and crash reports.
Location Data: General location data (based on IP address) to provide localized food databases. We do not track precise GPS location without your permission.

c. App Permissions

To function, the App may request access to your device's:

Camera/Gallery: To take or upload photos of food for AI analysis.
Push Notifications: To send reminders for meal logging.

2. How We Use Your Information

We use the information we collect for the following purposes:

To Provide Service: processing food images via our AI algorithms to calculate nutrition data.
To Improve AI Models: Using de-identified (anonymized) food images to train and refine our machine learning algorithms for better accuracy.
Personalization: Tailoring meal recommendations and calorie goals based on your health data.
Communication: Sending you administrative information, updates, and marketing communications (which you can opt-out of).
Analytics: Analyzing usage trends to improve user experience.

3. Disclosure of Your Information

We may share information we have collected about you in certain situations. Your information may be disclosed as follows:

a. Service Providers

We may share your data with third-party vendors who perform services for us, such as:

Cloud Hosting: (e.g., AWS, Google Cloud) to store data.
AI Processing: Third-party AI APIs (if applicable) for image recognition.
Analytics: (e.g., Google Analytics, Firebase) to analyze app performance.

b. Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

c. Business Transfers

If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction.

4. Data Retention

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.

If you delete your account, we generally delete your personal data within 30 days, though some anonymized data (used for AI training) may be retained.

5. Security of Your Information

We use administrative, technical, and physical security measures to help protect your personal information. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.

6. Your Data Rights

Depending on where you live, the laws of your country, state, or province may have certain privacy rights over how your personal information is collected, stored, used and shared, including:

a. Rights Available to All Users

Right to Access / Know: You have the right to confirm whether we are processing your personal data and to request a copy of the data we hold about you.
Right to Rectification (Correction): You can edit your profile information (such as weight, height, and goals) directly within the App. If you find other data to be inaccurate or incomplete, you have the right to request that we correct it.
Right to Erasure (Deletion): You have the right to delete your account and personal data at any time. You can find a "Delete Account" option within the App settings. Once confirmed, we will remove your personal identifiers from our active systems.
Right to Withdraw Consent: Where we rely on your consent to process your data (e.g., for tracking health metrics or marketing), you have the right to withdraw that consent at any time.
Right to Data Portability: You have the right to request a copy of your personal data in a structured, machine-readable format to transfer to another service.

In addition to the rights if you are located in the EEA or UK:

Right to Restrict Processing: You may ask us to suspend the processing of your personal data in certain scenarios (e.g., if you want us to establish its accuracy).
Right to Lodge a Complaint: You have the right to complain to a Data Protection Authority (DPA) about our collection and use of your personal data.

In addition to the rights residents of the U.S. have the following specific protections:

Non-Discrimination: We will not discriminate against you (e.g., by denying goods or charging different prices) for exercising your privacy rights.
"Do Not Sell or Share" My Personal Info: We do not sell your personal data for money. However, if we use third-party advertising partners, this may be considered "sharing" under California law. You have the right to opt-out of such sharing by contacting us.
Authorized Agent: You may designate an authorized agent to make a request on your behalf.

7. Children's Privacy

Our Services are not intended for children under 13 (or 16 in certain jurisdictions like the EEA). We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without verification of parental consent, we will take steps to remove that information from our servers.

8. International Data Transfers

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction.

If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including personal data, to the United States (or other server locations) and process it there.

9. Health Connect / Apple HealthKit

If you choose to integrate the App with Apple HealthKit or Google Health Connect:

We only read/write data that you explicitly authorize.
We do not use data obtained through HealthKit/Health Connect for advertising purposes or sell it to third parties.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Little Grass Co. Limited
Email: [email protected]