← Back

Privacy Policy

Last updated: June 2026

Edwin is built around your personal health data. This policy explains exactly what we collect, why we collect it, and how we protect it.

1. What We Collect

Account information (via Google Sign-In / Firebase Auth):

  • Your name and email address
  • Google account profile photo (display only)
  • Authentication tokens managed by Firebase

Fitness profile (entered by you):

  • Age, sex, height, weight
  • Target weight and fitness pace
  • Fitness phase (Cut / Lean Bulk / Maintenance / Dirty Bulk)
  • Activity level
  • Dietary restrictions, allergies, and ingredient preferences

Generated content:

  • Meal plans and recipes generated by the app
  • Food label scan results
  • Approved ingredients registry

Usage data:

  • App errors and crash reports (associated with your user ID)
  • Basic usage events to improve the service

2. What We Do Not Collect

  • • Payment card details (handled entirely by Stripe)
  • • Location data
  • • Contacts or address book
  • • Data from health platforms (Samsung Health, Apple Health, Fitbit) unless you explicitly connect them — and that integration is not yet live
  • • Advertising identifiers or third-party tracking data

3. How We Use Your Data

Your data is used solely to provide and improve the Edwin service:

  • • Your fitness profile is used to calculate your TDEE, daily macros, and personalise recipe generation
  • • Meal plan and recipe requests are sent to the Anthropic Claude API to generate AI responses. Only the data needed to complete your request is sent — we do not send your full profile to Anthropic unless it is needed for personalisation
  • • Ingredient names from label scans are sent to the USDA FoodData Central API to retrieve nutrition data
  • • Error logs are used to diagnose and fix bugs

We do not sell your data. We do not use your data for advertising.

4. Third-Party Services

Edwin uses the following third-party services:

  • Firebase (Google) — authentication and data storage. Google Privacy Policy applies to Firebase services.
  • Anthropic — AI-powered content generation. Requests sent to Anthropic are subject to Anthropic's API usage policies. Edwin does not share identifying information with Anthropic.
  • USDA FoodData Central — public nutrition database. No personal data is sent to USDA.
  • Stripe — payment processing. Stripe handles all payment data under its own PCI-compliant infrastructure. Edwin never sees your card details.
  • Vercel — app hosting and serverless functions. Vercel processes request data to serve the app.

5. Data Storage and Security

Your data is stored in Firebase Firestore, hosted on Google Cloud infrastructure with encryption at rest and in transit. We apply reasonable security measures to protect your data from unauthorised access, loss, or disclosure.

No method of electronic storage is 100% secure. We cannot guarantee absolute security, but we take your data protection seriously and follow industry best practices.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law or for legitimate business purposes (such as resolving disputes or fraud prevention).

Generated recipes and meal plans are stored until you delete them or your account is closed.

7. Your Rights

Depending on your location, you may have the right to:

  • • Access the personal data we hold about you
  • • Request correction of inaccurate data
  • • Request deletion of your account and associated data
  • • Object to or restrict certain processing
  • • Data portability (receiving your data in a structured format)

To exercise any of these rights, contact us at support@edwin.app. We will respond within 30 days.

8. Children's Privacy

Edwin is not intended for users under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via the app or email. Continued use of Edwin after changes take effect constitutes acceptance of the updated policy.

10. Contact

Questions or concerns about your privacy? Contact us at: support@edwin.app