← Nourish

Privacy Policy

Effective date: 2026-07-03 Last updated: 2026-07-03

Nourish ("Nourish", the "App") is operated by PiziZC, an individual developer ("we", "us", "our"). This Privacy Policy explains what data the App processes, why, where it is stored, who it is shared with, and the choices and rights you have. By using Nourish you agree to this Policy. If you do not agree, please do not use the App.

Contact: fjrun@zilch-tokyo.co.jp


1. What Nourish Is

Nourish helps you record meals, activity, body measurements, and goals; import data from Apple Health; and receive AI-assisted nutrition and activity estimates. Nourish also learns a personalized estimate of your energy expenditure from your logged intake and weight trend.

Nourish is a wellness and self-tracking tool. It is not a medical device and does not provide medical, diagnostic, nutritional-therapy, or treatment advice. See our separate Health & Medical Disclaimer and AI Disclaimer.

2. Data We Process

Depending on how you use the App, we may process:

We do not intentionally collect precise location, contacts, browsing history, or advertising identifiers.

3. How Health Data Is Used (Apple Health)

4. AI Processing

When you use AI meal (text or image) or activity estimation, the content you submit is sent through our server-side gateway (a Cloudflare Worker) to our AI provider, Google (Gemini API), which returns an estimate. Please avoid submitting content you do not want processed for this purpose. AI results may be inaccurate; you can edit them before saving, and manual entry is always available. See the AI Disclaimer.

5. Where Data Is Stored

6. Service Providers (Sub-processors)

We rely on the following providers, who process data only to operate, secure, and support the App:

ProviderPurposeData
**Supabase**Authentication, database, row-level access control, export, account deletionAccount data, your records
**Cloudflare**AI gateway and backend endpointsAI request content, access tokens
**Google (Gemini API)**AI nutrition/activity estimatesThe meal text/photo or activity text you submit
**RevenueCat / Apple App Store**Subscription purchase, restore, and entitlementSubscription state (no card numbers)
**Sentry**Crash and error monitoringDiagnostic/technical data
**Apple HealthKit**Optional, read-only health import (on-device)Health data you authorize

7. Legal Bases (EEA/UK, where applicable)

Where GDPR applies, we process data to perform our contract with you (providing the App's features), for our legitimate interests (security, abuse prevention, service reliability), on the basis of your consent (Apple Health access; submitting content to AI), and to meet legal obligations. You may withdraw consent at any time.

8. International Transfers

We operate from Japan and use providers that may process data in the United States and other countries. Where required, transfers rely on appropriate safeguards (such as standard contractual clauses or an adequacy decision).

9. Your Choices & Rights

Within the App's "导出与删除" (Export & Delete) you can:

Depending on your jurisdiction you may also have rights to access, correct, restrict, or object to processing, and to data portability. To exercise these, contact us at the email above. You can revoke Apple Health access in iOS Settings at any time.

10. Data Retention

We keep records while your account or local data exists. When you delete your account, we delete your authentication user and associated cloud app data. We may retain a minimal account-deletion audit record (to investigate deletion success/failure) and any records required for legal, security, or abuse-prevention purposes. This audit record is not designed to expose your food, activity, or body records. Local data remains on your device until you clear it, delete your account, or uninstall the App.

11. Security

Server-side API keys are kept out of the App. Our gateway validates authentication tokens for AI and account-deletion requests, and Supabase row-level security restricts each user to their own records. No method of storage or transmission is perfectly secure.

12. Children

Nourish is not directed to children under 13 (or the higher minimum age in your country, such as 16 in parts of the EEA). Do not use Nourish to submit data about a child without appropriate consent and legal authority.

13. Do Not Sell

We do not sell your personal data, and we do not use your health data for advertising.

14. Changes

We may update this Policy as the App evolves. We will change the "Last updated" date and, for material changes, provide reasonable notice in the App.

15. Contact

Questions or requests: fjrun@zilch-tokyo.co.jp