HomeProtocolsFastingPricingRecipesBlog

Privacy Policy

Last updated: 23 April 2026

App: Keto Dieting — Plans & Recipes (co.uk.ketodieting.app)

Operator / Data Controller: ZenApps UK (Web Print & Signs Ltd), Burnley, Lancashire, United Kingdom

Contact: support@ketodieting.co.uk

Website: https://ketodieting.co.uk

This Privacy Policy explains what data Keto Dieting (“the App”, “we”, “our”) accesses, collects, stores, and shares, and how we protect your rights under UK GDPR and Google Play’s User Data and Health Content policies.

1. Summary

  • We collect Health & Fitness data you enter (weight, measurements, food, water, fasting, goals, mood) and use it to calculate macros, personalise plans, and render your charts.
  • We collect account data (email, display name) so your data syncs across devices.
  • We never sell your data, never use it for advertising, and never share it with data brokers.
  • Meal/barcode scanning, voice logging, and before/after photos use your camera, microphone, and photo library, but raw images and audio are not retained on our servers.
  • You can delete your account and all data at any time from Profile → Delete Account.

2. Data We Access and Collect

2.1 Account Data

  • Email address (required for sign-in, password reset, and account recovery)
  • Display name (optional)
  • Authentication tokens (managed by Supabase Auth)

2.2 Health & Fitness Data (sensitive)

The App is built around health tracking. When you use these features, the following data is collected and stored on our servers so it can sync across your devices:

  • Body metrics: weight, height, age, gender, target weight, body measurements (chest/waist/hips, optional)
  • Food & nutrition: meals logged, macros (carbs, fat, protein, fibre), calories, water intake, meal timings
  • Fasting: fasting window selection, start/end times, streaks
  • Goals & preferences: reasons for using the app, activity level, keto type, dietary filters (religious, lifestyle, allergies, medical), selected protocol
  • Mood / energy logs (optional)
  • Progress photos (before/after) — stored in Supabase Storage, only you can view them

2.3 Device & Technical Data

  • Device model, OS version, app version, locale, timezone, country/region (for pricing tier and localisation — via expo-localization)
  • Crash logs and diagnostic events (no personal content)
  • Approximate city name for the optional Community map (never GPS coordinates; only stored if you opt in)

2.4 Permissions We Request

PermissionWhyRetention
CameraScan food barcodes · photograph meals for macro analysis · capture before/after photosBarcode/meal images: processed then discarded. Progress photos: stored only if you save them.
MicrophoneOptional voice-to-text for quick food loggingAudio is transcribed on-device or via a short-lived API call, then discarded. Only the resulting text is stored.
Photo libraryUpload meal photos or before/after photos you selectOnly the images you explicitly choose are accessed.
Location (approximate, foreground only)Community map — show your city alongside other usersOnly the city name is stored, never coordinates. Fully optional.
NotificationsFasting reminders, meal reminders, streak alertsDelivered via Expo/FCM; you can disable at any time.

2.5 Subscription & Purchase Data

  • Subscription status and entitlement (Pro / Lifetime / Free) — managed by RevenueCat
  • We never see your card number; payments are handled entirely by Google Play / Apple.

2.6 Data We Do Not Collect

  • Precise GPS coordinates
  • Contact lists / address book
  • SMS, call logs, or browsing history
  • Advertising IDs for cross-app tracking
  • Financial or payment card details

3. How We Use Your Data

PurposeData used
Calculate your daily macros (carbs/fat/protein/calories)Body metrics, activity level, goal, selected protocol
Render charts, streaks, and weight predictionFood logs, weight logs, fasting logs
Personalise ASKETO coach responsesChat message + a short summary of recent macros/goal
Sync across your devicesEverything above, via Supabase (EU region, encrypted)
Fix bugs and improve the appCrash reports, anonymised usage events
Process subscriptions and trialsPurchase token + entitlement (via RevenueCat)
Send optional remindersPush token (Expo/FCM)

We do not use your health data to build advertising profiles, and we do not share it with analytics partners for marketing purposes.

4. ASKETO AI Coach — How Your Messages Are Processed

When you chat with ASKETO, your message and a small amount of relevant context (current macros, goal, selected protocol) are sent to OpenRouter, which routes the request to an AI model (currently OpenAI gpt-4o-mini or Google gemini-2.0-flash) to generate a response.

  • Messages are sent over TLS 1.3.
  • OpenRouter and the underlying model providers do not use your messages to train their models (per their zero-retention / no-training API policy).
  • We store your chat history in your own Supabase account so you can see past conversations. You can wipe it from Profile → Clear Chat History.

5. Third-Party Sub-Processors

ServiceRoleWhereWhat they see
Supabase (Supabase, Inc.)Database, authentication, file storageEU (Frankfurt)Account data, health data, progress photos — all encrypted at rest and behind Row-Level Security
RevenueCat (RevenueCat, Inc.)Subscription managementUSAnonymous app user ID, purchase token, entitlement status
OpenRouter (OpenRouter, Inc.)AI model routing for ASKETOUSChat message + short macro/goal context (no account identifiers beyond an anonymous session ID)
Expo / EAS (650 Industries, Inc.)Build infrastructure, push notificationsUSPush tokens, crash logs
Google Play Billing (Google LLC)Android purchasesGlobalPurchase data (we never see card details)
Amazon AssociatesAffiliate product linksUSNone — outbound link tracking only happens after you tap a product

All sub-processors have signed Data Processing Agreements compatible with UK GDPR.

6. Storage, Security & International Transfers

  • Primary database: Supabase EU region (Frankfurt) — AES-256 at rest, TLS 1.3 in transit.
  • Row-Level Security (RLS) policies ensure each user can only read/write their own rows.
  • The Supabase service role key is held only in server-side Edge Functions, never shipped with the app.
  • Some sub-processors (RevenueCat, OpenRouter, Expo) are US-based. Transfers rely on the UK International Data Transfer Addendum and Standard Contractual Clauses.
  • The App uses the Android New Architecture and does not embed any tracking SDKs.

7. Data Retention & Account Deletion

  • Active account: retained while your account exists.
  • Account deletion: immediate soft delete on request; hard delete within 30 days across all systems (including backups within 90 days).
  • Crash logs / anonymous usage events: retained for 90 days, then purged.
  • AI chat history: retained until you clear it; otherwise until account deletion.

How to delete your account

You have three paths — pick whichever is easiest:

  1. In-app (one tap): open the KetoDieting app → Profile → Delete Account. Confirms with a dialog, then invokes the delete-account Supabase Edge Function which removes every row across 33 user tables (food logs, weights, fasting sessions, mood, photos, settings, subscriptions, chat history, …) and the underlying auth.users record. Completes immediately; cloud propagation finishes within 30 minutes.
  2. Public web request form: fill in https://ketodieting.co.uk/delete-account. Use this if you have already uninstalled the app, can’t sign in, or want to delete data without having installed the app at all (e.g. someone added you to a referral list). We confirm receipt within 7 days and complete deletion within 30 days.
  3. Email: privacy@ketodieting.co.uk. Same SLA as the web form. Include the email address you registered with.

We never ask for a reason. We never try to talk you out of it. Deletion is irreversible and includes any data we’ve cached on third-party sub-processors (RevenueCat purchase history, OpenRouter chat logs, Expo push tokens) — see Section 5.

8. Your Rights (UK GDPR / EU GDPR)

You have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data (“right to be forgotten”)
  • Port your data in a machine-readable format
  • Restrict or object to processing
  • Withdraw consent at any time
  • Lodge a complaint with the UK Information Commissioner’s Office (ico.org.uk)

To exercise any right, email support@ketodieting.co.uk. We respond within 30 days.

9. Children’s Privacy

Keto Dieting is not intended for children under 16. We do not knowingly collect data from anyone under 16. If an age under 16 is entered during onboarding, the App displays a warning and does not create a personalised plan. If you believe a child has provided us data, contact us and we will delete it immediately.

10. Medical Disclaimer

Keto Dieting is not a medical device and does not provide medical advice. Macros, protocols, and AI coach responses are educational only. Consult a qualified healthcare professional before starting any diet, fasting protocol, or supplement regime — especially if you are pregnant, breastfeeding, diabetic, or taking prescription medication.

11. Changes to This Policy

We will post material changes here with a new “Last updated” date, and notify active users via in-app message. Continued use after a change constitutes acceptance.

12. Contact

Data Controller: ZenApps UK (Web Print & Signs Ltd)
Address: Burnley, Lancashire, United Kingdom
Email: support@ketodieting.co.uk
App Support: support@ketodieting.co.uk
Website: https://ketodieting.co.uk