Privacy Policy

1. Introduction

Welcome to AllerNote ("we," "our," or "us"). This Privacy Policy explains what information we collect, why we collect it, and what choices you have when you use our website and app (the "Service").

If you have questions, you can always email us (details at the bottom of this page).

2. Information We Collect

2.1 Personal Information You Provide

When you create an account or use features that save data, we collect information you choose to provide, such as:

• Account information: Email and name. If you use Google sign-in, we may also receive your profile photo from Google.
• Allergy and skin-related info: Allergens you add, severity/notes, and optional onboarding preferences (like skin type and concerns).
• Scan inputs: Ingredient label images you upload and/or ingredient text you type.
• Your saved items: Products you save to lists (like “safe” or “avoid”), routines, and any notes you add.

2.2 Automatically Collected Information

When you use the Service, we may automatically collect:

• Basic device and browser info: For example, device type and browser.
• Log and diagnostic data: Such as error logs and performance signals needed to keep the app reliable.

2.3 “Try Scan” (no signup) data

If you use Try Scan without creating an account, we store a limited “anonymous scan log” to help improve results and understand conversion (e.g., how many people try a scan and later create an account). This may include:

• What you scanned: The extracted ingredient text and a structured ingredient list we generate.
• Optional product info: Product name/brand if you typed it (or if it was visible in the label).
• Technical metadata: A random session identifier and your browser’s user agent string.
• Local storage: We may store a temporary “anonymous scan id” in your browser storage so we can link that scan if you later sign up.

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Analyze ingredients and match them against your allergy profile (if you have an account)
• Save your scan history, saved products, routines, and logs (so your data is available on any device)
• Respond to support requests and user feedback
• Respond to your comments and questions
• Detect, prevent, and address technical issues
• Comply with legal obligations

4. How We Protect Your Data

We treat allergy and skin-reaction information as sensitive. We use reasonable administrative, technical, and organizational safeguards designed to protect your information.

• Secure transport: We use HTTPS for data in transit.
• Access controls: We restrict access to production systems to what’s needed to run and support the Service.
• Data minimization: We aim to collect only what we need for the features you use.
• No selling: We do not sell your personal information.

No method of transmission or storage is 100% secure. If you believe your account has been compromised, contact us immediately.

5. Data Sharing and Disclosure

We may share your information in the following situations:

• With your consent: For example, when you generate a share link.
• Service providers: Vendors that help us run the Service (authentication, hosting, storage, AI processing).
• Legal Requirements: If required by law or to protect our rights
• Business Transfers: In connection with any merger, sale, or acquisition

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

6. Third-Party Services

AllerNote relies on third-party services to provide key functionality:

• Firebase Authentication (Google): Account creation, sign-in, and session management.
• Google AI / Gemini: Ingredient extraction, translation, and analysis from label text/images.
• Google Cloud Storage (optional, if configured): Storing uploaded images (e.g., product photos) so they can be displayed later.

These services have their own privacy policies, and we encourage you to review them.

7. Data Retention

We keep your account data for as long as your account is active so we can provide the Service. You can delete items (like scans) at any time, and you can delete your account from Settings.

Scan history is retained until you delete it (or delete your account). Anonymous scan logs (from “Try Scan”) may be retained longer to improve the ingredient knowledge base and analytics.

Account deletion requests: If you request account deletion, we schedule deletion and deactivate the account. You can restore the account by signing back in before the scheduled deletion date. After that date, we permanently delete the account and associated data.

8. Your Rights and Choices

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal data
• Portability: Receive your data in a portable format
• Opt-out: Opt out of certain data processing activities

In-app controls: you can export your data and delete your account from Settings. If you need help (or can’t access your account), email us.

9. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it promptly.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with this privacy policy.

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at: