Privacy Policy

1. Introduction

Welcome to GudForUs ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the "App").

By using the App, you consent to the data practices described in this Privacy Policy. If you do not agree with our policies and practices, please do not use the App.

2. Information We Collect

2.1 Personal Information

We collect the following personal information when you create an account:

• Name
• Email address
• Password (encrypted)

2.2 Usage Data

We automatically collect certain information when you use the App, including:

• Product scans and analysis results
• Health and environmental preference settings
• App feature usage and interaction data
• Device information (model, operating system version)
• Log data (IP address, access times, app crashes)

2.3 Camera Access

The App requires access to your device's camera to scan product barcodes and ingredient labels. Images captured are processed to extract text and are not stored on our servers unless you explicitly save a scan result.

2.4 Subscription Information

If you purchase a subscription through Apple App Store or Google Play Store, we receive limited subscription information from the platform (subscription status, expiration date) via RevenueCat. Payment information is processed entirely by Apple or Google and is not accessible to us.

3. How We Use Your Information

We use the information we collect to:

• Provide and maintain the App's functionality
• Analyze product ingredients and generate health and environmental impact scores
• Personalize your experience based on your preferences and scan history
• Generate AI-powered daily insights about your consumption patterns
• Process and manage your subscription
• Send you important updates about the App or your account
• Improve our services and develop new features
• Detect and prevent fraud or abuse
• Comply with legal obligations

4. Data Storage and Security

Your data is stored securely using Supabase, a PostgreSQL-based backend service with enterprise-grade security features including:

• Encryption in transit (TLS/SSL)
• Encryption at rest
• Row-Level Security (RLS) policies to protect your data
• Regular security audits and updates

We implement industry-standard security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following limited circumstances:

5.1 Service Providers

• Supabase: Database and authentication services
• RevenueCat: Subscription and payment processing
• Google AI (Gemini): Product analysis and insight generation (data is processed securely and not stored by Google)

5.2 Legal Requirements

We may disclose your information if required by law, court order, or governmental regulation, or if we believe disclosure is necessary to:

• Comply with legal obligations
• Protect our rights, property, or safety
• Prevent fraud or security issues
• Protect the rights and safety of our users

6. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Update or correct inaccurate information through your profile settings
• Deletion: Request deletion of your account and associated data
• Data Portability: Request a copy of your data in a machine-readable format
• Opt-Out: Unsubscribe from marketing communications (if applicable)

To exercise these rights, please contact us at support@envo.club.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the App's services. If you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal or regulatory purposes.

Scan history and analysis data may be retained for up to 90 days after account deletion for backup and recovery purposes.

8. Children's Privacy

The App is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected personal information from a child under 13, we will take steps to delete such information as soon as possible.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using the App, you consent to the transfer of your information to our facilities and service providers globally.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically for any changes.

Your continued use of the App after any modifications to this Privacy Policy constitutes your acceptance of the updated policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: