Privacy Policy

Introduction

ProteinID ("we", "our", or "the app") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our protein tracking web application.

Data We Collect

To provide the service, we may collect the following information:

1. Account Information

Email address: Used for account creation and sign-in
Name: Used for personalization
Password: Stored in hashed form for security when password authentication is used

2. Profile Data

Gender: Used to calculate protein goals
Weight (kg): Used to calculate protein goals
Daily protein goal: Automatically calculated or manually set

3. Food Logs

Food names: Products you add
Serving sizes: Amounts you consume
Protein amounts: Calculated protein values
Date and time: When an entry was added

4. Technical Information

IP address: May appear in server logs
Browser details: Browser type and version
Session data: Sign-in state and session identifiers

How We Use Data

Service delivery: To provide protein tracking features
Account management: For authentication and session handling
Personalization: To calculate goals and show progress
Statistics and charts: To visualize historical data
Security: To prevent abuse and protect the service
Support: To troubleshoot and improve the product

Data Storage and Security

Firebase Firestore: Google-hosted NoSQL database
Encryption: Data is transmitted over HTTPS
Passwords: Stored with bcrypt hashing when applicable
Access control: Users can access only their own data
Hosting region: Data may be stored in Google Cloud Europe (europe-west1)

Data Sharing

We do not sell or rent your personal data to third parties.

We share data only when necessary, including with:

Google OAuth: If you sign in with Google, we receive your email and name from Google
Firebase / Google Cloud: For hosting and data storage
USDA FoodData Central: For food search and nutrition lookups, without sending your personal data
Legal compliance: If required by law or a valid legal process

Cookies

We use cookies for session handling, optional remember-me functionality, and OAuth-related sign-in flows. You can clear cookies in your browser, but some features may stop working correctly.

Your Rights

Depending on applicable law, including GDPR, you may have rights to access, correct, delete, restrict, object to processing, or export your personal data.

To exercise these rights, contact us at privacy@proteinid.uk.

Account Deletion

You may delete your account and related data at any time through your account settings. Once deleted, account data is permanently removed from our active database, subject to limited backup or log retention periods.

Children's Privacy

This service is not intended for children under 16. We do not knowingly collect personal data from children. If you believe a child has provided data to us, contact us so we can take appropriate action.

Third-Party Services

We rely on services such as Google Firebase/Cloud, USDA FoodData Central, and Google OAuth. Their own privacy policies also apply to their services.

Retention Periods

We keep your data while your account remains active, while needed to provide the service, or as required by law. After deletion, some server logs may be retained for a limited time for security and operational reasons.

Security Measures

HTTPS encryption for data in transit
Bcrypt password hashing where passwords are used
Session lifetime limits and cookie protections
Access controls and infrastructure-level security measures

Policy Changes

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the date on this page and, where appropriate, through in-app or email notice.

Contact

If you have questions about this Privacy Policy or your rights, contact us:

Email: privacy@proteinid.uk

General questions: support@proteinid.uk

Response time: Within 48 hours