TEMPLATE — This document requires professional legal review before launch

Privacy Policy

Last Updated: March 2026

1. Introduction

FRESHLife (“we”, “our”, or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application (the “App”).

FRESHLife is a faith-based wellness application that collects sensitive health and wellness data. We take our responsibility to protect this data seriously and comply with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR).

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the App.

2. Information We Collect

2.1 Personal Information

We collect the following personal information that you provide:

  • Account Information: Email address, password (encrypted and hashed)
  • Profile Information: Height, weight, age, gender, preferred unit system (metric/imperial), fitness goals, activity level
  • Health and Nutrition Data: Calorie intake, food logs, meal templates, exercise activities, sleep and rest data, weight progress tracking
  • Spiritual Wellness Entries: Faith journal content, spiritual practice logs, prayer entries
  • Habit Tracking: Daily habit completion data, streak records

2.2 Automatically Collected Information

  • Device information (type, operating system)
  • Usage data (features accessed, time spent in app)
  • Log data (IP address, browser type, timestamps)

2.3 Third-Party Data

  • Nutritional information from USDA FoodData Central API
  • Video content from YouTube

3. How We Use Your Information

We use your information solely for the purpose of providing and improving the App. Your data is used for personalisation only and is never sold to third parties. Specifically, we use your information to:

  • Provide and maintain the App's functionality
  • Calculate personalised calorie goals and nutrition recommendations
  • Track your progress toward health and wellness goals
  • Generate AI-powered personalised advice using Anthropic Claude AI
  • Send you reminders and notifications (with your permission)
  • Improve the App's features and user experience
  • Respond to your inquiries and provide customer support
  • Ensure the security and integrity of the App
  • Process payments through our payment provider (Stripe)

4. Legal Basis for Processing (GDPR)

Under the UK GDPR and EU GDPR, we process your personal data on the following legal bases:

  • Consent: You provide explicit consent when you create an account and agree to this Privacy Policy. For health-related data (which is considered special category data under GDPR), we rely on your explicit consent given during registration.
  • Contract: Processing is necessary to fulfil our contract with you (i.e., providing the App's services).
  • Legitimate Interests: We may process data for our legitimate interests, such as improving the App and ensuring security, provided these interests do not override your rights.
  • Legal Obligation: We may process data where required by law.

You may withdraw your consent at any time by contacting us or deleting your account. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

5. Data Storage and Security

Your data is stored securely using industry-standard practices:

  • Authentication: Supabase Auth with encrypted and hashed passwords
  • Database: Supabase (PostgreSQL) with row-level security (RLS), ensuring only you can access your data
  • Encryption: Data is encrypted in transit (TLS/HTTPS) and at rest
  • Access Control: Only you can access your personal data through your authenticated account
  • Infrastructure: Hosted on Vercel with enterprise-grade security

While we implement reasonable security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Sharing and Third-Party Processors

We do NOT sell, trade, or rent your personal information to third parties.

We share your information only with the following trusted third-party processors who help us operate the App:

  • Supabase — Database hosting, authentication, and data storage. Supabase encrypts data at rest and provides row-level security.
  • Vercel — Application hosting and deployment infrastructure.
  • Stripe — Payment processing for premium subscriptions. Stripe handles all payment card data directly; we do not store your card details.
  • Anthropic (Claude AI) — AI-powered personalised wellness advice and recommendations. Your queries and relevant context are sent to generate responses.
  • USDA FoodData Central — Nutritional data lookup for food logging. Only food search queries are sent; no personal data is shared.

We may also disclose your information:

  • If required by law, court order, or governmental authority
  • To protect the rights, property, or safety of FRESHLife, our users, or others

7. Your Privacy Rights

Under the GDPR and applicable data protection laws, you have the following rights:

  • Right of Access: Request a copy of all personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete information.
  • Right to Erasure (Right to be Forgotten): Request deletion of your account and all associated data.
  • Right to Data Portability: Request your data in a structured, commonly used, machine-readable format (e.g., JSON or CSV export).
  • Right to Restrict Processing: Request that we limit how we use your data.
  • Right to Object: Object to processing based on legitimate interests.
  • Right to Withdraw Consent: Withdraw your consent at any time without affecting the lawfulness of prior processing.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority (e.g., the UK Information Commissioner's Office).

To exercise any of these rights, please contact us at support@freshlife-app.com or use the account settings within the App. We will respond to your request within 30 days.

8. Health Disclaimer

IMPORTANT HEALTH DISCLAIMER

FRESHLife is a wellness guidance application. It is not a medical device and does not provide medical advice, diagnosis, or treatment. The health data collected by this App (including calorie calculations, weight tracking, and exercise logging) is for informational and wellness guidance purposes only. Always consult a qualified healthcare professional before making significant changes to your diet, exercise routine, or health practices.

9. Cookies and Local Storage

We use essential cookies and browser local storage to:

  • Authentication: Keep you logged in to your account securely
  • Preferences: Remember your settings (e.g., unit preferences, theme)
  • Onboarding state: Track whether you have completed profile setup

We do not currently use third-party analytics or advertising cookies. If this changes in the future, we will update this policy and seek your consent before deploying non-essential cookies.

You can disable cookies in your browser settings, but this may affect App functionality, particularly authentication.

10. Data Retention

We retain your personal information as follows:

  • Active accounts: Your data is retained for as long as your account is active and you continue to use the App.
  • Account deletion: If you delete your account, we will permanently delete all your personal data within 30 days of the deletion request.
  • Inactive accounts: Accounts that have been inactive for more than 24 months may be flagged for deletion. We will notify you by email before deleting an inactive account.
  • Legal retention: We may retain certain data beyond the above periods where required by law (e.g., financial transaction records for tax purposes).
  • Backups: Data in encrypted backups may persist for up to 90 days after deletion before being purged from backup systems.

11. Children's Privacy

FRESHLife is not intended for children under the age of 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately and we will delete the data.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States (where our infrastructure providers operate). These countries may have different data protection laws. Where we transfer data outside the UK or EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the relevant authorities.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new Privacy Policy on this page and updating the “Last Updated” date. For material changes that affect how we process your health data, we will notify you by email and may request renewed consent. You are advised to review this Privacy Policy periodically.

14. Contact Us

If you have questions or concerns about this Privacy Policy or how we handle your data, please contact us at:

Email: support@freshlife-app.com

If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

By clicking “I Agree” during registration, you acknowledge that you have read and understood this Privacy Policy and provide your explicit consent to the collection, use, and processing of your personal data (including health data) as described herein.

Back to Sign Up