Legal

Privacy Policy

Last updated: June 2026 · Student concept project

01 — Overview

The short version

FitHit is a student concept project. We are not a company, we generate no revenue, and we have no interest in selling, sharing, or monetizing your personal data. Your data exists solely to make the app work for you.

This Privacy Policy explains what information FitHit collects, how it is used, and what rights you have as a user. By using FitHit, you agree to this policy.

Because FitHit is a non-commercial student project, our data practices are intentionally minimal. We only collect what is necessary to operate the core features of the app.

02 — Data We Collect

What we collect

We collect only the minimum data needed to provide the service:

  • Account information — your email address used to create an account via Supabase Auth.
  • Food photos — images you upload for nutrition analysis. These are sent to Google Gemini Vision API and are not stored permanently by us.
  • Nutrition logs — the meal data (calories, macros) returned by the AI and saved to your personal log.
  • Usage data — basic analytics such as page views, used to improve the app. No personal identifiers are attached.

We do not collect your name, phone number, location, payment information, or any other sensitive personal data.

03 — How We Use Your Data

How your data is used

Your data is used exclusively to:

  • Authenticate your account and keep your sessions secure.
  • Analyze food photos via Google Gemini Vision API and return nutrition results.
  • Store and display your personal meal history and nutrition logs.
  • Improve the app experience based on anonymized usage patterns.

We will never use your data for advertising, profiling, or any purpose beyond operating the app for your personal use.

04 — Data Sharing

Who we share data with

We rely on a small number of trusted third-party services:

  • Supabase — our database and authentication provider. Your account data and meal logs are stored in Supabase. See Supabase's Privacy Policy.
  • Google Gemini API — food photos are sent to Google's Gemini Vision API for analysis. See Google's Privacy Policy.

We do not sell, rent, or share your data with any other third parties, advertisers, or data brokers.

05 — Security

How we protect your data

All data in Supabase is protected with Row Level Security (RLS), meaning each user can only access their own data. No other user or admin can view your meal logs or account details.

All data is transmitted over HTTPS. We follow Supabase's recommended security practices and keep our dependencies up to date.

Since FitHit is a student project and not a professional service, we encourage you to use a unique password and not store sensitive personal information in your meal descriptions.

06 — Your Rights

Your rights & choices

You have the right to:

  • Access — request a copy of all data we hold about you.
  • Delete — request deletion of your account and all associated data.
  • Correct — update or correct any inaccurate information.
  • Withdraw consent — stop using the service at any time.

To exercise any of these rights, contact us at the email below and we will respond within 48 hours.

07 — Contact

Questions or concerns?

If you have any questions about this Privacy Policy, want to exercise your rights, or have a trademark concern, please reach out. We are a small student team and we read and reply to every message.

Get in Touch

Email us at fithitapp@gmail.com
For trademark issues, include "TRADEMARK" in the subject line.

Go to Contact →