Back to Home

Privacy Policy (SafeEat)

Last Updated: 05 December 2025

At FJCode OÜ (the "Company", "we", "us", or "our"), we respect your privacy and are committed to protecting personal data you share with us when using the SafeEat mobile application (the "App") and related websites and services (collectively, the "Services").

This Privacy Policy explains what data we collect, how we process it, the legal bases for processing, who we share it with, how long we retain it, and what rights you have.

If you do not agree with this Policy, please do not use the Services.

1. About the Company

  • Company: FJCode OÜ
  • Registration number: 16993109
  • Address: Viru väljak 2, 10111 Tallinn, Estonia
  • Support / Privacy contact email: support@safeeat.app

This Policy applies to personal data processed in connection with your use of the SafeEat App and Services.

2. Scope and Acceptance

By downloading, accessing, or using the App or Services, you acknowledge that you have read and understood this Policy.

We may update this Policy from time to time. The updated version will be published in the App and/or on our website(s). If changes are significant, we will take reasonable steps to notify you (e.g., via an in-app notice). Continued use of the Services after the effective date means you accept the updated Policy.

3. What Data We Collect

We collect data in three main ways: (A) data you provide, (B) data collected automatically, and (C) data from third parties.

3.1 Data You Provide Directly

Depending on how you use the App, you may provide:

  • Health profile data (health-related information): allergies, intolerances, dietary restrictions, chronic conditions you choose to disclose, and notes/preferences you add. This may be considered "data concerning health" under GDPR.
  • Scan content: photos and/or text you scan or upload (e.g., ingredient lists, nutrition labels, barcodes, dishes, restaurant menus). Scan content may indirectly relate to your health profile (e.g., allergy-related decisions).
  • Support communications: messages, attachments, and feedback you send to us.

Please do not upload or share sensitive information about other people without their permission.

3.2 Data Collected Automatically

When you use the Services, we may automatically collect:

  • Device & technical data: device model, OS version, app version, language settings, time zone, network info, IP address, diagnostic logs.
  • Usage data: features used, session duration, taps/clicks, error events/crash reports, performance metrics.
  • Identifiers: app instance identifiers; where permitted and applicable, advertising identifiers may be processed for analytics or attribution (you can control this via device settings and, where applicable, consent prompts).

3.3 Data From Third Parties

We may receive limited data from:

  • App stores/payment platforms (e.g., Apple/Google): subscription status, product identifiers, transaction metadata. We do not receive your full payment card details when you pay via in-app purchases.
  • Service providers (analytics, crash reporting, infrastructure): technical events needed to operate and improve the Services.

4. Device Permissions (Camera, Photos, Notifications)

SafeEat may request device permissions to provide key features. You can grant or deny permissions, and you can change them at any time in your device settings.

  • Camera (required for scanning): used to scan labels, barcodes, dishes, and menus.
  • Photos / Media Library (optional): used only if you choose to upload an existing photo for analysis instead of taking a new one.
  • Notifications (optional): used to send service-related reminders or updates (if enabled).

If you deny permissions:

  • Denying Camera may prevent scanning.
  • Denying Photos may prevent uploading images from your gallery.
  • Denying Notifications means you won't receive push notifications.

We do not access your photos or camera in the background without your action.

5. Tracking, Attribution & AppTrackingTransparency (iOS)

5.1 iOS AppTrackingTransparency (ATT)

If the App uses tracking for advertising measurement or cross-app attribution on iOS, Apple may require us to request your permission via the AppTrackingTransparency (ATT) prompt.

  • If you allow tracking, the App may access an identifier such as IDFA (where available) for attribution/measurement.
  • If you do not allow tracking, we will not access IDFA for tracking purposes, and attribution/measurement may be limited.

You can change your ATT choice at any time in iOS settings.

5.2 Android Advertising ID

On Android, where applicable and enabled, the App may use the device's Advertising ID for attribution/measurement. You can reset or limit the Advertising ID in Android settings (and, on newer Android versions, you can remove it).

5.3 "Do Not Track / Limit Ad Personalization"

Where supported by the platform, we respect device-level privacy settings (e.g., "Limit Ad Tracking", "Ask App Not to Track", "Opt out of Ads Personalization") and comply with applicable laws regarding consent.

Note: SafeEat is designed to work even if tracking/advertising identifiers are disabled, though some measurement features may be less effective.

6. Cookies and Similar Technologies (Website & Similar Tracking)

This section applies primarily to our website(s) and any web-based parts of the Services. The mobile App generally uses SDKs and device identifiers rather than browser cookies, but similar principles (transparency, purpose limitation, and choice where required) apply.

6.1 What Cookies Are

Cookies are small text files stored on your device when you visit a website. Similar technologies may include pixels, tags, local storage, and SDK identifiers.

6.2 Cookie Categories We May Use

  • Strictly Necessary Cookies – required for core website functionality and security.
  • Preferences Cookies – remember settings (e.g., language).
  • Analytics Cookies – understand website usage to improve performance/content.
  • Marketing / Attribution Cookies (if applicable) – measure campaign performance and deliver more relevant promotions.

6.3 Consent (EEA/UK and Similar Regions)

Where required by applicable law (e.g., EEA/UK), we use a cookie banner/consent mechanism for non-essential cookies (Analytics/Marketing). You can withdraw or change your consent at any time through cookie settings (where available) and/or your browser settings.

6.4 How to Manage Cookies

You can block/delete cookies via browser settings. Blocking some cookies may affect website functionality.

7. How We Use Your Data (Purposes)

We process data for:

  • Provide core functionality (scans, results, settings, optional saved items/history)
  • Personalization (profile-based warnings and flags)
  • Support and communications (respond, troubleshoot, service notices)
  • Improve and develop the Services (stability, QA, aggregated/de-identified improvements where appropriate)
  • Security and fraud prevention
  • Legal compliance and rights protection

8. Legal Bases for Processing (GDPR)

We rely on:

  • Contract necessity – to provide the Services.
  • Legitimate interests – security, fraud prevention, reliability, improvements (balanced against your rights).
  • Legal obligations – compliance with applicable laws.
  • Consent – marketing and non-essential cookies where required.
  • Explicit consent (health data) – when your inputs qualify as health-related data under GDPR; you can withdraw consent (see Section 13).

9. Sharing Your Data (Third Parties)

We do not sell your personal data. We may share data only as needed.

9.1 Service Providers (Processors)

We may use trusted processors for hosting, storage, analytics, crash reporting, subscriptions, and support. They must protect the data and use it only on our instructions.

Sub-processors (examples / commonly used categories):

  • Cloud hosting & storage: Amazon Web Services (e.g., S3)
  • Analytics & measurement: Firebase / Google Analytics, Amplitude, AppsFlyer (or similar)
  • Crash reporting / monitoring: Firebase Crashlytics (or similar)
  • Subscriptions & paywall management: Adapty (or similar)

The exact list of sub-processors may change as we update the Services. We maintain appropriate agreements and safeguards with providers, including data processing terms where required.

9.2 Legal Requests and Rights Protection

We may disclose information if required by law or to protect our rights and safety.

9.3 Business Transfers

In case of a merger/acquisition/asset sale, data may be transferred with appropriate safeguards.

10. Google Play "Data safety" & Store Disclosures

If you download SafeEat from Google Play, you may see our disclosures in the Data safety section. These disclosures are intended to summarize:

  • what categories of data the App may collect (e.g., health profile inputs, scan content you provide, device/app activity data),
  • whether data is shared with service providers (processors) for necessary functionality (e.g., hosting, analytics, crash reporting),
  • the purposes of collection/sharing (app functionality, analytics, fraud prevention, support),
  • our security practices (e.g., encryption in transit, access controls), and
  • how you can request deletion (see Section 12).

We aim to keep our store disclosures consistent with how the App actually operates. If you have questions about a specific data item shown in Google Play, contact us at support@safeeat.app.

11. International Data Transfers

We are based in Estonia (EU). Some providers may process data outside the EEA. Where required, we use safeguards such as SCCs, adequacy decisions, or other lawful mechanisms.

12. Data Retention

We retain data no longer than necessary for the purposes in this Policy, unless longer retention is required by law.

General approach:

  • Profile and saved data: until you delete it or request deletion;
  • Support correspondence: as needed for support and reasonable follow-ups;
  • Diagnostic/security data: limited periods for stability/security;
  • Limited data may be retained for legal compliance/dispute resolution.

13. How to Delete Your Account and Data

You can request deletion at any time.

  • In-App deletion (if available): use "Delete account" / "Delete data" in Settings.
  • By email: write to support@safeeat.app with subject "Delete my data" and include enough details to identify your account/usage.

We will delete or anonymize personal data we control, unless we must retain some information for legal obligations, security, or disputes.

  • Apple/Google records: app stores may retain certain purchase/subscription records under their own policies; we cannot delete data controlled by Apple/Google.
  • Backups: deletion may not immediately remove residual backup copies, but backups are protected and overwritten on a regular cycle.

14. Your Rights (EEA/UK GDPR)

You may have the right to access, correct, delete, restrict/object, portability (where applicable), and withdraw consent.

To exercise rights, contact support@safeeat.app. We may request verification. You may also lodge a complaint with your data protection authority.

15. Children's Privacy

The Services are not intended for children under 13. We do not knowingly collect personal data from children. If you believe a child provided data, contact us so we can delete it.

16. Automated Processing / AI Notes

SafeEat uses automated systems (including AI/OCR) to analyze what you scan and match results against your health profile settings. Results are informational and depend on the quality and completeness of scanned content.

SafeEat does not provide medical advice and is not a medical device.

17. Contact Information

Back to Home
We use cookies: necessary cookies to run the site, and analytics cookies only with your consent.