← Back to Nuvobee

Privacy Policy

Effective 5 June 2026 · Version 1.3

The short version. Your health profile lives on your phone — not on our servers. The only time data leaves your device is when you actively ask Nuvobee to analyse a menu or dish, and even then we only send what's needed for that single request. No accounts. No selling. We do collect anonymous, non-personal crash reports and usage counts (no names, no health data) to keep the app stable and understand how it's being used.

1. Who we are

Nuvobee is operated by Shailendra Singh Shekhawat, an individual based in Jaipur, India. You can reach us at hello@nuvobee.com. This policy explains what data Nuvobee collects, where it goes, and what choices you have.

2. What we collect — and what we don't

Kept on your device — not on our servers

  • Health profile: the conditions, allergies, medications, dietary goals, age range, sex, height, weight, activity level, family medical history, food triggers, and any other context you choose to enter.
  • App preferences: things like which onboarding you've seen, your subscription tier, last waiter card.
  • Photos you take inside Nuvobee (menus, blood tests) — held briefly in memory long enough to send the analysis request, then discarded. We don't save them on our servers.

All of the above lives in your browser's local storage on the device you're using. Clearing browser data, switching devices, or uninstalling deletes it. We do not back any of it up.

What we don't collect

  • We don't ask for your name, email, or phone number.
  • We don't require an account.
  • We don't track you across other sites.
  • We don't use advertising cookies or marketing pixels.
  • We don't track you as an individual — analytics are anonymous event counts only.

What we may collect at a server level

When you send a menu or dish to be analysed, our server receives the API request. Standard web server logs may include the request timestamp, the request size, and a generic country-level location inferred from IP — used only for diagnostics, abuse prevention, and capacity planning. These logs are kept for at most 30 days and are not linked to your identity.

3. Third-party processors

Anthropic (Claude API)

Nuvobee uses the Anthropic Claude API to read menus and generate personalised picks. When you ask for an analysis, we send:

  • Your health profile fields (the ones you filled in).
  • The text or photo of the menu / dish / blood test you submitted.

We do not send your name, email, device ID, or any identifier that ties the request to you personally. Per Anthropic's API terms in force at the time of writing, Anthropic does not use API inputs or outputs to train models. Read their privacy policy for the full picture.

App store / payment platform

Subscriptions (Lifetime, Yearly, Weekly) are processed by your device's app store or our payment processor. They collect the information needed to take payment under their own privacy policy. We receive a subscription receipt only — never your card details.

Crash reporting — Sentry

Nuvobee uses Sentry to automatically capture crash reports and JavaScript errors. When the app crashes or encounters an unexpected error, Sentry receives:

  • The error message and stack trace (lines of code that caused it).
  • Device type, operating system version, and app version.
  • A randomly generated anonymous session ID — not linked to you.

Sentry does not receive your health profile, any menu or dish content, or any identifier that could be used to contact you. Data is stored on Sentry's EU servers and retained for 90 days. See Sentry's privacy policy.

Anonymous analytics — PostHog

Nuvobee uses PostHog to count how the app is used — so we know which features people find valuable and where the experience breaks down. PostHog receives anonymous events such as:

  • “menu scanned” (with the number of photos, but not the photos themselves).
  • “paywall shown” and “subscription started” (plan name only).
  • Page views and session duration.

PostHog does not receive your name, email, health profile, menu content, or any information that identifies you as an individual. We have disabled user profiling and session recording. Data is stored on PostHog's EU servers. See PostHog's privacy policy.

Hosting

Our web app and API are hosted on Vercel. Vercel handles the traffic and stores standard server logs as described above. See Vercel's privacy policy.

4. Why we process your data

  • To give you the picks you asked for — this is the core service.
  • To keep the service running and safe — basic diagnostics, rate limiting, abuse prevention.
  • To honour our contract with you — including subscription billing.

We rely on your consent (when you set up your profile and submit a menu) and our legitimate interest in keeping the service safe and reliable.

5. Your rights

Because your profile lives on your device, you control it directly. You can:

  • Edit anything in the Profile section at any time.
  • Delete everything with the “Start fresh” button at the bottom of the Profile screen — or by clearing this site's data from your browser.
  • Cancel a subscription via your device's app store / subscription settings.
  • Request information about server-side data tied to your account (subscription status only — there is no profile data on our servers). Email us: hello@nuvobee.com.

Under GDPR (if you're in the EU/EEA), CCPA (if you're in California), or similar laws, you may also have the right to access, correct, port, restrict processing of, or object to the processing of your personal data. Because almost everything is on your device, most of these are exercised by you locally — for the rest, email us and we'll respond within 30 days.

6. Data retention

  • On-device data: kept until you delete it or uninstall.
  • Menu / dish photos in transit: processed during the request and not stored after the response is sent.
  • Server logs: up to 30 days, then deleted.
  • Subscription receipts: kept for as long as legally required for tax and accounting (typically up to 10 years depending on jurisdiction).

7. Children

Nuvobee is not directed at children under 13 (or 16 in the EU). We don't knowingly collect personal data from children. If you believe a child has used Nuvobee without parental consent, contact us and we'll help remove any associated data.

8. International transfers

Our hosting providers and Anthropic operate servers in multiple countries, which may include the United States. Where we transfer data outside the EU/EEA, we rely on the European Commission's standard contractual clauses or equivalent safeguards. The only data ever transferred is the contents of an analysis request — your on-device profile never travels to our servers as a whole.

9. Security

We use TLS for all data in transit. Because your profile lives only on your device, the strongest privacy protection is your own device's lock screen. We recommend keeping your phone secured with a passcode, biometric, or password.

10. Changes to this policy

If we change this policy in a meaningful way, we'll update the effective date above and notify you in the app before the change takes effect. For minor edits (typos, clarifications) we may make the change without notice.

11. Contact

Anything privacy-related, including data requests: hello@nuvobee.com.