Privacy Policy

BodyLens · Effective June 1, 2026

1. Overview

BodyLens is an offline-first health tracking app. Your health data is stored locally on your device by default. This policy explains what data we collect, why, and how it is handled.

We do not sell your personal data to third parties.

2. Data We Collect

Data you enter

  • Food diary entries (food name, calories, macronutrients, date)
  • Daily body weight and body fat percentage
  • Water intake and step count
  • Workout activity logs
  • Nutrition targets and settings
  • Profile information (name, age, sex, height, weight) — stored only on-device, never uploaded

Data from integrations (optional)

  • Apple Health: Steps, sleep, and workout data — only when you grant permission. Read from HealthKit; never written back without your action.
  • Strava: Activity name, type, duration, and distance from your connected Strava account. Requires explicit OAuth sign-in.

Technical data

  • Supabase authentication tokens (email address used to create your account)
  • App usage metadata required for cloud sync

3. How We Use Your Data

  • To display your diary, insights, and history within the app
  • To sync your data across devices via Supabase (our cloud backend)
  • To generate AI-powered weekly, monthly, and yearly insights using Claude (Anthropic)
  • To send meal reminders and workout recovery alerts (only if enabled)

4. AI Features

When you request AI insights, aggregated metrics (e.g. average calories, workout frequency) are sent to Anthropic's Claude API to generate your narrative. Individual food entries and personal identifiers are not sent. Anthropic's data use is governed by their privacy policy.

5. Data Storage

  • Local storage: All data is first stored on your device using SQLite. The app is fully functional without a network connection.
  • Cloud backup: When signed in, data syncs to Supabase (hosted on AWS). Supabase stores data in a region within the United States.
  • Profile data (name, photo, age, height) is stored only on-device and is never uploaded.

6. Data Sharing

We share data with the following third parties only as needed to operate the app:

  • Supabase — cloud database and authentication
  • Anthropic — AI insight generation (aggregated metrics only)
  • Strava — if you connect your account

We do not share data with advertisers, data brokers, or analytics platforms.

7. Your Rights

  • Access: All data you've entered is visible directly in the app.
  • Deletion: You can delete your account from Settings → Account → Delete Account. This permanently erases all cloud data and wipes the local database. Deletion is irreversible.
  • Portability: Contact us to request an export of your data.

8. Children

BodyLens is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us data, contact us and we will delete it.

9. Medical Disclaimer

BodyLens is not a medical device and does not provide medical advice. Content is for informational and educational purposes only. Always consult a qualified healthcare professional before making any health, nutrition, or fitness decisions.

10. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via an in-app notice. Continued use of the app after changes take effect constitutes acceptance of the revised policy.

11. Contact

Questions about this policy? Email us at privacy@lenslabs.app.