Back to Home

Privacy Policy

Last updated: 9/7/2025

At MapMyMilk, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, and safeguard your data when you use our service.

Information We Collect

Personal Information

When you create an account, we collect:

  • Email address for account creation and communication
  • Password (encrypted and securely stored)
  • Profile information you choose to provide

Creating an account is optional. You may also use the app as a guest without providing personal information; however, some features such as syncing and premium access may require account creation.

Health and Tracking Data

To provide our core service, we collect:

  • Food consumption logs and dietary information
  • Symptom tracking data and severity levels
  • Photos you choose to upload (stored securely)
  • Notes and observations you add to entries
  • Custom triggers and symptoms you create

This health-related information is collected solely for personal tracking and informational purposes and is not intended for diagnostic or clinical use. We do not share this data with third parties except as explicitly outlined in this policy.

Usage Information

We automatically collect:

  • Device information and browser type
  • IP address and general location data
  • Usage patterns and feature interactions
  • Error logs and performance data

We use cookies and similar technologies (e.g., via Google Analytics and Stripe) to analyze traffic and enhance your experience. You can manage cookie settings in your browser.

How We Use Your Information

We use your information to:

  • Provide and maintain our food sensitivity tracking service
  • Analyze correlations between foods and symptoms
  • Sync your data across devices when you're signed in
  • Send important service updates and notifications
  • Improve our service through usage analytics
  • Provide customer support when requested
  • Process payments for premium features
  • Comply with legal obligations

Data Security

We implement industry-standard security measures to protect your data:

  • All data is encrypted in transit and at rest
  • Secure authentication through Supabase
  • Regular security audits and updates
  • Access controls and monitoring
  • Secure cloud infrastructure

In the unlikely event of a data breach, we will notify affected users promptly and in accordance with applicable laws.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in these limited circumstances:

  • With your explicit consent
  • To comply with legal requirements or court orders
  • To protect our rights, property, or safety
  • With service providers who assist in operating our service (under strict confidentiality agreements)
    • This includes Supabase (authentication and data storage), Stripe (payment processing), and Google Analytics (usage tracking)
  • In connection with a business transfer or acquisition

Your Rights and Choices

You have the right to:

  • Access, update, or delete your personal information
  • Export your data in a portable format
  • Opt out of non-essential communications
  • Request restriction of processing
  • Lodge a complaint with supervisory authorities
  • Delete your account and all associated data

Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

  • Account information: Until you delete your account
  • Tracking data: Until you delete specific entries or your account
  • Usage analytics: Aggregated and anonymized for up to 2 years
  • Payment information: As required by financial regulations

Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

International Users

If you are accessing our service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States. By using our service, you consent to this transfer.

If you are located in the European Economic Area (EEA), you may have additional rights under the General Data Protection Regulation (GDPR), including the right to object to processing, request data portability, or lodge a complaint with your local data protection authority.

Our legal basis for collecting and using your data depends on the context and includes your consent, the performance of a contract, and our legitimate business interests.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@mapmymilk.com

Website: https://mapmymilk.com