Privacy Policy

Last updated: 2026-05-26

FitFastBites ("we", "us") provides an app that suggests fast-food orders matching your nutrition targets. This policy explains what we collect, how it's used, and your rights.

What we collect

Account identifiers: a unique anonymous Firebase user ID created on first launch, and a stable Firebase Authentication identifier associated with that session. If you sign up with email or Google, we also store your email and (for Google) your display name. These are stored in Firebase Firestore and processed by Google.
Push notification token: a Firebase Cloud Messaging (FCM) device token, stored in Firestore, used only to deliver subscription-reminder notifications. We do not share this token with third parties.
Meal log: hacks you mark as logged, with timestamps. Used to compute your daily totals and "go-to" repeat orders.
Saved hacks: hack orders you bookmark.
App settings: your default calorie / protein targets, favorite restaurants, allergen flags, theme preference.
Subscription state: whether you're on the free or Pro tier. We store your Stripe customer ID and subscription ID in Firestore; payment card details (card number, CVC, billing address) are entered on Stripe's hosted checkout page and are never sent to or stored by FitFastBites.
Community posts you author: shared hacks (only items you explicitly tap "share to community" on).
Coarse location: only if you grant permission and tap "See what's near you". We send the coordinates to OpenStreetMap's Overpass API to find nearby fast-food chains. We don't store your location on our servers.
Menu photo (transient AI processing): if you tap the camera icon to scan a printed menu, the photo is uploaded securely over HTTPS to our Cloud Functions and forwarded to Anthropic's Claude vision API for one-time analysis. The image is processed in memory only — never written to Cloud Storage, never persisted in any database, and not used for AI training. We surface a one-time disclosure before the first scan so you can decline. We do not retain the image beyond the response that returns your hacks.
Usage analytics: anonymised funnel events (e.g. trial started, paywall shown) sent to Firebase Analytics when the in-app telemetry toggle is on. Events contain no name, email, or payment information.
Diagnostics: crash reports (Firebase Crashlytics) and basic performance metrics (Firebase Performance Monitoring), sent to Google when the in-app telemetry toggle is on. You can disable all analytics, crash reports, and performance monitoring at any time in Settings → Privacy → Telemetry.
Consent record: when you complete onboarding or accept the menu-scan disclosure, we store a timestamp and policy-version marker so we can show you the current version on material changes and prove acceptance. This record contains no content beyond timestamps and a short version string.

What we don't collect

We don't sell or share your data with advertisers.
We don't track you across third-party apps or websites.
We don't store payment card numbers, CVC, or billing addresses — those stay with Stripe.
We don't collect precise GPS location, device advertising identifiers (GAID/IDFA), or any hardware identifiers.

Third-party services

Firebase (Google): Authentication, Firestore (data storage), Cloud Functions, Cloud Messaging (push tokens), App Check (anti-abuse), Crashlytics, Performance Monitoring, Analytics. Firebase privacy.
Stripe: payment processing. We create a Stripe customer record to manage your Pro subscription. Card data is entered on Stripe's hosted page and governed by Stripe's PCI-DSS compliance. Stripe privacy.
Anthropic: when you generate a hack, your prompt (the vibe you tapped, your settings, optional craving text) is sent to Anthropic's Claude API. We don't send your name, email, or location. Anthropic privacy.
OpenStreetMap Overpass: only when you tap "See what's near you" — coordinates only, no account identifiers.

How long we keep your data

For as long as your account exists. If you delete your account, we delete all per-user Firestore data and your Firebase Auth identity immediately. Community posts you authored are also removed. Crashlytics retains crash logs for 90 days; Firebase Analytics retains event data for 14 months (Google's default). Stripe retains transaction records as required by financial regulations.

Anti-fraud retention: when you start a free trial we store a one-way fingerprint of the payment card you used (no card number, no name, no billing address — just a hash supplied by Stripe). On deletion we strip your account ID and Stripe customer ID from this record but retain the fingerprint itself for up to 24 months so the same card cannot be used to obtain repeated free trials. Legal basis: fraud-prevention legitimate interest under GDPR Article 17(3)(e) / 21(1).

Your rights

Export: tap Settings → "Export my data" to download everything we have on you as JSON.
Delete: go to Settings → Account & Subscription → Delete account. This cancels your Stripe subscription, wipes all your Firestore data, and deletes your Firebase Auth identity in one step. You can also email us and we'll do it for you within 30 days.
Telemetry opt-out: go to Settings → Privacy → Telemetry to disable Crashlytics, Performance Monitoring, and Analytics without deleting your account.
EU/UK/EEA users (GDPR): you have rights of access, rectification, erasure, restriction, portability, and objection. Contact us to exercise them. FitFastBites is not intended for users under 16 in the European Economic Area.
California users (CCPA): you have the right to know, delete, and opt out of sale of personal information. We don't sell your data.

Children

FitFastBites is not intended for children under 13 (or under 16 in the European Economic Area). We don't knowingly collect data from anyone below these ages. If you believe we have, contact us and we'll delete it promptly.

Changes

If this policy materially changes, we'll update the "Last updated" date and notify you in-app before the change takes effect.

Contact

Email: hello@fitfastbites.app

← Back to home