Privacy Policy

OxalateGuard ("we," "us," "our") is an oxalate tracking application that helps people manage their dietary oxalate intake. This policy explains what data we collect, how we use it, and your rights.

Account Data

When you sign up, we collect your email address and authentication credentials via our auth provider (Clerk). We do not store passwords directly.

Profile Data

During onboarding, you may provide your gender, age range, medical conditions, and tolerance preferences. This data is used to personalize your daily oxalate limit.

Health & Dietary Data (Cloud Sync)

If you enable Cloud Sync, we store your daily food logs on our servers. This includes:

• Foods logged and quantities
• Calculated oxalate amounts
• Cooking methods selected
• Your daily oxalate limit setting
• Dates and times of entries

Cloud Sync is optional. You must explicitly consent before any food log data is transmitted to our servers. Without consent, all data remains on your device only.

Analytics Data

We use PostHog to collect anonymized usage analytics (page views, feature usage) to improve the app. No dietary or health data is included in analytics events.

• Personalization: Profile data determines your daily limit and risk thresholds.
• Cloud Sync: If enabled, your food logs are stored server-side so you can access them across devices.
• Improvement: Anonymized analytics help us understand feature usage and improve the app.

We do not sell your data. We do not share your health data with third parties for advertising.

• Consent (Article 6(1)(a), Article 9(2)(a)): Cloud Sync of dietary/health data is based on your explicit consent, which you can withdraw at any time.
• Legitimate Interest (Article 6(1)(f)): Basic account management and anonymized analytics.
• Contract (Article 6(1)(b)): Processing necessary to provide the subscription service.

Server-side data is stored in a PostgreSQL database hosted by Supabase with encryption at rest and in transit (TLS). Access is restricted to authenticated users via API-level authorization. Row-level security policies provide defense-in-depth.

Local data (when Cloud Sync is off) is stored in your browser's localStorage and never leaves your device.

Server-synced food logs are retained as long as your account is active. You can delete all synced data at any time from your Profile settings or by requesting account deletion.

Local data is retained for up to 90 days (rolling window) and can be cleared by clearing your browser storage.

Under GDPR and applicable laws, you have the right to:

• Access: Export your data as CSV from your Profile page.
• Erasure: Delete all server-side data from your Profile page, or request full account deletion.
• Withdraw consent: Disable Cloud Sync at any time from your Profile settings. This is as easy as toggling a switch.
• Portability: Download your data in CSV format.
• Rectification: Update your profile through the onboarding flow.

• Clerk: Authentication provider. See Clerk's Privacy Policy.
• Supabase: Database hosting. See Supabase's Privacy Policy.
• Stripe: Payment processing. See Stripe's Privacy Policy.
• PostHog: Anonymized analytics. See PostHog's Privacy Policy.

For privacy inquiries, data requests, or to exercise your rights, contact us at privacy@oxalateguard.com.