AI Food Scanner

Plately — AI Food Scanner

Snap a meal, scan a nutrition label, or look up a barcode — calories and macros logged in seconds. Pack-only pricing, no subscriptions.

Download FreeAll apps
Overview Privacy Policy Terms of Use Help & FAQ Open Source

Plately · Privacy Policy

Plately — Privacy Policy

Last Updated: May 2026

Plately: AI Food Scanner ("we", "our", "the app") is built so that your nutrition data stays under your control. This Policy explains what we collect, what we share, how long we keep it, and your rights.

1. Data that stays on your device

The following lives in local storage on your iPhone and is never sent to our servers:

  • Meals, drinks, weight history, fasting sessions, daily goals
  • Profile: name, goal, sex, height, weight, activity level, units
  • Reminder preferences (toggle + time of day)
  • A randomly generated anonymous device identifier

You can erase all of it at any time from Profile → Delete all data. There is no account; uninstalling the app also removes the data.

2. Data we send to our servers

Meal and nutrition-label photos. When you tap Snap a meal, Nutrition label, or use the gallery, the captured image is uploaded to our backend (Fly.io, Paris) and forwarded to our AI vision provider for analysis. The bytes live in memory only during the request — they are not stored on our servers or in any database.

Automated moderation pre-screen. Before each AI analysis, the image is screened by an automated content moderation service. Sexual, violent, self-harm, and CSAM-adjacent content is rejected without an AI call and without a scan-credit deduction.

Anonymous device ID. A random UUID generated on first launch. We use it to track your scan-pack balance and to honour Restore Purchases. We do not collect name, email address, postal address, or any other personal identifier.

Apple StoreKit receipts. When you buy a Scan Pack, Apple sends us a signed JWS receipt. We verify the signature against Apple's root certificate and store the verified transaction id, product id, and environment to prevent duplicate grants and to process refunds.

Push notification token. If you opt in to notifications, an Expo push token is stored against your device ID so we can send the daily reminder you configured and low-balance alerts.

3. Third-party services

  • OpenAI — processes meal and nutrition-label photos (gpt-4o vision) and runs the moderation pre-screen (omni-moderation-latest).
  • Anthropic — generates your optional weekly insights report from a numeric summary of the last 7 days (claude-sonnet-4-5).
  • Open Food Facts — public barcode database for packaged-food lookups.
  • Apple — in-app purchase processing and StoreKit receipt verification.
  • Expo — push notification delivery.
  • Sentry (optional) — crash and error reports tied to your anonymous device ID. No personal identifiers.
  • PostHog (optional) — anonymous product-usage events tied to your device ID. No personal identifiers.

4. Data retention

We keep indefinitely only:

  • The verified IAP transaction record (to prevent duplicate grants and to honour Apple-initiated refunds via App Store Server Notifications)
  • Your scan-credit balance, keyed on the anonymous device ID

We do not retain photos, raw AI inputs or outputs, or any record that could be linked back to a personal identity. Server logs of API requests are retained for a maximum of 30 days for debugging and abuse-prevention purposes, then deleted.

5. Your rights

You can:

  • Delete all device-local data at any time via Profile → Delete all data.
  • Request deletion of your server-side records (device ID + verified IAP transaction history) by emailing plately@summerslogic.com. Note: deletion of IAP records may delay or prevent processing of future refunds initiated by Apple.
  • If you reside in the EU/EEA, UK, or Switzerland, you have GDPR rights — access, rectification, erasure, restriction, portability, and objection. Contact us to exercise any of them.
  • If you reside in California, you have CCPA rights — to know, delete, correct, and opt-out of "sale" or "share" of personal information. We do not sell or share personal information in any case.
  • Purchases remain tied to your Apple ID and are managed through your Apple settings.

6. International transfers

Our backend is hosted in Paris, France (EU). Meal photos sent for analysis transit to OpenAI and Anthropic systems located primarily in the United States. By using the AI scan feature you consent to this cross-border transfer for the sole purpose of analysis; the image is not retained after the response.

7. Children

The app is not intended for users under 13. We do not knowingly collect data from anyone under 13. If you believe a child has used the app, please contact us so we can help clear any device data.

8. Security

All traffic between the app and our backend uses HTTPS (TLS 1.2+). StoreKit receipts are verified using ES256 against Apple's root certificate chain. We do not have access to your Apple ID, payment method, or any account credential.

9. Changes

We may update this Policy. Material changes will be announced in-app at least 7 days before they take effect. Continued use after the announcement means you accept the revised Policy.

10. Contact

plately@summerslogic.com