Skip to main content
N
Nourli

Privacy Policy

How we protect your privacy and handle your data

Last updated: January 14, 2026

Our Commitment to Privacy

At Nourli, we are committed to protecting your privacy and maintaining the security of your personal information. This Privacy Policy explains how we collect, use, and protect your data when you use our service.

Data Controller

The data controller responsible for your personal data is:

Martynas Gintalas

Individual Activity Registration No. 1484354

Vilnius, Lithuania

Email: privacy@nourli.health

The supervisory authority for data protection in Lithuania is the State Data Protection Inspectorate (Valstybine duomenu apsaugos inspekcija, VDAI). You have the right to lodge a complaint with the VDAI or with the supervisory authority in your country of residence.

Zero Photo Retention Policy

We do not store your food photos.

When you upload or take a photo of your food:

  • Photos are processed in memory only for AI analysis
  • Images are immediately deleted after analysis is complete
  • No photos are saved to our servers or databases
  • Only the extracted nutrition data is stored in your account

Information We Collect

Account Information

  • Email address (for account creation and communication)
  • Profile information (age, height, weight, activity level - optional)
  • Nutrition goals and preferences

Usage Data

  • Food entries and nutrition data you manually input or that we extract from photos
  • App usage analytics (anonymous and aggregated)
  • Device information and IP address

How We Use Your Information

  • To provide and improve our AI-powered nutrition analysis
  • To track your progress and provide personalized recommendations
  • To communicate with you about your account and our service
  • To provide customer support
  • To improve our service through anonymous analytics

Data Security

We implement industry-standard security measures to protect your data:

  • End-to-end encryption for all data transmission
  • Secure cloud infrastructure with regular security audits
  • Access controls and authentication protocols
  • Regular security updates and monitoring

Your Rights

You have the right to:

  • Access your personal data
  • Correct or update your information
  • Delete your account and all associated data
  • Export your nutrition data
  • Opt out of marketing communications

Data Retention

  • Account data: Retained for the life of your account
  • Nutrition data: Retained until you delete your account
  • Photos: Never stored (processed and immediately deleted)
  • Analytics data: Anonymous and aggregated, retained for service improvement

For European Users (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR).

Legal Basis for Processing

  • Contract: To provide our nutrition tracking service as agreed in our Terms of Service
  • Legitimate Interest: To improve our service, prevent fraud, and ensure security
  • Consent: For optional marketing communications (you may withdraw consent at any time)

International Data Transfers

Your data may be transferred to and processed in the United States. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

Your Additional Rights

  • Right to data portability (receive your data in a structured format)
  • Right to restrict processing
  • Right to object to processing based on legitimate interests
  • Right to lodge a complaint with your local data protection authority

For California Residents (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with specific rights.

Categories of Personal Information Collected

  • Identifiers (email address, IP address, device ID)
  • Personal information (name, physical characteristics for nutrition calculations)
  • Internet activity (app usage, browsing history within the app)
  • Geolocation data (timezone only, for accurate date tracking)

We Do Not Sell Your Personal Information

Nourli does not sell, rent, or share your personal information with third parties for their direct marketing purposes. We do not participate in data broker activities.

Your California Privacy Rights

  • Right to know what personal information is collected
  • Right to delete your personal information
  • Right to opt-out of sale or sharing (we do not sell your data)
  • Right to non-discrimination for exercising your rights
  • Right to correct inaccurate personal information

How to Exercise Your Rights

To submit a request, email us at privacy@nourli.health. We will respond within 45 days. You may also delete your account directly in the app under Settings.

Third-Party Services

We use the following trusted services:

  • OpenAI: For AI-powered food analysis (photos are not stored)
  • Supabase: For secure data storage and authentication
  • Stripe: For secure payment processing
  • Vercel: For app hosting and performance

Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the updated policy on this page
  • Sending you an email notification
  • Displaying a notice in the app

Changes are effective immediately upon posting.

Questions About Your Privacy?

We're committed to transparency and protecting your privacy

Contact Privacy Team

privacy@nourli.health