← Back to home
Meaple

Privacy Policy

Last updated: May 19, 2026

1. Introduction

Welcome to Meaple. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and protect your information when you use our app.

Meaple is developed and operated by MX Development. By using the app, you agree to the practices described in this policy.

2. Data We Collect

Meaple collects the following types of data:

  • Account data: Email address for account authentication
  • Profile data: Name, age, sex, height, weight, health goal (e.g. "Lose weight"), effort level, and daily point budget you provide during onboarding
  • Meal data: Meal names, point values, estimated calories, AI coaching notes, and meal photos (stored as file URLs)
  • Weight logs: Weight entries and dates you record in the app
  • Notification preference: Your chosen daily reminder time — stored locally on your device only, never sent to our servers
  • Attribution data: Limited install and conversion events (app launch, account creation, first scan, subscription start) shared with TikTok and Meta for advertising attribution. On iOS, these are only linked to your Advertising Identifier (IDFA) if you grant permission via Apple's App Tracking Transparency prompt. See section 9.

3. AI-Powered Meal Analysis and Third-Party Data Sharing

When you scan a meal in Meaple, certain data is sent to Google's Gemini AI service.

Meaple uses Google Gemini (provided by Google LLC) to analyse your meals and provide personalised coaching. Each time you scan a meal, the following is transmitted to Google:

  • Your meal photo (compressed JPEG)
  • Your health goal (e.g. "Lose weight")
  • Your effort level (e.g. "Balanced")
  • Your daily point budget and points used so far today

Google does not use data sent via the Gemini API to train its AI models. Google's handling of this data is governed by Google's Privacy Policy.

You are asked to give explicit consent before your first scan. You can revoke consent by uninstalling the app.

4. Device Permissions

Meaple requests access to the following device features:

  • Camera: To photograph meals for AI-powered point estimation
  • Photo library: To select existing photos of meals for AI analysis
  • Notifications: To send optional daily reminders for your morning weigh-in (processed locally on-device; no notification content is sent to our servers)

All permissions are optional and can be revoked at any time in your device settings.

5. How We Use Your Data

We use your data for the following purposes:

  • Providing and operating the Meaple service
  • Calculating your personalised daily point budget based on your profile
  • Enabling AI meal analysis and coaching via Google Gemini
  • Sending optional local push notifications for your daily weigh-in reminder
  • Processing subscription status via the Apple App Store
  • Measuring the effectiveness of our advertising campaigns and optimising future campaigns (see section 9)

6. Data Storage and Security

Your data is stored securely using Supabase (by Supabase Inc.), a cloud database platform. All data is encrypted in transit (TLS) and at rest. Row-level security policies ensure that each user can only access their own data.

Meal photos are stored as files in Supabase Storage under a path scoped to your user ID. These files are accessible via direct URL but are not indexed or shared by Meaple outside of your own account.

Subscription payments are handled entirely by the Apple App Store. Meaple does not receive or store any payment card information.

7. Third-Party Services Summary

The following third-party services receive data from Meaple:

ServiceProviderData sentPurpose
Google GeminiGoogle LLCMeal photo, health goal, effort level, daily budget, points used todayAI meal analysis & coaching
SupabaseSupabase Inc.Account data, meal logs, weight logs, meal photosDatabase, auth & file storage
Apple App StoreApple Inc.Purchase receipts (handled by Apple)Subscription processing
TikTok Business SDKTikTok Pte. Ltd.Install + conversion events, Advertising Identifier (IDFA) only if you grant ATT permission, SKAdNetwork postbacks otherwiseAd attribution & campaign measurement
Meta SDK (Facebook)Meta Platforms, Inc.Install + conversion events, Advertising Identifier (IDFA) only if you grant ATT permission, SKAdNetwork postbacks otherwiseAd attribution & campaign measurement

Meal photos, weight logs, and any other personal in-app activity are never shared with TikTok or Meta.

8. Your Rights

You have the following rights regarding your personal data:

  • The right to access your data
  • The right to correct inaccurate data
  • The right to delete your data (right to erasure)
  • The right to object to processing
  • The right to data portability

You can delete your account and all associated data at any time from within the app. See our Account Deletion page for step-by-step instructions. For any other data requests, contact us at [email protected].

9. Advertising and Attribution

Meaple runs paid install campaigns on TikTok and Meta (Facebook and Instagram). To measure which campaigns work and to optimise future spending, we share a limited set of conversion events with both networks.

What we share: app installs, account creation, first meal scan, paywall views, free-trial starts, and subscription purchases. Each event includes a generated event identifier and, for active accounts, a hashed user identifier so the same install can be matched across events.

What we never share: your meal photos, meal contents, weight logs, health goal, age, sex, height, or any other personal in-app activity. Attribution data is strictly about install and conversion milestones — not what you do inside the app.

On iOS, Apple's App Tracking Transparency (ATT) governs whether attribution can use your Advertising Identifier (IDFA).

The first time you open Meaple after onboarding, iOS will ask whether Meaple may track activity across other companies' apps and websites. This permission is used only to share the IDFA with TikTok and Meta for ad attribution.

  • If you allow tracking: Meaple shares the IDFA alongside conversion events so TikTok and Meta can match your install to the ad that introduced you.
  • If you decline tracking: No IDFA is shared. Attribution falls back to Apple's privacy-preserving SKAdNetwork framework, which sends a single anonymised postback per install without exposing your device identifier.
  • Either way: Every feature of Meaple works identically. Tracking permission has no effect on what the app can do for you.

You can change this choice at any time in iOS Settings → Privacy & Security → Tracking → Meaple.

TikTok and Meta's use of the data they receive is governed by their own privacy policies:

Meaple does not use website cookies, cross-site tracking pixels, or third-party behavioural advertising profiles beyond the install-attribution events described above.

10. Children's Privacy

Meaple is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via an in-app notification or email. Continued use of the app after changes constitutes your acceptance of the updated policy.

12. Contact

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

MX Development
Email: [email protected]