Privacy Policy

Last updated: July 2026

Overview

Atomic Fast ("the App") is a personal health and nutrition tracking app. Your privacy is important to us. This policy explains what data the App accesses, how it is used, and your rights.

Data Storage

All health and activity data — including fasting sessions, meal logs, nutrition entries, health snapshots, user profile, and preferences — is stored locally on your device using Apple's SwiftData (iOS) or Android's Room database.

This data never leaves your device except through the optional cloud backup feature (to your own iCloud or Google Drive) or when using external services as described below. It is never uploaded to our servers.

Account Data

If you create an account, we store the minimum needed to operate it on our backend (Supabase): your sign-in email, basic device information (model, app version, locale, timezone), aggregate usage counters (such as total fasts logged), and your subscription status as validated with Apple or Google.

Your health and activity data is not part of your account — it stays on your device as described above. Deleting your account permanently removes all account data from our backend.

Apple HealthKit & Health Connect

iOS: With your permission, the App reads health data from Apple HealthKit, including: step count, active energy burned, exercise minutes, resting heart rate, heart rate variability (HRV), and sleep analysis.

Android: With your permission, the App reads equivalent health data from Health Connect.

This data is used solely to calculate your on-device readiness score and health insights. Health data is never sent to external servers, shared with third parties, or used for advertising.

You can revoke access at any time in your device's health data settings.

Camera & Photo Library

The App requests camera access to scan food items and barcodes. Photos taken for food identification are processed as described under "External Services" below.

Food photos you choose to save are stored locally on your device. The App does not access your broader photo library without explicit action.

Cloud Backup

Atomic+ subscribers can optionally enable cloud backup to protect their data across devices.

iOS (iCloud): Data is stored in your personal iCloud container using Apple's iCloud Documents. This data is governed by Apple's iCloud security and privacy policies and is not accessible to us.

Android (Google Drive): Data is stored in your Google Drive's hidden app-data folder using the restricted drive.appdata scope. This data is governed by Google's privacy policy and is not visible in your Drive file browser or accessible to us.

Cloud backup can be disabled at any time. When you delete your account, your cloud backup is automatically deleted.

External Services

Google Gemini API — When you use the "Scan Food" feature, your food photo is sent to Google's Gemini API for AI-based food identification and nutrition estimation. Google's privacy policy applies to this data. Photos are sent transiently and are not stored by the App on any server.

USDA FoodData Central — When you search for foods, your search query is sent to the USDA's public API to retrieve nutrition data. No personal information is included in these requests.

Open Food Facts — When you scan a barcode, the barcode number is sent to the Open Food Facts public API to look up product information. No personal information is included.

Notifications

Reminders you configure (fasting milestones, hydration, meals) are local notifications, scheduled on-device.

The App may also deliver push notifications (for example, occasional product announcements) via Apple's Push Notification service and Google's Firebase Cloud Messaging. To enable this, an anonymous device push token is stored with your account. Push notifications are optional — you can decline the system permission or disable them in the App's notification settings at any time, and the token is deleted with your account.

Analytics & Crash Reporting

Crash reporting (Sentry): to keep the App stable, we collect crash and error reports that include device model, OS version, app version, and the technical state of the App at the time of the error. When you are signed in, reports are associated with your account (including your account email) so we can investigate issues you contact us about. If the App crashes, the report may include a screenshot of what was on screen at that moment; screenshots are never attached to non-crash error reports.

Product analytics (Google Firebase Analytics): we collect usage events (for example, "a fast was started" or "onboarding was completed") to understand which features are used and improve the App. When you are signed in, events are linked to a pseudonymous account identifier (a random ID, removed with your account) so we can measure retention across app updates — never to your name or email. Events never include your health data values, meal contents, name, or email. Advertising features and ad identifiers (IDFA) are disabled — analytics data is not used for advertising, not shared for cross-app tracking, and never sold.

The App contains no advertising frameworks.

Data Deletion

You can delete all local data at any time using the "Clear All Data" action in Data & Privacy settings, or by deleting/uninstalling the App.

When you delete your account, all local data and your cloud backup (iCloud or Google Drive) are permanently removed. Individual food entries, meal logs, and fasting sessions can also be deleted within the App.

Children's Privacy

The App is not directed at children under 13 and does not knowingly collect personal information from children.

Changes to This Policy

We may update this privacy policy from time to time. The updated version will be accessible within the App and will indicate the date of the latest revision.

Contact

If you have questions about this privacy policy, please contact us at support@atomicfast.com.