Back to home

Privacy Policy

Effective date: March 5, 2026

Bettie (“we,” “our,” or “us”) operates the Bettie mobile application and the website located at bettie.app (collectively, the “Service”). The Service provides meal logging, carbohydrate estimation, and glucose insight functionality.

This Privacy Policy describes the types of information we collect from users of the Service, how that information is collected, used, stored, and disclosed, and the rights and choices available to you regarding your personal data.

By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and use of your information as described herein. If you do not agree with this policy, you should not use the Service.

1. Data we collect

Account information

When you sign in with Google or Apple, we receive your name, email address, and a unique user identifier provided by the authentication provider. We do not receive or store your password.

Meal data

Meal logs you create — including photos, text descriptions, barcode scans, receipt images, carbohydrate estimates, macronutrient breakdowns, and timestamps — are stored so that you can review your history and receive insights. Meal photos are stored separately from your account details.

Health and glucose data

If you grant permission, Bettie reads glucose readings from Apple HealthKit. You may also import glucose data by uploading CSV or text exports from Dexcom Clarity, LibreView, or CamAPS FX. This data is used solely to correlate meals with your glucose response and to generate personal insights within the app.

Chat and assistant data

Conversations with the Bettie assistant — including messages you send and responses generated — are stored to maintain context within a chat session and to allow you to refine meal estimates.

Subscription information

Subscription status is managed through RevenueCat. We receive confirmation of your subscription entitlement but do not process or store payment card details. All payment processing is handled by Apple (App Store) or Google (Play Store).

Waitlist information

If you submit your email address through the waitlist form on our website, we collect and store that email address for the purpose of communicating with you about access to the service.

Usage and diagnostic data

We collect basic usage events (such as scroll depth on the website and feature interactions in the app) to understand how Bettie is used and to improve the service. We do not use third-party advertising or analytics SDKs that track you across other apps or websites.

2. How we collect data

  • Directly from you — when you sign in, log meals, send chat messages, upload glucose data, or submit your email address through our website.
  • From Apple HealthKit — glucose readings, only when you explicitly grant Bettie read access through the Health app permissions prompt.
  • From authentication providers — basic profile information (name, email, user ID) provided by Google Sign-In or Sign in with Apple.
  • Automatically — basic device information and usage events collected during normal use of the app and website.

3. How we use your data

  • Provide core app functionality — meal logging, carbohydrate estimation, glucose correlation, insights, chat assistant, and meal history search.
  • Generate personalised insights by correlating your meals with your glucose data.
  • Maintain and improve the service, fix bugs, and monitor performance.
  • Communicate with you about your account, service updates, or support requests.
  • Comply with legal obligations and enforce our terms.

We do not use your data for advertising, ad targeting, or data mining beyond providing the health and fitness features described above.

4. Apple HealthKit data

Bettie accesses Apple HealthKit data (specifically, blood glucose readings) solely to provide meal-to-glucose correlation and personal health insights within the Service. In accordance with Apple's HealthKit guidelines, we adhere to the following requirements:

  • HealthKit data is not used for advertising or other use-based data mining purposes.
  • HealthKit data is not sold, shared with, or disclosed to data brokers, advertising platforms, or information resellers.
  • HealthKit data is not shared with third parties except where necessary to provide a health or fitness service directly to you, and only with your explicit consent.
  • Personal health information derived from HealthKit is not stored in iCloud.
  • HealthKit data is stored securely in our backend database (Firebase/Firestore) with access restricted to your authenticated account.

You can revoke Bettie's access to HealthKit data at any time through your device's Settings > Health > Data Access & Devices.

5. Third-party AI services and data sharing

Bettie uses third-party artificial intelligence services to power its core features. Before these services are used, you are presented with a clear disclosure screen in the app and asked to provide your explicit consent. You may not use AI-powered features without consenting.

No personally identifiable information is ever sent to any AI service. Your name, email address, and account identifier are never included in any request to OpenAI or Tasty API. The data sent is limited to the content you explicitly provide (meal photos, descriptions, messages) and anonymised health context (glucose summaries, meal history).

What data is sent and to whom

  • OpenAI — the following data is sent to OpenAI to power the chat assistant, meal classification, confidence scoring, receipt extraction, and similarity search: meal descriptions and food names; chat messages; meal history context (food names, dates, carb estimates, glucose impact scores); glucose summaries (averages, time in range, min/max in mg/dL — when requested in chat); receipt and menu photos (base64 encoded, for item extraction); and approximate location data (country, city, and optionally GPS coordinates — used for cuisine classification at meal log time). OpenAI processes this data under their API usage policies. Data submitted via the API is not used to train OpenAI's models. No account identifiers (name, email, Firebase UID) are sent.
  • Tasty API — meal photos you capture or upload, and text descriptions of meals are sent to Tasty API to identify food items and estimate nutritional content (carbohydrates, calories, macronutrients). No account information, health data, or personal identifiers are sent to Tasty API.

What is never shared with AI services

  • Your name or email address
  • Your account identifier (Firebase UID)
  • Payment information
  • Raw HealthKit sensor data or continuous glucose monitor readings from HealthKit

Notes on specific data types

  • Glucose summaries in chat: When you use the chat assistant and ask about your glucose, a summary (e.g. average mg/dL, time in range, min/max values over a chosen time window) may be provided to OpenAI as context to generate a personalised response. Precise per-reading timestamps and raw CGM data are not sent.
  • Location data in meal classification: If location is available at the time you log a meal, your approximate country and city may be sent to OpenAI to help classify cuisine type (e.g. “Thai” vs “Italian”). GPS coordinates may also be included in this classification call. No location data is sent during chat.
  • Receipt photos: If you use the receipt scanning feature, the receipt or menu photo is sent to OpenAI as an image to extract food item names. Receipts may visually contain your name, last four digits of a card, or restaurant address — this image is sent as-is. If this concerns you, you can crop sensitive areas before scanning.

Other third-party service providers

We engage a limited number of additional third-party service providers to operate and support the Service. These providers process data on our behalf and are contractually obligated to protect it in accordance with this policy.

  • Firebase (Google Cloud) — authentication, database (Firestore), and file storage for meal photos. Data is stored in secure Google Cloud infrastructure.
  • RevenueCat — manages subscription entitlements. Receives your anonymous app user ID and subscription status from the app stores. Does not receive health data or meal content.
  • Apple / Google — handle all payment processing for subscriptions. We do not receive or store payment card details.

We do not sell your personal information to any third party.

6. Data storage and security

All data is stored on Firebase (Google Cloud) infrastructure. We implement industry-standard security measures including, but not limited to:

  • Encryption in transit (TLS/HTTPS) for all data transmitted between the app, website, and our servers.
  • Encryption at rest for data stored in Firestore and Cloud Storage.
  • Authentication-based access controls so that only you can access your data through your authenticated account.
  • API key and token-based authentication for all server requests.

While we implement commercially reasonable measures to protect your data, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security of your information.

7. Data retention

We retain your data for as long as your account is active and as needed to provide the service. Specifically:

  • Account and meal data — retained while your account exists. Deleted when you delete your account.
  • Glucose data — retained while your account exists. You can request deletion at any time.
  • Chat history — retained while your account exists to maintain conversation context.
  • Waitlist emails — retained until no longer needed for communication purposes, or until you request removal.
  • Usage data — retained in aggregated, non-identifiable form for service improvement.

When you delete your account, we delete your personal data from our active systems. Some data may persist in encrypted backups for a limited period before being permanently removed.

8. Your rights and choices

You have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request correction of inaccurate or incomplete data.
  • Deletion — request deletion of your account and associated data. You can delete your account directly from the app (Profile > Delete Account) or by contacting us.
  • Revoke HealthKit access — manage or revoke Bettie's access to your health data through your device's Health settings at any time.
  • Data portability — request your data in a portable format where technically feasible.
  • Withdraw consent — withdraw consent for data processing where consent is the legal basis, without affecting the lawfulness of processing before withdrawal.

To exercise any of these rights, contact us atsupport@bettie.app. We will respond within 30 days.

9. International users

If you are located in the European Economic Area (EEA), United Kingdom, or another jurisdiction with data protection laws, you have additional rights under applicable regulations including the General Data Protection Regulation (GDPR). These include the rights described in section 8 above, as well as the right to lodge a complaint with your local data protection authority.

Our legal bases for processing your data are: performance of a contract (providing the service), your consent (HealthKit access, waitlist signup), and our legitimate interests (improving the service, maintaining security).

Your data may be transferred to and processed in countries outside your jurisdiction, including the United States, where our service providers operate. We ensure appropriate safeguards are in place for such transfers.

10. Children's privacy

Bettie is not directed at children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13 without parental consent, we will take steps to delete that information promptly. If you believe a child has provided us with personal data, please contact us atsupport@bettie.app.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date at the top of this page and, where appropriate, notify you through the app or by email. We encourage you to review this policy periodically. Your continued use of Bettie after changes are posted constitutes acceptance of the updated policy.

12. Contact us

If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal data, you may contact us at:

support@bettie.app