PseuChef ("we," "our," or "the app") is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your information, including health and biometric data from connected devices.
Device Identifier: When you first open PseuChef, we generate an anonymous device ID to manage your account and free trial. This ID is a random string — it contains no personal information and cannot be used to identify you.
Usage Analytics: We use PostHog, a privacy-focused analytics service, to understand how features are used and improve the app experience. PostHog collects anonymous event data (e.g., feature taps, screen views, subscription status) tied only to your anonymous device ID. PostHog does not collect your name, email, IP address, location, or any health data. You can learn more about PostHog's privacy practices at posthog.com/privacy. We also track anonymous, aggregated usage counts (number of AI requests per day) to monitor service health and prevent abuse.
User Content: Your recipes, menu selections, pantry items, dietary preferences, and chat messages are stored locally on your device only. We do not store your conversations or personal data on our servers.
PseuChef offers optional integrations with health devices to personalize your meal plans and nutrition recommendations. All device connections are opt-in — you must explicitly authorize each device from the Settings screen. PseuChef works fully without any connected devices.
Data accessed (read-only): Active energy burned, workouts (type, duration, calories), heart rate, resting heart rate, heart rate variability (HRV), steps, blood oxygen saturation (SpO2), water intake, blood glucose (if synced from a CGM), body fat percentage, and menstrual cycle data.
How we use it: This data is used exclusively to personalize your meal plan recommendations. For example, after an intense workout, PseuChef suggests recovery-appropriate meals with extra protein. If heart rate variability is declining, anti-inflammatory foods are prioritized. Workout type (HIIT vs. yoga vs. running) determines specific recovery nutrition.
Storage: HealthKit data is read on-device. When you use AI meal planning with health personalization enabled, anonymized health summaries (e.g., calorie totals, sleep scores, readiness metrics — not raw samples) are sent to our server and forwarded to Anthropic's Claude API for nutritional analysis. These summaries are processed in real-time and are not permanently stored on our servers or by Anthropic. Raw HealthKit samples (individual heart rate readings, step counts, etc.) are never transmitted. When you close the app, all health data is discarded from memory.
HealthKit data is not used for advertising, marketing, data brokering, or any purpose other than providing personalized nutrition recommendations within the app.
Data accessed (read-only): Readiness score, sleep score and contributors (deep sleep, REM, restfulness, efficiency, latency, timing), activity data (active calories, steps), resting heart rate, HRV balance, body temperature deviation, recovery index, and personal info (age, weight, height, biological sex).
How we use it: Readiness scores determine recovery-aware meal planning (anti-inflammatory meals on low-recovery days). Sleep quality analysis recommends tryptophan and magnesium-rich foods after poor sleep. Temperature trends are used to detect cycle phases for phase-appropriate nutrition. HRV trends flag potential inflammation for dietary response.
Storage: Oura connection tokens (OAuth) are stored on our server, associated only with your anonymous device ID. Oura health data is fetched on demand, processed to generate meal recommendations, and is not permanently stored on our servers.
Data accessed (read-only): Estimated glucose values (EGVs) from the last 24 hours, glucose trend direction, and carb intake events (if logged).
How we use it: Current glucose level determines whether the AI suggests low-glycemic, balanced, or energy-replenishing meals. Time-in-range percentage (70–140 mg/dL) is used to assess overall glucose control and adjust meal carbohydrate content. Over time, PseuChef correlates your glucose response with recipes you've cooked to learn which meals keep your blood sugar stable.
Storage: Dexcom connection tokens (OAuth) are stored on our server, associated only with your anonymous device ID. Raw glucose readings are processed into summary metrics (current level, average, time-in-range, fasting glucose) and the raw data is not permanently stored. Summary metrics are held in your device's local storage only.
PseuChef is not a medical device. Glucose-informed meal suggestions are for general wellness and nutrition purposes only. They do not constitute medical advice and should not replace guidance from your healthcare provider.
Data accessed (read-only): Weight, body fat percentage, muscle mass, body water percentage, bone mass, and pulse wave velocity.
How we use it: Weight trends are used to auto-adjust calorie targets — if your goal is weight loss and your weight has stalled, PseuChef shifts toward more satiating, higher-fiber meals. Body composition (fat %, muscle mass) determines macro ratios — higher muscle mass triggers increased protein recommendations. Elevated pulse wave velocity triggers heart-healthy DASH diet suggestions.
Storage: Withings connection tokens (OAuth) are stored on our server, associated only with your anonymous device ID. Body measurements are fetched on demand and processed to generate nutrition recommendations. Latest measurement and 30-day trend direction are stored in your device's local storage only — not on our servers.
You may disconnect any device at any time from the Settings screen. When you disconnect:
Deleting the PseuChef app removes all locally stored data permanently, including any health summaries.
Full Data Deletion: You can request deletion of all server-side data (device ID, usage counts, subscription info, health device tokens) from the Settings screen using "Request Server Data Deletion", or by emailing 652carlaave@gmail.com. We will process deletion requests within 30 days.
When you interact with PseuChef's AI features (chat, recipe generation, meal planning, pantry scanning, recipe import), your requests are sent to our secure backend proxy, which forwards them to Anthropic's Claude API for processing. Anthropic processes these requests according to their privacy policy.
When health device data is connected, anonymized biometric summaries (e.g., "readiness score: 72, sleep score: 65, glucose: elevated") may be included in the meal planning prompt sent to the AI. These summaries contain no personally identifiable information and cannot be linked back to you. Raw health data (individual glucose readings, heart rate samples) is never sent to the AI.
We do not log or store the content of your AI conversations on our servers. No personal data is sold to third parties.
All personal data (menu, pantry, preferences, chat history, memory, health summaries) is stored exclusively on your device using local storage. If you delete the app, all your data is permanently removed. We cannot recover it.
Our server stores only: anonymous device IDs, subscription tier (free/pro), subscription transaction identifiers (for purchase verification), feature usage counts, and OAuth tokens for connected health devices. None of this data can identify you personally. Usage data is automatically deleted after 90 days.
All communication between the app and our servers uses HTTPS encryption. Device authentication uses SHA-256 HMAC tokens. API keys are stored server-side and never exposed to the client application. Health device OAuth tokens are encrypted at rest.
PseuChef is not directed at children under 13. We do not knowingly collect information from children under 13. If you believe a child has provided us with information, please contact us and we will delete it.
We may update this policy from time to time. Changes will be reflected on this page with an updated date. Continued use of PseuChef after changes constitutes acceptance.
Questions about this privacy policy? Contact us at 652carlaave@gmail.com.