Back to home

Privacy Policy

Last Updated: March 1, 2026

Cole AI ("we," "our," or "us") operates the Cole AI mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App. Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this Privacy Policy.

If you do not agree with the terms of this Privacy Policy, please do not access or use the App.

1. Information We Collect

1.1 Information You Provide Directly

Account Information

  • Email address and password (if using email sign-up)
  • Authentication credentials via Google OAuth or Apple Sign-In
  • Display name (optional)

Health and Demographic Information (provided during onboarding)

  • Gender
  • Date of birth
  • Height and weight
  • Current LDL cholesterol, HDL cholesterol, and triglyceride levels (optional)
  • Target LDL cholesterol goal
  • Blood test unit preference (mg/dL or mmol/L)
  • Blood test history entries you add over time

Lifestyle and Preference Information

  • Current diet type (e.g., Mediterranean, vegetarian, standard)
  • Health goal pace
  • Perceived obstacles to cholesterol management
  • How you heard about Cole AI

Meal Data

  • Photos of meals you capture or upload for analysis
  • Serving size adjustments
  • Corrections or feedback you provide on meal analyses

1.2 Information Generated by Our Services

When you submit a meal photo for analysis, our AI-powered analysis service generates the following information:

  • Estimated nutritional data (saturated fat, trans fat, soluble fiber, unsaturated fat, plant sterols, dietary cholesterol, triglycerides, calories, and weight)
  • A cholesterol health score (1–100)
  • Detected food ingredients
  • Personalized nutritional feedback and recommendations
  • A brief meal description

1.3 Information Collected Automatically

Device and Usage Information

  • Device type, operating system, and version
  • App usage patterns and interaction data (collected via analytics services)
  • Crash reports and performance data

Subscription Information

  • Subscription status, plan type, and expiration date
  • Free trial status
  • Purchase and restore events (processed by our subscription management provider)

1.4 Information We Do NOT Collect

  • Precise geolocation data
  • Contacts or address book data
  • Browsing history outside the App
  • Financial account numbers or payment card details (payments are processed entirely by Apple App Store or Google Play Store)

2. How We Use Your Information

We use the information we collect to:

  • Provide and maintain the App, including meal photo analysis, cholesterol health scoring, and personalized nutritional feedback
  • Create and manage your account and authenticate your identity
  • Personalize your experience based on your health profile, goals, and dietary preferences
  • Track your progress by displaying meal history, daily scores, nutrient trends, and streaks
  • Process subscriptions and manage free trial periods
  • Send you notifications such as free trial reminders (with your permission)
  • Improve the App by analyzing usage patterns and identifying bugs or performance issues
  • Respond to your inquiries and provide customer support
  • Comply with legal obligations and protect our rights

3. How We Share Your Information

We do not sell your personal information to third parties. We may share your information with the following categories of service providers, solely to operate and improve the App:

3.1 AI Analysis Provider (Google)

When you submit a meal photo for analysis, the image is sent to Google's Gemini API for processing. Google receives the meal photo and returns nutritional analysis data. Google's use of this data is governed by Google's Privacy Policy. No personal identifiers, health profile data, or account information are sent to Google with your meal photos.

3.2 Backend and Database Provider (Supabase)

We use Supabase to store your account information, health profile, and meal analysis records. Data is stored in secure, encrypted databases hosted in Canada. Supabase's handling of data is governed by Supabase's Privacy Policy.

3.3 Subscription Management (RevenueCat)

We use RevenueCat to manage subscriptions, free trials, and purchase verification. RevenueCat processes subscription events and status information. RevenueCat's handling of data is governed by RevenueCat's Privacy Policy.

3.4 Analytics (Heap / ContentSquare)

We use Heap by ContentSquare to collect anonymous usage analytics and crash reports in production builds only. This helps us understand how the App is used and identify issues. ContentSquare's handling of data is governed by ContentSquare's Privacy Policy.

3.5 Authentication Providers

If you sign in with Google or Apple, those providers receive authentication-related data as part of the sign-in process. Their respective privacy policies govern their use of that data.

3.6 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal process, such as a court order, subpoena, or government request.

4. Health Data

Cole AI processes health-related information, including cholesterol levels, nutritional data, and meal analyses. We treat this data with special care:

  • Your health data is private. We do not share your health data with advertisers, data brokers, or any third parties for marketing purposes.
  • Health data is stored securely. Sensitive health information is stored in encrypted databases and, on your device, in your operating system's secure keychain.
  • Meal photos are used only for analysis. Photos you submit are sent to our AI analysis provider solely to generate nutritional information. They are not used for advertising, profiling, or any purpose unrelated to providing you with meal analysis.
  • Cole AI is not a medical device. The App provides general nutritional information and cholesterol health scoring for educational and informational purposes only. It is not intended to diagnose, treat, cure, or prevent any disease. Always consult a qualified healthcare professional before making dietary or medical decisions.

5. Data Storage and Security

5.1 Where Your Data Is Stored

  • Cloud: Your account information, health profile, and meal analysis records are stored on secure servers hosted in Canada via Supabase.
  • On Your Device: Authentication tokens are stored in your device's encrypted secure storage (iOS Keychain / Android Keystore). Onboarding progress is stored locally on your device.

5.2 Security Measures

We implement appropriate technical and organizational measures to protect your information, including:

  • Encryption of data in transit (HTTPS/TLS) and at rest
  • Encrypted on-device storage for authentication credentials
  • PKCE (Proof Key for Code Exchange) for OAuth authentication flows
  • Row-level security policies on database tables
  • Environment-separated API keys (not hardcoded in the application)

While we strive to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

  • Account Data: We retain your account information and health profile for as long as your account is active.
  • Meal Records: Meal analysis records are retained until you delete them individually or request account deletion.
  • Analytics Data: Anonymized usage analytics are retained according to our analytics provider's retention policies.

You may delete individual meal records at any time through the App. To request complete account deletion, please contact us at support@coleai.app. Upon receiving a valid deletion request, we will delete your account and associated data within 30 days, except where retention is required by law.

7. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete personal information.
  • Deletion: Request deletion of your personal information and account.
  • Portability: Request your data in a structured, commonly used format.
  • Withdraw Consent: Withdraw consent for data processing where consent is the legal basis.
  • Opt Out of Analytics: Contact us to opt out of analytics data collection.

Notifications: You can disable push notifications at any time through your device's system settings.

Camera and Photo Library Access: You can revoke camera or photo library permissions at any time through your device's system settings. Note that revoking camera access will prevent you from capturing meal photos for analysis.

To exercise any of these rights, please contact us at support@coleai.app.

8. Children's Privacy

Cole AI is not intended for use by children under the age of 13 (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete that information as soon as possible. If you believe a child under 13 has provided us with personal information, please contact us at support@coleai.app.

9. Third-Party Links and Services

The App may contain links to third-party websites or services, including the Apple App Store, Google Play Store, and subscription management pages. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including Canada (where our database servers are located) and the United States (where some of our service providers operate). These countries may have data protection laws that differ from those in your jurisdiction. By using the App, you consent to the transfer of your information to these countries.

Where required by applicable law, we ensure that appropriate safeguards are in place to protect your information during international transfers.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Last Updated" date at the top of this Privacy Policy and, where appropriate, providing additional notice within the App. Your continued use of the App after any changes constitutes your acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Cole AI
Email: support@coleai.app

13. California Residents (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, and disclose
  • Request deletion of your personal information
  • Opt out of the sale of your personal information (we do not sell personal information)
  • Not be discriminated against for exercising your privacy rights

To exercise these rights, please contact us at support@coleai.app.

14. European Economic Area Residents (GDPR)

If you are located in the European Economic Area, our legal bases for processing your personal information include:

  • Consent: Where you have given us consent (e.g., for push notifications and analytics)
  • Contract: Where processing is necessary to provide you with the App's services
  • Legitimate Interests: Where processing is necessary for our legitimate business interests, such as improving the App, provided these interests are not overridden by your rights

You have the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws.