Privacy Policy

Last Updated: January 16, 2026
Version: 1.0.0

This Privacy Policy describes how Qooqs Limited ("Qooqs," "we," "us," or "our") collects, uses, processes, shares, and protects your information when you use the Qooqs mobile application, website, and related services (collectively, the "Service"). By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Interpretation and Definitions

1.1 Interpretation

Capitalized terms have the meanings assigned to them in this Policy.

1.2 Definitions

Account means the unique profile created for you to access the Service.

Application means the Qooqs mobile application for iOS and Android devices.

Company, We, Us, or Our means Qooqs Limited, a company registered in the United Kingdom, with registered office at 4th Floor, Silverstream House, 45 Fitzroy Street, Fitzrovia, London, W1T 6EB, United Kingdom.

Device means any device (smartphone, tablet, or computer) used to access the Service.

Personal Data means information that identifies or can reasonably be linked to an individual. Personal Data includes identifiable health information.

Health Data means information you provide relating to your physical characteristics, health, nutrition, goals, or activity, including weight, height, age, gender, food logs, dietary preferences, health attributes, body composition, and biometric data.

Usage Data means data collected automatically through use of the Service, including device information, activity logs, and analytics data.

User Content means photos, images, text, food entries, recipes, meal plans, social posts, metadata, or other inputs you upload or submit through the Service.

Website means qooqs.app and associated domains.

You means the individual using the Service or the organization on whose behalf the Service is used.

2. Geographic Scope and Applicable Laws

This Privacy Policy applies to users in the United Kingdom, United States, Canada, and other jurisdictions. We comply with:

  • The UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018
  • The EU General Data Protection Regulation (GDPR) where applicable
  • The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
  • Other applicable US state privacy laws
  • Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and provincial privacy laws

Where specific rights or requirements apply to your jurisdiction, we identify them in the relevant sections below.

3. Types of Data We Collect

We collect the categories of data described below. Certain categories may qualify as health information, sensitive personal information, or special category data under various privacy laws.

3.1 Personal Data You Provide

We collect the following Personal Data when you create an Account or use the Service:

  • First name and last name
  • Email address
  • Password and authentication credentials
  • Phone number (optional)
  • Date of birth or age range
  • Gender (optional)
  • Country and region
  • Profile preferences and settings
  • Communication preferences

3.2 Health and Nutrition Data

To provide personalized nutrition guidance and goal tracking, we collect:

  • Weight and weight history
  • Height
  • Age and date of birth
  • Gender
  • Activity level
  • Food logs and food data (including items photographed, scanned via barcode, or logged manually)
  • Dietary preferences and restrictions (e.g., vegetarian, vegan, allergies)
  • Nutrition goals (e.g., weight loss, muscle gain, health maintenance)
  • Macronutrient targets and preferences
  • Body composition metrics (if you choose to provide them)
  • Health conditions or medical information you choose to share
  • Any other health information you voluntarily enter into the Application

You decide which health information to provide. The Service cannot function properly without basic nutrition data, such as food entries.

Important Note: We classify health and nutrition data as sensitive personal information. We handle this data with heightened security and in accordance with applicable laws governing health information.

3.3 User Content (Including Food Photos)

User Content includes:

  • Photos of food and meals uploaded for calorie and nutrition analysis
  • Text descriptions of meals and recipes
  • Social posts, comments, and shared content
  • Recipe creations and meal plans
  • Custom food entries
  • Notes and journal entries

Important: We may use anonymized or aggregated food images to improve our AI models, algorithms, and product features. We do not associate such images with your identity when used for internal development and model training. Food photos shared in social features may be visible to other users according to your sharing settings.

3.4 Payment Information

When you purchase a subscription or make payments through the Service:

  • Payment card information (processed securely by Stripe, our payment processor)
  • Billing address
  • Transaction history and purchase records
  • Digital wallet information (Apple Wallet, Google Wallet)

We do not directly store your complete payment card details. Payment processing is handled by our third-party payment processor, Stripe, in accordance with PCI DSS standards.

3.5 Usage Data

We automatically collect:

  • Device type, model, and operating system
  • Mobile device identifiers (e.g., advertising ID, device ID)
  • IP address and approximate location (based on IP address)
  • App version and settings
  • Time stamps and session information
  • Activity logs and feature usage
  • Crash reports and error logs (via Sentry)
  • Performance and diagnostic data
  • Search queries and browsing behavior within the Service
  • Social interactions (likes, comments, follows, shares)
  • Referral sources and marketing campaign data

This data helps us secure, improve, optimize, and personalize the Service.

3.6 Social and Community Data

If you participate in social features:

  • Profile information you make public
  • Posts, comments, and interactions with other users
  • Followers and following relationships
  • Shared meals, recipes, and content
  • Community engagement metrics

3.7 Cookies and Tracking Technologies

The Website uses cookies, web beacons, pixels, tags, and similar technologies for:

  • Authentication and security
  • Analytics and performance monitoring
  • Preferences and settings
  • Marketing and advertising (with your consent where required)

The Application may use mobile identifiers and software development kits (SDKs) for similar purposes.

Cookie Management: You can control cookie settings through your browser or device settings. For more details, see Section 14.

3.8 Information from Third Parties

We may receive information about you from:

  • Third-party authentication services (if you sign in via Google, Apple, etc.)
  • Payment processors (Stripe)
  • Marketing and analytics partners
  • Publicly available sources

4. How We Use Your Data

We use the collected data for the following purposes:

4.1 To Provide and Operate the Service

  • Account creation, authentication, and management
  • Food identification and nutrition analysis
  • Calorie and macronutrient tracking
  • Goal setting and progress monitoring
  • Personalized meal plans and recommendations
  • Recipe suggestions and meal planning
  • Social features and community interactions
  • Customer support and communication
  • Service stability, debugging, and security
  • Fraud prevention and abuse detection

4.2 To Improve AI and Machine Learning Models

We use food images and related User Content to:

  • Train and improve AI models for food recognition
  • Enhance accuracy of calorie and nutrition estimates
  • Develop new features and capabilities
  • Improve overall product performance and user experience

Such use is anonymized or aggregated and not linked to your identity. We implement technical and organizational measures to ensure that training data cannot be traced back to individual users.

4.3 Personalization and Recommendations

We use your data to:

  • Provide personalized nutrition insights and recommendations
  • Suggest meals and recipes based on your goals and preferences
  • Customize your experience within the Service
  • Deliver relevant content and features

4.4 Communications

We may contact you about:

  • Service-related notifications and updates
  • New features and product announcements
  • Tips, educational content, and nutrition guidance
  • Account and security matters
  • Customer support responses
  • Surveys and feedback requests

4.5 Marketing (With Your Consent Where Required)

We may send you promotional communications about:

  • New features and services
  • Special offers and promotions
  • Health and nutrition content
  • Community highlights

You can opt out of marketing emails at any time using the unsubscribe link in our emails or through your account settings.

4.6 Analytics and Research

We analyze aggregated, anonymized data to:

  • Understand usage patterns and trends
  • Conduct research on nutrition and health behaviors
  • Improve service quality and user experience
  • Generate insights for product development

4.7 Legal and Compliance

We may use your data to:

  • Comply with legal obligations and law enforcement requests
  • Enforce our Terms of Service and other policies
  • Protect our rights, property, and safety
  • Prevent fraud and abuse
  • Resolve disputes

4.8 Business Transfers

If we engage in a merger, acquisition, financing, reorganization, bankruptcy, or asset sale, your information may be transferred as part of that transaction, subject to applicable law and continued protection under this Privacy Policy.

6. How We Share Personal Data

We do not sell your Personal Data. We may share Personal Data in the following circumstances:

6.1 Service Providers and Business Partners

We share data with trusted third-party service providers who assist us in operating the Service:

  • DigitalOcean – Cloud hosting and infrastructure
  • Stripe – Payment processing
  • Resend – Email delivery
  • Zoho – Customer relationship management
  • Sentry – Error tracking and monitoring
  • Apple – Apple Wallet integration
  • Google – Google Wallet integration
  • Analytics providers – Service analytics and improvement

These providers are contractually obligated to protect your data and use it only for the purposes we specify. They must comply with applicable data protection laws.

6.2 Social Features and User-Initiated Sharing

When you use social features, certain information may be shared:

  • Your public profile information
  • Content you choose to share publicly (posts, recipes, meals)
  • Your interactions with other users (comments, likes)

You control what information is public through your privacy settings.

6.3 Business Transfers

In connection with mergers, acquisitions, asset sales, or similar corporate transactions, provided that the receiving party agrees to protect your data consistent with this Privacy Policy.

6.4 Legal Compliance and Protection

We may disclose your information when required by law or when we believe in good faith that disclosure is necessary to:

  • Comply with legal obligations, court orders, or law enforcement requests
  • Enforce our Terms of Service and other agreements
  • Protect the rights, property, or safety of Qooqs, our users, or others
  • Prevent fraud, abuse, or security issues

6.5 With Your Consent

We may share your information with third parties when you direct us to do so or give us explicit permission.

6.6 Aggregated or Anonymized Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you for:

  • Research and analytics
  • Business development
  • Marketing and promotional purposes
  • Public reporting

7. User Content and License Rights

By submitting User Content to the Service, you grant Qooqs a worldwide, non-exclusive, royalty-free, sublicensable, and transferable license to use, store, process, reproduce, modify, create derivative works from, and distribute your User Content solely to:

  • Operate, maintain, and provide the Service
  • Improve AI models and algorithms (in anonymized or aggregated form)
  • Develop new features and capabilities
  • Display your content according to your sharing settings

What this means:

  • Food photos: Used for AI training after anonymization; shared with other users only if you choose to post publicly
  • Social posts: Displayed to other users according to your privacy settings
  • Recipes and meal plans: Shared with the community if you choose to make them public
  • Personal health data: Never displayed publicly without your explicit permission

You retain ownership of your User Content. You can delete your content at any time, subject to technical limitations and backup retention periods.

We do not claim ownership of your User Content and will not use your personal photos or health information for marketing purposes without your separate, explicit consent.

8. International Data Transfers

Qooqs is based in the United Kingdom. Your information may be transferred to, stored, and processed in countries outside your country of residence, including:

  • European Economic Area (EEA)
  • United States
  • Canada
  • Other countries where our service providers operate

These countries may have different data protection laws than your jurisdiction.

Safeguards for International Transfers:

When we transfer Personal Data outside the UK or EEA, we implement appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office (ICO) and European Commission
  • Adequacy decisions recognizing certain countries as providing adequate data protection
  • Binding corporate rules for transfers within corporate groups
  • Additional security measures to protect data in transit and at rest

For transfers from the UK or EEA to the United States, we rely on SCCs and supplementary measures given the absence of an adequacy decision.

Your Rights: You have the right to obtain information about the safeguards we use for international transfers. Contact us at aramide@qooqs.app for details.

9. Data Retention

We retain your data for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

9.1 Retention Periods

  • Account and Profile Data: Retained while your Account is active and for up to 90 days after account deletion (to allow for account recovery)
  • Health and Nutrition Data: Retained while your Account is active; deleted or anonymized within 90 days of account deletion
  • Food Logs and Entries: Retained while your Account is active; deleted within 90 days of account deletion
  • Food Photos (for AI training): Anonymized immediately after upload; retained indefinitely in anonymized form for model improvement
  • Social Content: Retained according to your settings; deleted within 90 days of deletion request or account closure
  • Usage and Analytics Data: Retained for up to 2 years for service improvement and analytics
  • Payment Records: Retained for up to 7 years to comply with tax and financial reporting obligations
  • Communications: Customer support communications retained for up to 3 years
  • Legal and Compliance Data: Retained as required by law or to defend legal claims

9.2 Backup and Archival Data

We maintain backup systems for business continuity. Backups are retained for up to 90 days and are then permanently deleted. Data in backups is deleted in the ordinary course of backup rotation.

9.3 Anonymized Data

Data that has been fully anonymized (such that it cannot reasonably be linked back to you) may be retained indefinitely for research, analytics, and service improvement.

10. Your Privacy Rights

Depending on your jurisdiction, you may have specific rights regarding your Personal Data.

10.1 Rights Under UK GDPR and EU GDPR

If you are located in the UK or European Economic Area, you have the following rights:

  • Right of Access: Request a copy of your Personal Data
  • Right to Rectification: Correct inaccurate or incomplete Personal Data
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your Personal Data in certain circumstances
  • Right to Restriction: Restrict processing of your Personal Data in certain circumstances
  • Right to Data Portability: Receive your Personal Data in a structured, commonly used format and transmit it to another controller
  • Right to Object: Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time (without affecting prior processing based on consent)
  • Right to Lodge a Complaint: Complain to the UK Information Commissioner's Office (ICO) or your local data protection authority

How to Exercise Your Rights: Contact us at aramide@qooqs.app. We will respond within one month of receiving your request.

ICO Contact: You can contact the ICO at ico.org.uk or call 0303 123 1113.

10.2 Rights Under California Privacy Laws (CCPA/CPRA)

If you are a California resident, you have the following rights:

  • Right to Know: Request disclosure of Personal Information collected, used, shared, or sold
  • Right to Delete: Request deletion of your Personal Information (subject to exceptions)
  • Right to Correct: Request correction of inaccurate Personal Information
  • Right to Opt-Out of Sale or Sharing: We do not sell or share Personal Information for cross-context behavioral advertising
  • Right to Limit Use of Sensitive Personal Information: Limit use of sensitive Personal Information (we do not use it beyond providing the Service)
  • Right to Non-Discrimination: Exercise your rights without discriminatory treatment

Sensitive Personal Information: We collect sensitive personal information (health data, precise geolocation, biometric information). We use this data only to provide the Service and do not use it for other purposes without your consent.

How to Exercise Your Rights: Email us at aramide@qooqs.app or submit a request through the Application. We will respond within 45 days.

Verification: We may need to verify your identity before processing requests. We will request information to match against our records.

Authorized Agents: You may designate an authorized agent to submit requests on your behalf. The agent must provide proof of authorization.

10.3 Rights Under Other US State Privacy Laws

If you reside in Virginia, Colorado, Connecticut, Utah, or other states with comprehensive privacy laws, you may have similar rights to access, correct, delete, and port your data, as well as opt out of targeted advertising and certain sales of data. Contact us at aramide@qooqs.app to exercise these rights.

10.4 Rights Under Canadian Privacy Law (PIPEDA)

If you are a Canadian resident, you have rights to:

  • Access your Personal Information
  • Request correction of inaccurate Personal Information
  • Withdraw consent for certain processing
  • Complain to the Privacy Commissioner of Canada

Privacy Commissioner of Canada: You can contact the Office of the Privacy Commissioner at priv.gc.ca or call 1-800-282-1376.

10.5 How to Exercise Your Rights

To exercise any of the rights described above:

  • Email: aramide@qooqs.app
  • In-App: Use the "Privacy Settings" or "Account Settings" in the Application
  • Mail: 4th Floor, Silverstream House, 45 Fitzroy Street, Fitzrovia, London, W1T 6EB, United Kingdom

We will respond to verified requests within the timeframes required by applicable law.

11. Deleting Your Personal Data

You may request deletion of:

  • Your Account and all associated Personal Data
  • Food logs and nutrition data
  • User Content (photos, posts, recipes)
  • Profile information

How to Delete Your Data:

  • In the Application: Go to Settings > Account > Delete Account
  • Email us: aramide@qooqs.app with "Delete My Account" in the subject line

What Happens After Deletion:

  • We will delete or anonymize your Personal Data within 90 days
  • Some data may persist in backups for up to 90 days before permanent deletion
  • Anonymized data (not linked to you) may be retained for research and analytics
  • We may retain certain data where legally required (e.g., transaction records for tax purposes)
  • Data may remain in social features if other users have interacted with your content (e.g., shared recipes), but your personal identifiers will be removed

12. Security

We implement administrative, technical, and physical safeguards to protect your Personal Data from unauthorized access, use, disclosure, alteration, or destruction.

Security Measures Include:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure authentication and access controls
  • Regular security audits and vulnerability assessments
  • Employee training on data protection
  • Incident response and breach notification procedures
  • Secure infrastructure with DigitalOcean and Sentry monitoring

No Guarantee: Despite our efforts, no online system is 100% secure. We cannot guarantee absolute security of your data. You are responsible for maintaining the confidentiality of your account credentials.

If a Breach Occurs: We will notify affected users and relevant authorities as required by applicable law.

13. Children's Privacy

The Service is not intended for children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect Personal Information from children under these ages.

If we learn that we have inadvertently collected Personal Information from a child under 13 (or 16 where applicable), we will delete that information as soon as possible.

If you are a parent or guardian and believe your child has provided us with Personal Information, please contact us at aramide@qooqs.app.

Age Verification: By using the Service, you represent that you are at least 13 years old (or 16 in jurisdictions requiring a higher minimum age).

14. Cookies and Tracking Technologies

14.1 What Are Cookies?

Cookies are small text files placed on your device when you visit our Website. Similar technologies include web beacons, pixels, and mobile identifiers.

14.2 Types of Cookies We Use

  • Essential Cookies: Required for the Service to function (authentication, security)
  • Performance Cookies: Help us understand how users interact with the Service
  • Functional Cookies: Remember your preferences and settings
  • Marketing Cookies: Deliver relevant advertising and measure campaign effectiveness (with your consent where required)

14.3 Your Cookie Choices

  • Browser Settings: Most browsers allow you to refuse cookies or alert you when cookies are being sent
  • Opt-Out Links: Use opt-out mechanisms provided by third-party analytics and advertising services
  • Do Not Track: Some browsers have "Do Not Track" features; we honor these signals where required by law

Note: Disabling essential cookies may prevent you from using certain features of the Service.

14.4 Third-Party Cookies

Third-party service providers may set cookies on our Website or Application for analytics and advertising purposes. We do not control these third-party cookies.

15. Third-Party Links and Services

The Service may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices or content of these third parties.

Fitness Tracker Integration (Future): We may offer integration with fitness trackers and health apps. You control what information is shared with third-party services through their respective settings and permissions.

We encourage you to review the privacy policies of any third-party services before providing them with your information.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

Notice of Changes:

Updates will be posted on this page with a revised "Last Updated" date. Material changes will be communicated via:

  • Email notification to the address associated with your Account
  • In-app notification
  • Prominent notice on the Website or Application

Your Continued Use: Continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

We encourage you to review this Privacy Policy periodically.

17. Data Protection Officer (UK/EU Users)

For UK and EU users, we have appointed a Data Protection Officer (DPO) to oversee our data protection practices and ensure compliance with UK GDPR and EU GDPR.

Contact Our DPO:

  • Email: dpo@qooqs.app
  • Mail: Data Protection Officer, Qooqs Limited, 4th Floor, Silverstream House, 45 Fitzroy Street, Fitzrovia, London, W1T 6EB, United Kingdom

18. California "Shine the Light" Law

California residents may request information about disclosures of Personal Information to third parties for their direct marketing purposes. We do not disclose Personal Information to third parties for their own marketing purposes.

19. Nevada Privacy Rights

Nevada residents may opt out of the sale of their Personal Information. We do not sell Personal Information as defined under Nevada law. If you have questions, contact us at aramide@qooqs.app.

20. Contact Us

If you have questions, concerns, or requests related to this Privacy Policy or our privacy practices, please contact us:

Email: aramide@qooqs.app

Mail:
Qooqs Limited
4th Floor, Silverstream House
45 Fitzroy Street, Fitzrovia
London, W1T 6EB
United Kingdom

Data Protection Officer (UK/EU): dpo@qooqs.app

Supervisory Authority (UK):
Information Commissioner's Office (ICO)
Website: ico.org.uk
Phone: 0303 123 1113

Supervisory Authority (Canada):
Office of the Privacy Commissioner of Canada
Website: priv.gc.ca
Phone: 1-800-282-1376

21. Interpretation and Severability

If any provision of this Privacy Policy is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary, and the remaining provisions will remain in full force and effect.

This Privacy Policy shall be governed by and construed in accordance with the laws of England and Wales (for UK users), the State of California (for California users), or the applicable law of your jurisdiction.

Effective Date: This Privacy Policy is effective as of January 16, 2026.

By using the Qooqs Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.