Privacy Policy

Contact Us
Effective Date: 09-09-2025

This Privacy Policy explains how Pinnacle ("we," "us," or "our") collects, uses, and shares information when you use the Pinn mobile application (the "App"). Pinn helps you track meals and exercise, including optional photo-based AI analysis. We designed the App with privacy in mind and in alignment with Apple's App Store Review Guidelines, including sections related to HealthKit, camera/photos, and notifications.

By using the App, you agree to the practices described here.

What We Process

  • App activity and basic device context: App version, platform (iOS). Used to operate and improve features.
  • Generated user identifier: A random, locally stored user ID used for feature configuration and analytics. We do not collect names, emails, or similar identifiers by default.
  • Health and fitness data (Apple HealthKit): With your explicit permission, we read steps, active energy/workouts and may write user-entered step/workout samples back to HealthKit. We do not transmit HealthKit data to our servers or third parties.
  • Photos and images: If you choose AI photo analysis or upload from camera/gallery, the image you select is processed to extract nutrition insights.
  • Barcodes: If you scan a product, we query Open Food Facts with the barcode to fetch nutrition data.
  • Local notifications: The App can schedule reminders on your device after you grant permission.
  • Crash/diagnostic logs: Only if the OS or frameworks provide them in the normal course of operation; we do not implement separate crash reporting in the App.

Sources and Storage

  • On device: We store settings and identifiers using secure local storage libraries (MMKV and AsyncStorage). HealthKit anchors (sync markers) are stored locally to optimize HealthKit reads. Photos remain on your device unless you choose to submit one for AI analysis.
  • No first-party backend: The App does not operate a custom server storing your personal data. When features require external processing, we call specific third-party services as described below.

How We Use Information

  • Provide and improve features: Track meals and workouts, compute statistics, show insights, and personalize feature flags.
  • AI meal extraction (optional): If you request AI analysis, we send the selected photo and prompts to your chosen AI provider (OpenAI or Google Gemini) to generate nutrition estimates.
  • Barcode lookups (optional): For barcode scans, we send the numeric code to Open Food Facts to obtain product data.
  • Local reminders (optional): If enabled, we schedule local notifications on your device for meal, water, steps, and workout reminders.

HealthKit-Specific Disclosures (Apple Requirement)

  • We only access HealthKit data after your explicit consent and only for the purpose of health/fitness tracking.
  • We do not use HealthKit data for advertising, marketing, or data mining unrelated to health.
  • We do not sell HealthKit data and do not transmit HealthKit data off your device.
  • When writing to HealthKit (e.g., steps/workouts you add), entries are marked as user-entered.
  • We do not store HealthKit data in iCloud.

Photos, Camera, and Media

  • Camera and photo library access are requested only when you initiate a capture or selection.
  • Images selected for AI analysis are sent to the chosen AI provider strictly to return nutrition estimates. We do not retain copies on our servers because we do not operate a first-party backend for this data.
  • Do not upload images containing sensitive personal content or other individuals without their permission.

Third-Party Services (Processors)

We use the following services to enable App functionality. Each is a processor of limited data for the purposes described.

  • Google Gemini (Google LLC)
    Purpose: Photo/text AI analysis to estimate meal nutrition.
    Data: Images and text you submit for analysis; derived prompts.
    Policy: Terms and Privacy
  • Statsig (Statsig, Inc.)
    Purpose: Feature flags/experiments and minimal analytics to improve the App.
    Data: Random user identifier, app/platform context, feature exposure. No HealthKit data is shared.
    Policy: Docs Privacy and Privacy Policy
  • Open Food Facts (Open Food Facts Association)
    Purpose: Public food database lookup by barcode.
    Data: Barcode number only. Responses include public product nutrition.
    Policy: Terms and Privacy
  • We may update this list as our processors change. We will maintain an up-to-date version in this document.

Legal Bases (EEA/UK)

  • Consent: HealthKit access, notifications, camera/photos, and AI analysis are optional and require your consent.
  • Legitimate interests: Basic app telemetry for reliability and feature flagging that does not involve HealthKit data.

Data Sharing and Sale

  • We do not sell your personal information.
  • We do not share HealthKit data with third parties.
  • We share limited data with the processors above solely to provide the requested functionality.

Retention

  • On-device data persists until you delete it or uninstall the App.
  • AI providers may retain logs consistent with their policies. We do not submit HealthKit data to AI providers.
  • Barcode lookups are stateless; we do not keep a server copy.

International Transfers

Third-party processors may process data in the United States or other countries. Where applicable, they implement appropriate safeguards (e.g., Standard Contractual Clauses). See their policies for details.

Your Choices and Rights

  • Health data permissions: Manage Health permissions in the Apple Health app.
  • Notifications: Manage in device Settings.
  • Camera/Photos: Manage in device Settings.
  • AI analysis: Do not initiate AI features if you prefer not to send images to third-party AI providers.
  • Access/Deletion: Because we do not maintain a user account backend, most data is on your device. You can delete the App to remove local data. To remove entries you wrote to HealthKit, use the Health app. For third-party AI providers or Statsig, contact us and we will assist with any applicable requests.

Residents in certain regions (e.g., EEA/UK under GDPR; California under CCPA/CPRA) may have rights to access, correct, delete, or opt out of certain processing. Contact us to exercise these rights.

Children’s Privacy

The App is not directed to children under 13, and we do not knowingly collect personal data from them. If you believe a child under 13 used the App, contact us so we can take appropriate action. Users 13–17 should use the App only with parental/guardian consent.

Security

We use reasonable administrative, technical, and organizational safeguards designed to protect your data. We do not store your data, all data stored locally in the app device.

Changes to This Policy

We may update this Policy from time to time. We will update the effective date above and make the current version available in the App and on our website/App Store listing.

Contact Us

Email: info@semestha.com