Privacy Policy

Our Commitment to Your Privacy

Welcome to BiteToBalance ("we," "us," or "our"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains what information we collect, how we use it, and what rights you have in relation to it.

This policy applies to all information collected through our website and services (collectively, our "Services"). By using our Services, you also agree to our Terms of Service and Cookie Policy.

1. Information We Collect

We collect information that you voluntarily provide to us and information that is automatically collected when you use our Services.

Information You Provide:

• Quiz Responses & Health Preferences: Information you enter into our symptom checker quiz, including age, eating habits, food preferences, and related health information.
  • Purpose: To provide personalized quiz results, insights, and recommendations tailored to your responses.
  • Legal Basis: Consent and fulfillment of service request (providing quiz results).
  • Retention: Identifiable quiz data is not stored long-term unless you create an account (future feature). Anonymized, aggregated data may be retained for service improvement and analysis. We do not store personally identifiable quiz responses without explicit consent.
• Contact Information: When you contact us via our Contact Page, we collect your email address and any information in your message.
  • Purpose: To respond to inquiries and provide customer support.
  • Legal Basis: Legitimate interest in providing customer support.
  • Retention: Contact information is retained as long as necessary to resolve your inquiry and for our records, typically up to 2 years.

Information Automatically Collected:

• Usage Analytics: We use tools like Google Analytics (deployed via Google Tag Manager) to collect anonymous data about site interactions, including pages visited, features used, time spent, and general location data.
  • Purpose: To understand service usage, improve functionality and user experience, and conduct internal analytics.
  • Legal Basis: Legitimate interest in monitoring and improving our Services.
  • Retention: Anonymized analytics data may be retained for up to 26 months in accordance with Google Analytics settings.
• Cookies and Similar Technologies: We use cookies for site functionality, analytics, and performance optimization. For detailed information, please see our Cookie Policy.
  • Purpose: Essential site functionality, user experience enhancement, and analytics.
  • Legal Basis: Consent for non-essential cookies; legitimate interest for essential cookies.

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain our Services, including the symptom checker quiz
• Personalize your experience and provide tailored recommendations
• Understand and analyze usage patterns to improve our Services
• Communicate with you and provide customer support
• Ensure compliance with our Terms of Service and legal obligations
• Detect and prevent fraud, abuse, or security issues
• Develop new features and services (using anonymized data)

3. How We Share Your Information

We are committed to not selling your personal health-related data.

We may share information in the following circumstances:

• Service Providers: We share information with trusted third-party service providers who assist us in operating our Services, such as:
  • Website hosting providers (e.g., Vercel)
  • Database services (e.g., Google Firebase/Firestore for data storage)
  • Analytics providers (e.g., Google Analytics - see Google's Privacy Policy)
  • Email service providers (for contact form responses)

  These providers are contractually obligated to protect your data and use it only for the specified purposes.

• Future Payment Processing: When we introduce paid services, payment information will be processed by secure third-party payment processors (e.g., Stripe). We do not store complete payment card details.
• Legal Requirements: We may disclose information when required by law, regulation, or valid legal process, or to protect the rights, property, or safety of BiteToBalance, our users, or others.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of that transaction.

4. Data Security

We implement comprehensive security measures to protect your personal information:

• Encryption: All data is encrypted in transit using HTTPS with TLS encryption
• Access Controls: Strict access controls limit data access to authorized personnel only
• Regular Security Assessments: We conduct regular security reviews and updates
• Secure Infrastructure: Our services are hosted on secure, regularly updated platforms
• Data Minimization: We collect and retain only the data necessary for service provision

While we implement industry-standard security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to protecting your data using reasonable measures.

5. Your Data Protection Rights

Depending on your location (including GDPR for EU/UK residents and CCPA for California residents), you may have the following rights:

• Access: Request a copy of personal information we hold about you
• Rectification: Request correction of inaccurate or incomplete information
• Erasure/Deletion: Request deletion of your personal information (subject to certain exceptions)
• Restrict Processing: Request limitation on how we process your information
• Data Portability: Request your data in a machine-readable format
• Object to Processing: Object to processing based on legitimate interests or for direct marketing
• Withdraw Consent: Withdraw consent for processing that relies on your consent
• Opt-out of Tracking: Manage cookie preferences through our cookie banner or browser settings

To exercise these rights, please contact us through our Contact Page. We will respond promptly and may need to verify your identity before processing your request. We aim to respond to most requests within one month, though complex requests may take longer.

6. Consent Management

We obtain consent through various means:

• Cookie Consent: Through our cookie banner for non-essential cookies
• Quiz Participation: By voluntarily completing our symptom checker quiz
• Contact Forms: By submitting contact information through our forms

You can withdraw consent at any time by adjusting your cookie settings, contacting us, or discontinuing use of specific features.

7. International Data Transfers

Your information may be stored and processed in countries other than your own, including the United States and European Union, where our service providers operate. These countries may have different data protection laws than your country of residence.

When we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions, to protect your personal information in accordance with this Privacy Policy.

8. Children's Privacy

Our Services are not primarily directed to children under 16. We do not knowingly collect personal information from children under 16 without verifiable parental consent, except as permitted by applicable law (such as COPPA in the U.S. for children under 13).

If you are a parent or guardian and believe your child has provided us with personal information without appropriate consent, please contact us immediately, and we will take steps to remove such information.

For children between 13-16, we recommend parental guidance when using our Services, particularly when completing health-related assessments.

9. Future Service Updates

As we develop new features, this Privacy Policy will be updated to reflect new data practices for:

• User account registration and management
• Community features and chat groups (user-generated content)
• Donation processing and donor management
• E-commerce functionality and order processing
• Professional user features and additional services