Privacy Policy

Last updated: March 2026. Juvelle (“we”, “us”, “our”) operates the Juvelle mobile application. This Privacy Policy explains how we collect, use, and protect your personal information.

Information We Collect

We collect the following categories of information when you use Juvelle:

• Account information: name, email address, and password (stored as a hash)
• Household member profiles: names, ages, dietary preferences, and health goals
• Health metrics: height, weight, activity level, and nutritional targets
• Meal preferences and meal history
• Usage analytics: app interactions and feature usage patterns

How We Use Your Information

We use your information to:

• Generate personalized meal plans for your household
• Calculate individual nutritional portions for each household member
• Create grocery lists based on your meal plan
• Improve our AI meal planning algorithms
• Send transactional emails such as account verification and password reset messages

Health Data

We collect sensitive health-related information including body measurements, nutritional goals, dietary restrictions, and activity levels. This data is stored securely and used exclusively for meal planning and nutritional guidance within your household account. We do not sell health data or share it with advertisers.

Children's Data (COPPA Compliance)

If you add household members under the age of 13, we collect only the information necessary for meal planning: name, age, dietary preferences, and nutritional goals. This data is managed by the family account holder (parent or guardian). We do not collect personal information directly from children.

We comply with the Children's Online Privacy Protection Act (COPPA), including the 2025 amendments covering biometric and health-related data.

Important: A verifiable parental consent workflow is currently in development and will be implemented before public launch. Until then, the family account holder provides consent on behalf of all household members, including children.

For full details on how we handle children's data, see our COPPA Notice.

Third-Party Service Providers

We work with the following third-party service providers:

• Supabase — Database hosting and authentication. Stores your account data and health metrics. Data is hosted in secure cloud infrastructure with row-level security policies.
• RevenueCat — Subscription management and billing. Processes payment status via the Apple App Store and Google Play. RevenueCat does not store full payment card details.
• Cloudflare — DNS, CDN, and web analytics. Cloudflare Web Analytics is cookieless and does not collect personal data. See the Cookies and Analytics section below for more detail.
• Resend — Transactional email delivery. Receives your email address for the purpose of sending account-related emails (verification, password reset, billing notices).
• OpenAI — AI meal plan generation. Receives anonymized dietary preferences and nutritional requirements to generate meal plans. No personal identifiers (names, email addresses, or health metrics) are sent to OpenAI.

Cookies and Analytics

Our website uses Cloudflare Web Analytics, which is a privacy-first, cookieless analytics service. It does not use cookies, does not collect personal data, and does not track individual users across sites. No cookie consent banner is required.

The Juvelle mobile app does not use tracking cookies or third-party advertising SDKs.

Your Rights Under GDPR (EU Users)

If you are located in the European Union, you have the following rights under the General Data Protection Regulation (GDPR):

• Right to access: Request a copy of the personal data we hold about you
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data
• Right to data portability: Receive your data in a structured, machine-readable format
• Right to object: Object to processing of your personal data
• Right to restriction: Request that we restrict how we use your data

To exercise any of these rights, contact us at privacy@juvelle.app.

Your Rights Under CCPA (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to know: Request details about the categories and specific pieces of personal information we have collected about you
• Right to delete: Request deletion of your personal information
• Right to opt-out of sale: We do not sell your personal information to third parties

We do not sell your personal information to third parties. We do not share your data for cross-context behavioral advertising.

Data Retention

We retain your data for as long as your account is active. If you delete your account, we remove all personal data within 30 days, except where retention is required by law.

Data Security

We use industry-standard security measures to protect your data, including:

• Encrypted data transmission (TLS) for all communications
• Encrypted database storage for all personal data and health metrics
• Row-level security policies so users can only access their own data

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification. The date at the top of this page indicates when the policy was last updated.

Contact Us

For privacy inquiries: privacy@juvelle.app
For general questions: hello@juvelle.app