Privacy Policy

Version 1.0 - Effective date: 1 May 2026 Controller: OdO Holding B.V. (KVK: 77612752)

Important: GutTrace processes health-related data (meal logs, digestive observations, self-tracking summaries). This is special-category personal data under the GDPR (AVG). We process this data only with your explicit consent, given during onboarding. GutTrace may show possible correlations between logged ingredients and logged feelings. These are correlations in your own diary, not proof of causation, and are not medical advice.

1. Who We Are

OdO Holding B.V. is the data controller for all personal data processed through the GutTrace app. We are registered in the Netherlands and can be reached at:

OdO Holding B.V.
KVK: 77612752
info@guttrace.com

2. What Data We Collect and Why

We collect only what is necessary to provide the service.

Account data

Email address, hashed password, and session tokens — collected when you create an account. We may add Sign in with Apple or Google in the future; in that case, we receive a unique identifier and email address from the provider.
Legal basis: performance of a contract (Art. 6(1)(b) GDPR).

Health data (special category)

Meal descriptions, meal photos, ingredient estimates, feeling tags, stool logs, digestive observations, and self-tracking summaries — including possible correlations between logged ingredients and logged feelings. These summaries are for personal diary use only. They are not medical advice, diagnosis, disease monitoring, treatment, or proof of causation.
Legal basis: consent under Art. 6(1)(a) GDPR and explicit consent under Art. 9(2)(a) GDPR, given during onboarding. You may withdraw consent at any time; see section 8.

Photos

Photos you take or upload of your meals are stored in a private cloud storage bucket and are accessible only to you via authenticated requests.
Legal basis: consent under Art. 6(1)(a) GDPR and explicit consent under Art. 9(2)(a) GDPR.

Subscription and payment data

Subscription status, purchase date, expiry date, and associated entitlements. We do not receive or store payment card details; these are processed exclusively by Apple or Google.
Legal basis: performance of a contract (Art. 6(1)(b) GDPR).

Push notification data

If you enable notifications, we process push tokens, notification preferences, and delivery metadata to send reminders or app notifications. You can disable notifications through your device settings or app settings. We do not include sensitive health information in notification previews.
Legal basis: consent (Art. 6(1)(a) GDPR).

Usage analytics

Pseudonymous events such as screen views, feature interactions, and onboarding steps, used to understand how the app is used and to improve it. We do not log meal content, free-text descriptions, image data, or any free-text feedback in analytics. Analytics events may be linked to session or user identifiers and are not fully anonymous.
Legal basis: legitimate interest in improving the product (Art. 6(1)(f) GDPR). You may object; see section 8.

Feedback

If you submit feedback through the in-app feedback feature or the website contact form, the content is processed to respond to it and improve the service.
Legal basis: legitimate interest (Art. 6(1)(f) GDPR).

Technical and security data

IP address (used for rate limiting and session security), app version, and basic device information. This data is not used for tracking or profiling.
Legal basis: legitimate interest in security and abuse prevention (Art. 6(1)(f) GDPR).

3. Required and Optional Data

Some data is required to provide the service, such as account data and meal and feeling logs needed for the core diary and correlation features. If you do not provide health-related diary data or withdraw consent, GutTrace cannot provide the core tracking and correlation features.

Optional data, such as stool logs, feedback, and push notification preferences, is not required to use the core service.

4. AI Processing

When you log a meal, your meal description and any uploaded photos may be sent to Google's Gemini API to estimate ingredients and nutritional content. Gemini is not used to generate medical advice, diagnosis, treatment recommendations, or health conclusions.

Correlation summaries, where shown, are calculated from your own diary logs and are presented only as possible associations, not causation. These calculations happen within GutTrace's own systems and are not sent to Gemini.

Google processes data sent via the API as a data processor on our behalf and is bound by a Data Processing Agreement. We do not use your data to train AI models and Google does not use API data to train its models, per our agreement.

5. Third-Party Processors and Independent Controllers

We work with the following parties. Processors act on our instructions; independent controllers process data for their own purposes under their own privacy policies.

Data processors (bound by Data Processing Agreements)

Processor	Purpose	Location
Cloudflare	Hosting, CDN, photo storage, DDoS protection	US / EU
Neon	PostgreSQL database hosting	EU
Google (Gemini API)	AI ingredient estimation from meal descriptions and photos	US
RevenueCat	Subscription state management and webhooks	US
PostHog	Pseudonymous product analytics	EU

Independent controllers

Controller	Purpose	Location
Apple / Google	App distribution, in-app payments, App Store accounts, push-notification infrastructure	US

6. International Transfers

Some processors are based outside the European Economic Area (EEA), including in the United States. When we transfer your personal data outside the EEA, we ensure an adequate level of protection through:

Standard Contractual Clauses (SCCs) adopted by the European Commission (Decision 2021/914); or
An adequacy decision by the European Commission where applicable.

You can request a copy of the applicable safeguards by contacting us at info@guttrace.com.

7. Retention

We retain your data for as long as your account is active. When you delete your account:

Your health data (meal logs, stool logs, photos, self-tracking summaries) is deleted from active systems within 30 days;
Encrypted backups are overwritten in the ordinary backup cycle within 2 days;
We may retain limited records where required by law — such as tax, accounting, fraud-prevention, or legal records — and restrict their use to those purposes only. Dutch businesses are generally required to retain financial records for at least 7 years;
Pseudonymous analytics data that cannot be linked back to you may be retained beyond account deletion.

8. Your Rights

Under the GDPR (AVG), you have the following rights:

Right of access (Art. 15): You can request a copy of all personal data we hold about you.

Right to rectification (Art. 16): You can ask us to correct inaccurate data.

Right to erasure (Art. 17): You can request deletion of your personal data. You can also delete your account directly in the app's settings.

Right to restriction (Art. 18): You can ask us to limit processing while a dispute is resolved.

Right to data portability (Art. 20): You can request an export of your data in a structured, machine-readable format, labelled as a personal diary export. This export is not a medical report and should not be used as a diagnosis, treatment recommendation, or proof of causation.

Right to object (Art. 21): You can object to processing based on legitimate interest, including analytics. We will then stop unless we can demonstrate compelling legitimate grounds.

Right to withdraw consent (Art. 7(3)): You may withdraw your consent to the processing of your health data at any time. Withdrawal does not affect the lawfulness of processing before withdrawal. Withdrawing consent means we can no longer provide the core diary and correlation features, and we will offer you the option to delete your account.

To exercise any of these rights, contact us at info@guttrace.com. We will respond within 30 days.

You also have the right to lodge a complaint with the Dutch supervisory authority:

Autoriteit Persoonsgegevens
Hoge Nieuwstraat 8, 2514 EL Den Haag
autoriteitpersoonsgegevens.nl

9. Automated Processing and Correlation Summaries

GutTrace may calculate self-tracking summaries and possible correlations based on your own diary entries. These outputs are informational only and are presented as possible associations, not causation.

GutTrace does not make decisions that produce legal or similarly significant effects about you based on automated processing.

10. Cookies and Tracking

The GutTrace mobile app does not use browser cookies. The web marketing site uses only:

Session cookies — necessary to keep you signed in. These are required for the service and do not require consent.
Analytics — pseudonymous usage data. These are only activated with your consent.

We do not use advertising cookies or sell your data to third parties for advertising purposes.

11. Security

We implement appropriate technical and organisational measures to protect your data, including:

Encryption of data in transit (TLS) and at rest;
Authenticated, time-limited access to stored photos;
Access controls limiting which team members can access personal data;
Regular review of security measures.

Where required by law, we will notify the Autoriteit Persoonsgegevens of a personal data breach without undue delay and, where feasible, within 72 hours after becoming aware of it. If a breach is likely to result in a high risk to your rights and freedoms, we will notify affected users without undue delay.

12. Children

You must be at least 16 years old to create an account or use GutTrace. GutTrace is not directed at children under 16.

If we learn that a child under 16 has created an account, we will delete the account and associated personal data unless we are legally required to retain limited information. If you believe a child under 16 has provided us with personal data, please contact us at info@guttrace.com.

13. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will notify you by email and/or in-app notification at least 30 days before the change takes effect. Where the change affects the legal basis for processing, we will request your renewed consent where required.

The current version is always available at https://guttrace.com/privacy.

14. Contact

For questions about this Privacy Policy or to exercise your rights:

OdO Holding B.V.
KVK: 77612752
info@guttrace.com