Privacy Policy

Last Updated: May 19, 2026

Welcome to SureGut ("we", "our", or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, and share your information when you use the SureGut mobile application (the "App").

        Summary of recent changes: We have added optional sign-in with Apple and Google, a free usage tier supported by rewarded video ads via Google AdMob, and an in-app option to delete your account at any time. This Privacy Policy has been updated to reflect those changes.
    

1. Information We Collect

1.1 Account Information (Optional Sign-In)

You can use SureGut with optional sign-in via Sign in with Apple or Sign in with Google. When you sign in, we receive a stable, anonymized identifier from Apple or Google and, where you choose to share it, your name and email address. We use these to:

Create and identify your account across devices.
Restore your purchases, scan history, and dietary profile after reinstalling the App.
Link an Apple sign-in and a Google sign-in that share the same email address so that you keep one account when switching between iOS and Android. To match accounts privately we store a one-way cryptographic hash of your email; we do not store your email address in plain text in our linking database.

Apple may provide a private relay email address instead of your real email if you choose to "Hide My Email". We never receive your underlying real email in that case.

1.2 Camera and Photo Data

SureGut requires access to your device's camera and photo library to scan dietary labels and barcodes. Images and barcodes are processed to extract nutritional information and ingredients. Camera frames are processed on-device or transmitted only for label analysis and are not retained beyond that purpose.

1.3 Profile and Scan Data

If you create a dietary profile (e.g., conditions, allergies, dietary goals), we store that information together with your account identifier so we can give you personalized scan results. Scan history (the barcodes you have looked up and the verdict we returned) is associated with your account so you can review it later.

1.4 Advertising Data (Free Tier Only)

If you use the free tier of the App, we display banner ads and offer rewarded video ads that grant additional daily scans. Ads are served by Google AdMob. To deliver ads, the AdMob SDK collects and processes:

Your device's advertising identifier (IDFA on iOS, Android Advertising ID on Android).
Approximate technical information such as device type, operating system, language, and IP address.
Ad interaction events (impressions, clicks, and reward completions).

For each rewarded video you complete, AdMob sends a signed server-side verification callback to our backend so we can credit you with one extra daily scan. That callback contains your in-app user identifier and a transaction ID; it does not contain any of your personal contact details.

Premium subscribers do not see ads, and no advertising identifiers are read from their devices for advertising purposes.

1.5 Subscription and Purchase Information

If you purchase a subscription, payments are processed securely by Apple (App Store) or Google (Play Store), and managed via RevenueCat. We do not process or store your credit card information directly. We receive only your subscription status, product identifier, and the in-app user identifier you signed in with.

1.6 Diagnostic Data

We automatically collect minimal diagnostic information (crash reports, error logs, and basic usage metrics) so we can keep the App reliable. This data is aggregated and is not used to identify you personally.

2. How We Use Your Information

We use the information we collect to:

Provide and operate the label-scanning and dietary-analysis features.
Maintain your account, restore purchases, and link Apple and Google sign-ins that belong to the same person.
Process subscriptions and manage your entitlement status through RevenueCat.
Show banner and rewarded video ads to free-tier users, and verify rewards via AdMob's server-side verification.
Improve the App's functionality, fix bugs, and detect abuse or fraud.
Comply with legal obligations.

3. Sharing Your Information

We do not sell your personal information. We share limited information with the service providers below, each of whom is contractually required to handle it in line with applicable privacy laws:

Provider	What is shared	Purpose
Apple, Google (in-app purchases)	Subscription transactions	Process payments
RevenueCat	User identifier, subscription status, product IDs	Cross-platform subscription management
Google AdMob	Advertising identifier, ad interactions, device metadata	Serve banner and rewarded video ads, fraud prevention
Apple, Google (sign-in)	Authentication tokens	Verify your identity when you sign in
Amazon Web Services (AWS)	Encrypted application data	Host our backend infrastructure (United States)
AI / nutrition data providers	Barcode or label content (no identifying user information)	Look up product details and analyze ingredients

For more information about how Google uses data when you see ads, see Google's Privacy Policy. For RevenueCat's practices, see RevenueCat's Privacy Policy.

4. Your Privacy Choices

4.1 App Tracking Transparency (iOS)

On iOS, the first time you use the App we ask whether you allow tracking via Apple's App Tracking Transparency framework. If you decline, AdMob will only serve non-personalized ads and will not use your IDFA for tracking. You can change your decision at any time in Settings → Privacy & Security → Tracking → SureGut.

4.2 Personalized Ads (EU, UK, and California)

If you live in the European Economic Area, the United Kingdom, Switzerland, or a US state with applicable consumer-privacy laws, AdMob's User Messaging Platform (UMP) will display a consent dialog the first time the App loads. You can choose whether to allow personalized ads, allow only non-personalized ads, or manage individual ad partners. You can change your choice at any time from the App's settings or by reinstalling the App.

4.3 Subscribing to Remove Ads

You can remove all in-app advertising and unlock unlimited scans at any time by subscribing to SureGut Premium.

4.4 Account Deletion

You can delete your SureGut account and all associated data at any time from inside the App at Profile → Settings → Delete Account. You can also request deletion by emailing support@suregut.com; we will process your request within 30 days. Deletion removes your account, dietary profile, scan history, and advertising-attribution records from our systems. Some information may be retained in backups or as required by law (for example, transaction records for tax compliance) for a limited period before being permanently erased.

For abuse prevention, we may briefly retain an anonymized daily usage counter (a one-way hash of your account identifier together with the number of scans used that day). This counter contains no personal contact information and automatically expires at the end of each day. It exists solely to stop the free daily-scan allowance from being reset by repeatedly deleting and recreating an account.

4.5 Your Rights Under GDPR, UK GDPR, and CCPA / CPRA

Depending on where you live, you may have the right to:

Access, correct, or delete the personal information we hold about you.
Restrict or object to certain processing.
Port your data to another service.
Opt out of "sale" or "sharing" of personal information (we do not sell personal information; ad-related data sharing with Google AdMob may qualify as "sharing" under California law, and you may opt out via the in-app consent dialog described above).
Lodge a complaint with your local data-protection authority.

To exercise any of these rights, contact us at support@suregut.com.

5. Children's Privacy

SureGut is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us so we can promptly delete it.

6. Data Security

We use industry-standard measures to protect your information, including encryption in transit (HTTPS / TLS), encrypted secrets management for backend credentials, and least-privilege access controls on our cloud infrastructure. No internet service is fully secure, however, so we cannot guarantee absolute security.

7. Data Retention

We keep your information only for as long as necessary to provide the App and to comply with our legal obligations. Specifically:

Account data, dietary profiles, and scan history are retained while your account is active. They are deleted when you delete your account.
Daily scan-allowance counters are automatically purged at the end of each day.
Ad-related identifiers and ad-interaction logs follow Google AdMob's retention policies.
Subscription and purchase records may be retained for the period required by applicable accounting and consumer-protection laws.

8. International Data Transfers

Our backend infrastructure is hosted in the United States. If you use the App from outside the United States, your information will be transferred to and processed in the United States. By using the App you consent to this transfer. Where required, we rely on standard contractual clauses or equivalent safeguards for transfers from the European Economic Area and the United Kingdom.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last Updated" date at the top of this page and, where appropriate, notify you through the App or by other reasonable means. Your continued use of the App after a change becomes effective constitutes your acceptance of the updated policy.

10. Contact Us

If you have questions or comments about this notice, or wish to exercise any of your privacy rights, please email us at: support@suregut.com.