Privacy Policy
Privacy Policy
Last Updated: July 10, 2026
Effective Date: July 10, 2026
This Privacy Policy explains how the operator of the MicroPlastics mobile application (the "Company," "we," "our," or "us") collects, uses, shares, and protects your information when you use the MicroPlastics app and related services (the "Service"). It also describes your rights and choices. By using the Service, you agree to this Policy. If you do not agree, please do not use the Service.
1. Who We Are
For the purposes of the EU/UK GDPR and similar laws, the Company is the "controller" of personal data processed through the Service. You can reach us at team@microplasticsapp.com or through the in-app Contact Support screen.
2. Information We Collect
We collect only what we need to run the Service.
a. Account and identity. When you use the app, an anonymous account identifier is created so the app works before you sign up. If you create or link an account, we collect your email address, an authentication identifier, and, if you use a third-party sign-in such as Sign in with Apple, the limited information that provider shares with us. Passwords are stored in hashed form by our authentication provider; we do not see your plaintext password.
b. Optional profile information. You may provide details such as region, age range, household context, or goals to personalize your experience. You choose whether to share these.
c. Scans, photos, and inputs. When you scan an item, you provide an image and related inputs (mode, barcode, condition, usage). To generate a result, the image and inputs are transmitted securely to our backend and to third-party AI providers for analysis. Depending on your settings and actions, a copy of a scan and its result may be saved to your history, which you can view and delete at any time. When you type a question, an ingredient list, or a swap idea, that text is processed to produce a response.
d. Activity and content you create. We store the data you generate in the app, such as scan history, saved and custom swaps, watchlist items, rooms and routines, weekly-plan progress, contributions you submit, and gamification data (points, streaks, levels, badges).
e. Purchases. When you subscribe, our subscription provider and the Apple App Store process the transaction. We receive subscription status and related receipts but not your full payment-card number.
f. Device, usage, and diagnostics. We and our analytics provider collect app version, device type and operating system, language, coarse usage events, feature interactions, and crash and performance diagnostics. Our analytics are configured to avoid sensitive content: we do not send scan images, question text, or precise health profiles, and exposure results are shared only as a coarse band (for example, "low" or "elevated").
g. Location. If you use the nearby-places feature and grant permission, we use your device location to find relevant places near you via a third-party mapping/points-of-interest service. You can deny or revoke this permission at any time; the rest of the app still works.
h. Notifications. If you enable notifications, we store a push token so we can deliver reminders and updates. You can turn notifications off in the app or your device settings.
i. Support communications. If you contact us, we collect the information you provide (such as your message, category, and email) to respond.
3. How We Use Information
We use information to: provide and operate the Service and generate scores, reports, and AI responses; save and sync your data across devices; personalize recommendations and content; process subscriptions and provide customer support; send reminders and service messages you have enabled; maintain safety, prevent fraud and abuse, and enforce our Terms; understand and improve the Service through analytics and diagnostics; build aggregated and de-identified insights; and comply with legal obligations.
4. AI Processing and Third-Party AI Providers
Scan images, ingredient text, and questions you submit to AI features are sent to third-party AI providers (for example, large-language-model and vision APIs) solely to generate your result. We instruct these providers to process such inputs only to provide the response and not to use them to train their general models, subject to their terms. AI outputs are estimates and may be inaccurate; see the Terms for the applicable disclaimers.
5. Legal Bases for Processing (EEA/UK)
Where the GDPR applies, we process personal data on these bases: performance of a contract (to provide the Service you request); your consent (for example, camera, location, notifications, and optional profile data), which you may withdraw at any time; our legitimate interests (to secure, maintain, analyze, and improve the Service, in a way that is balanced against your rights); and compliance with legal obligations.
6. How We Share Information
We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We share information only as follows:
a. Service providers (processors/subprocessors) who help us operate the Service under contract, including: cloud hosting, database, authentication, and storage (Supabase); AI analysis (third-party AI/LLM providers); subscription management (RevenueCat) and payments/app distribution (Apple); product analytics and diagnostics (PostHog); push notification delivery (Expo); email delivery for support (EmailJS); and mapping/points-of-interest data for the nearby feature (OpenStreetMap-based services). These providers may process data outside your country.
b. Aggregated or de-identified data that cannot reasonably identify you, which we may use and share to improve the Service and advance understanding of plastic exposure.
c. Legal and safety. We may disclose information if required by law or to protect the rights, safety, and security of users, the public, or the Company.
d. Business transfers. If we are involved in a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction, subject to this Policy.
7. Affiliate Links
Some product links are affiliate links, and shopping platforms (such as Amazon) may set their own identifiers when you follow them and complete a purchase, subject to their privacy policies. We may receive commission and limited, aggregated conversion reporting, not your individual purchase details.
8. Data Retention
We keep personal data only as long as needed for the purposes described here or as required by law. Account and content data are retained until you delete them or close your account; you can delete individual scans and history, and clear your activity, in the app. Diagnostic and analytics data are retained for a limited period. When data is no longer needed, we delete or de-identify it. Aggregated and de-identified data may be retained indefinitely.
9. Data Security
We use administrative, technical, and organizational safeguards designed to protect your information, including encryption in transit, access controls, and row-level security so that your data is accessible only to you and authorized systems. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
10. Your Rights and Choices
You can, at any time: access and export your data; correct your profile; delete individual scans or clear your activity history; request a full data export or permanently delete your account (which erases your associated data); and manage camera, location, and notification permissions in the app and your device settings. To exercise a request you can use the in-app controls or email team@microplasticsapp.com. We will not discriminate against you for exercising your rights.
11. GDPR Rights (EEA/UK)
If you are in the EEA or UK, you have the right to access, rectify, erase, restrict, and port your personal data, to object to certain processing, and to withdraw consent. You also have the right to lodge a complaint with your local supervisory authority.
12. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have the right to know what personal information we collect and how we use and disclose it, to access and delete it, to correct it, and to opt out of "sale" or "sharing" as those terms are defined. We do not sell or share your personal information for cross-context behavioral advertising. You may exercise these rights using the in-app controls or the contact details above, and we will not discriminate against you for doing so.
13. Children's Privacy
The Service is not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child has provided us personal information, contact us and we will delete it. Where required, users under the age of majority should use the Service only with parental or guardian involvement.
14. International Data Transfers
We and our providers may process and store information in countries other than yours, including the United States. Where required, we use appropriate safeguards (such as standard contractual clauses) for cross-border transfers.
15. Third-Party Links and Products
The Service may link to third-party websites, products, and services that we do not control. Their privacy practices are governed by their own policies, and we are not responsible for them. Please review their policies before providing information.
16. Changes to This Policy
We may update this Policy to reflect new features, technologies, or legal requirements. If we make material changes, we will notify you through the app or by other reasonable means and update the "Last Updated" date above. Your continued use of the Service after changes take effect constitutes acceptance of the updated Policy.
17. Contact Us
Questions or requests about your privacy? Use the in-app Contact Support screen, or email team@microplasticsapp.com.