Getter logo

Privacy

Your data stays yours.

Getter is built to track food without turning your data into a business model. This page explains what stays local, what can leave the device, and why.

Effective Date: December 5, 2025

1. Our philosophy

Getter was created with a simple principle: your personal wellness journey should be private, respectful, and free of hidden agendas.

We do not require traditional accounts. We do not sell your data. We do not show ads. Getter is designed to work for you.

2. What we handle and why

Profile and goal information

When you use Getter, you may enter details like:

  • Age, gender, height, and weight
  • Goal weight and activity level
  • Auto-backup preferences

This data stays on your device and is used to calculate calorie targets and progress-related features.

Anonymous device identifier

To support optional cloud backup, Getter generates a random device identifier stored in your iCloud Keychain and synced across your Apple devices.

It is not linked to your identity and is used only for backup association.

Meal entries and AI analysis

Your meal entries are stored on your device for logging and calorie tracking.

  • Meal text and, when needed for meal planning, relevant profile information may be sent securely to our Cloudflare AI gateway to generate nutrition insights against NHS Eatwell guidance.
  • A subset of anonymized meal text may be stored temporarily, up to 100,000 entries, to improve analysis quality.

This is handled without building advertising profiles or collecting personal identifiers beyond what is needed to provide the requested feature.

Anonymous analytics

Getter uses PostHog to understand broad product patterns such as feature usage and drop-off points.

  • App version, device type, and OS
  • Feature usage patterns

These analytics are used to improve the app experience without tying usage data to your identity.

Anonymous crash reports

Getter uses Sentry to track bugs and crashes.

  • Device model, OS, and app version
  • Error type and technical context

Meal data, profile information, and user-generated content are not included in those reports.

3. Backup: encrypted, optional, yours

If you enable backup:

  • Your data is encrypted on-device using AES-256-GCM.
  • It is stored in Cloudflare R2 in a form we cannot read.
  • Your encryption key stays in your device Keychain and can sync via iCloud.
  • Backups can be restored automatically if the app is reinstalled on the same device and the key remains available in iCloud Keychain.

If backups remain unused for more than a year, they are automatically deleted.

4. How data is used

Purpose

Calorie and progress tracking

Data used

Profile information, goals, and meals

Where it stays

On your device

Purpose

AI nutrition insights

Data used

Meal descriptions and supporting context

Where it stays

Sent securely to Cloudflare AI

Purpose

App improvement

Data used

Anonymous usage patterns

Where it stays

Aggregated and anonymized

Purpose

Error detection

Data used

Anonymous crash reports

Where it stays

Aggregated and anonymized

Purpose

Cloud backup

Data used

Encrypted user data and UUID

Where it stays

Cloudflare R2 with your encryption key

5. Data sharing

Getter does not sell, rent, or share your personal data with marketers, advertisers, or unrelated third parties.

Trusted infrastructure providers used by Getter include:

  • Cloudflare for AI, backup, and API infrastructure
  • PostHog for anonymized product analytics
  • Sentry for anonymized crash reporting

6. Your control

Delete the app

Removing Getter deletes local data from the device. If you enabled backup, the encrypted backup remains unreadable without the key in your iCloud Keychain.

Disable backup

You can stop future sync at any time inside the app. Existing encrypted backup data remains inaccessible without your key.

Delete backup access

Clearing the relevant iCloud Keychain entry removes the key required to decrypt your backup. Even if encrypted data remains temporarily stored, it cannot be restored without that key.

Auto-restore

If you reinstall Getter on a device with iCloud Keychain sync available, the app can detect your UUID, retrieve the encrypted backup, and restore it without a login flow.

7. No cross-app tracking

Getter does not use advertising SDKs, tracking pixels, or fingerprinting. It does not access or store behavior from other apps or services.

8. Contact

If you have privacy questions, email support@getter.club.