z

zad

Reach your goals

z
zad

Privacy Policy

Last updated: February 18, 2026

1. Introduction

zad ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our health and nutrition tracking application ("the Service").

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, name, and password when you create an account
  • Profile Information: Date of birth, gender, height, activity level, and country of residence
  • Health Data: Weight measurements, sleep duration and quality, physical activity records, and calorie burn data
  • Nutrition Data: Meal descriptions, food items, and nutritional information you log
  • Goals: Target weight, daily calorie goals, and macro nutrient targets

2.2 Information Collected Automatically

  • Usage Data: Features used, pages visited, and interaction patterns
  • Device Information: Device type, operating system, and browser type
  • Log Data: IP address, access times, and referring URLs

2.3 Information from Third Parties

If you connect third-party services (such as fitness trackers or wearable devices), we may receive activity data, sleep data, and other health metrics from those services with your explicit consent.

2.4 Wearable & Fitness Tracker Data

zad supports integration with the following wearable platforms. When you connect a supported device, we access only the data categories listed below, and only with your explicit authorization:

Garmin Connect

When you connect your Garmin account via OAuth 2.0, we access the following data from the Garmin Wellness API:

  • Daily Activity: Step count, active calories burned, moderate and vigorous intensity minutes, floors climbed, and distance
  • Sleep: Sleep duration, sleep stages (light, deep, REM, awake), and sleep start/end times
  • Workouts: Activity type, name, duration, calories burned, distance, and average heart rate
  • Weight: Weight measurements, BMI, and body fat percentage

Fitbit

When you connect your Fitbit account via OAuth 2.0, we access the following data:

  • Daily Activity: Step count, active calories burned, active minutes, floors climbed, and distance
  • Sleep: Sleep duration, sleep stages, and sleep quality
  • Workouts: Exercise type, duration, and calories burned
  • Weight: Weight measurements and body fat percentage

Apple Health (via iOS app)

When you install our iOS companion app and grant HealthKit permissions, we access:

  • Activity: Step count, active energy burned, and exercise minutes
  • Sleep: Sleep analysis data including duration and stages
  • Weight: Body mass measurements

All wearable data is synced on-demand (when you manually trigger a sync) and stored securely in our database. We do not continuously or automatically sync data in the background. You can disconnect any wearable service at any time from your Settings page, which stops all future data access from that provider.

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Process and analyze your meal descriptions using AI to generate nutritional estimates
  • Track your progress toward health and fitness goals
  • Generate personalized insights and recommendations
  • Send you service-related notifications
  • Respond to your inquiries and support requests
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations

4. AI Processing

When you enter meal descriptions, your text is sent to our AI service provider (Anthropic) for processing. This data is used solely to generate nutritional estimates and is not used to train AI models. The AI provider processes this data according to their privacy policy and data processing agreements with us.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

  • Service Providers: With third-party vendors who assist in operating the Service (hosting, AI processing, analytics)
  • Legal Requirements: When required by law, court order, or governmental authority
  • Safety: To protect the rights, safety, or property of zad, our users, or others
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (you will be notified)
  • With Your Consent: When you explicitly agree to the sharing

6. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption of data in transit (HTTPS/TLS)
  • Encryption of data at rest
  • Secure password hashing (bcrypt)
  • HTTP-only secure cookies for authentication
  • Regular security assessments
  • Access controls and authentication

However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. You can delete individual entries (meals, weight, sleep, activities) at any time. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law or for legitimate business purposes.

8. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data
  • Portability: Request your data in a portable format
  • Objection: Object to certain processing of your data
  • Restriction: Request restriction of processing
  • Withdrawal: Withdraw consent where processing is based on consent

To exercise these rights, please contact us at [email protected].

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses where applicable.

10. Children's Privacy

The Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we learn we have collected information from a child under 16, we will delete that information promptly. If you believe we have collected information from a child under 16, please contact us.

11. Cookies and Tracking

We use essential cookies for authentication and session management. We do not use third-party tracking cookies or advertising cookies. You can control cookies through your browser settings, but disabling cookies may affect Service functionality.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: [email protected]

General Support: [email protected]

14. Specific Provisions for EU/EEA Users (GDPR)

If you are located in the European Union or European Economic Area:

  • Legal Basis: We process your data based on: (a) your consent, (b) performance of a contract, (c) our legitimate interests, or (d) legal obligations
  • Data Controller: zad is the data controller for your personal data
  • Supervisory Authority: You have the right to lodge a complaint with your local data protection authority

15. Specific Provisions for California Users (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to know whether personal information is sold or disclosed
  • Right to say no to the sale of personal information (we do not sell your data)
  • Right to access your personal information
  • Right to equal service and price (non-discrimination)
Terms of ServiceยทBack to App