Privacy

The honest version.

Last updated: May 5, 2026

Plain language, no surprises. Here's exactly what Gal collects, why I collect it, who else sees it, and what control you have.

1. What this covers

This policy applies to the Gal mobile app and the gal.app website. When I say "I" or "Gal," I mean the people building Gal. When I say "you," I mean the person using the app.

2. What I collect

Only what I need to do my job — show you patterns about your body and what you eat. Specifically:

  • Meal logs — what you ate, when, and any photos or descriptions you add.
  • Cycle and symptom data — the days of your period, mood, energy, cravings, sleep, and any symptoms you choose to log.
  • Body data — weight, height, age, goals (only what you give me).
  • Apple HealthKit data — only if you explicitly grant permission. Used to import cycle, weight, and activity data so you don't have to type it twice.
  • Account info — email and a Supabase user ID so I can sign you in across devices.
  • Device info — anonymous device type, OS version, app version, and crash logs to fix bugs.

3. Why I collect it

Three reasons, in order: to show you your patterns, to keep the app working, and to fix things when they break. I don't collect data to target ads, sell to brokers, or train external models on your meals.

4. Where it lives

Your data is stored in Supabase (PostgreSQL, encrypted at rest, US region). Each user's data is protected by row-level security — only your authenticated session can read or write your records. I keep a separate, encrypted backup so you don't lose your history if something goes wrong on my end.

5. Who else touches it

I use a small number of trusted services to run Gal. Each one only sees the slice of data it needs:

  • Supabase — the database and authentication. Stores your meals, cycle, symptoms, and account.
  • OpenAI — when you describe a meal in words, I send that description (no account info attached) to OpenAI to estimate nutrition. They don't train on this data per their API policy.
  • RevenueCat — manages subscriptions. Sees your subscription status, not your meals.
  • Sentry — receives anonymous crash reports so I can fix bugs.
  • PostHog — anonymous, aggregated usage analytics. No personal content, no meal data.
  • Apple — handles in-app purchases and (with your permission) HealthKit syncs.

6. What I never do

  • Sell your data to anyone, ever.
  • Share your meals or cycle data with advertisers.
  • Train AI models on your personal logs.
  • Tie your usage to advertising IDs.
  • Read your data for any reason other than running the service or troubleshooting an issue you've raised.

7. Your controls

You can do all of this from inside the app, in Settings:

  • Export — download a complete copy of your data as JSON.
  • Delete — wipe your account and all associated data permanently. This is irreversible and takes effect within 24 hours.
  • Sign out — disconnect this device without deleting anything.
  • Revoke HealthKit access — Settings → Privacy → Health.

8. Children

Gal is for adults. Don't use it if you're under 13. If we learn an account belongs to a child under 13, we'll delete it.

9. Changes to this policy

If anything material changes about how I handle your data, I'll email you and update this page. The "last updated" date at the top will always reflect the current version.

10. Contact

Privacy questions, data requests, or anything that doesn't sit right — email privacy@gal.app. A real person responds.