Legal

Privacy Policy

Last updated: May 19, 2026

We take privacy seriously. This policy explains what we collect, why, and what control you have. Plain English first; defined terms only where the law requires.

The short version

• We never sell your food, fasting, weight, or workout logs. Ever.
• You can export everything we have on you in one click.
• You can delete your account and all associated data from inside the app.
• We use cookies on our website for analytics and (optionally) marketing. You can opt out.
• You must be 18+ to use the Service.

1. Who we are

YourFitnessPal Inc., a Delaware corporation ("we," "us," "our"). For privacy questions: privacy@yourfitnesspal.org.

2. What we collect

Information you give us

• Account: name, email, password (hashed), date of birth, sex, height, weight, target weight.
• Health & fitness logs: meals, calories, macros, water, weight, exercise, fasts, photos you upload to MealScan. Some of this is sensitive personal information under applicable law.
• Preferences: units, language, dietary preferences, goal type.
• Communications: support tickets, feedback, survey responses.

Information we collect automatically

• Device & usage: device model, OS version, app version, IP address, crash logs, anonymized usage events.
• Cookies / SDKs: on the website, for essential functions and (with consent) analytics and marketing.

Information from connected services

If you connect Apple Health, Health Connect, Fitbit, Garmin, Samsung Health, Strava, or another partner, we receive only the data categories you authorize — typically steps, workouts, weight, and heart rate. You can disconnect at any time in Settings.

3. How we use it

• To run the Service: show your dashboard, calculate goals, sync data.
• To improve the Service: aggregate, de-identified analytics on how features perform.
• To communicate: replies to your tickets, transactional notices, opt-in product updates.
• To keep things safe: prevent fraud, abuse, and breach of our Terms.
• To comply with law where required.

We do not use your health logs to train third-party AI models. MealScan inference runs on our infrastructure, and your photos are not used to train external models.

4. Who we share it with

• Processors: infrastructure, error monitoring, email delivery, payment processing. They act on our instructions under data-processing agreements.
• Connected partners: only when you authorize a connection (e.g. Apple Health), and only the categories you select.
• Legal: when required by valid legal process, or to protect rights, property, or safety.
• Corporate events: if we're ever part of a merger or acquisition, we'll notify you and your rights will travel with the data.

We never sell your health logs. Where local law treats certain cookie-based advertising as a "sale" or "share," you can opt out below.

5. Cookies & tracking (website)

We use a small number of cookies on the marketing site:

• Essential — always on; needed for the site to function.
• Analytics — anonymized usage data. Opt-in in the EEA/UK, opt-out elsewhere.
• Marketing — opt-in everywhere.

Manage preferences via the "Cookie preferences" link in the footer.

6. Retention

We keep your data as long as your account is active. When you delete your account, we erase your data within 30 days, except where we must keep limited records for legal reasons (e.g. fraud prevention, regulatory obligations).

7. Your rights

Everyone

• Access — download a full export from Settings → Export data.
• Correction — edit your profile and logs directly in the app.
• Deletion — delete your account from Settings.
• Opt out of marketing emails via the unsubscribe link in every email.

EEA / UK (GDPR)

• Right to access, rectify, erase, restrict, and port your data.
• Right to object to processing based on legitimate interests.
• Right to lodge a complaint with your supervisory authority.

California (CCPA / CPRA)

• Right to know what we collect and disclose.
• Right to delete personal information.
• Right to correct inaccurate personal information.
• Right to opt out of any "sale" or "share" — submit via privacy@yourfitnesspal.org.
• Right to limit use of sensitive personal information.

8. Security

We use industry-standard technical and organizational measures: encryption in transit and at rest, strict access controls, audit logging, and regular security reviews. No method of transmission or storage is 100% secure; if a breach occurs, we'll notify affected members per applicable law.

9. International transfers

Your data may be processed in countries outside your own. Where required, we rely on Standard Contractual Clauses or equivalent safeguards.

10. Children

The Service is for adults (18+). If we learn an account belongs to someone under 18, we'll delete it.

11. Changes

We'll post updates here and, for material changes, notify you by email or in-app before they take effect.

12. Contact

Privacy questions or requests: privacy@yourfitnesspal.org.