← Back to Support

Privacy Policy

Last Updated: January 26, 2026

1. Information We Collect

1.1 Information You Provide

• Account Information: Email address for authentication and account recovery
• Health Data: Daily soda consumption logs, health goals, and progress tracking
• Usage Statistics: App interaction data to improve your experience

1.2 Automatically Collected Information

• Device Information: Device type, operating system version
• Usage Analytics: App performance data and crash reports (anonymized)

2. How We Use Your Information

We use your information for the following purposes:

• Provide Services: Track your soda consumption and display progress statistics
• Personalization: Customize your experience and provide insights
• Communication: Send important updates about the app (you can opt-out)
• Improvement: Analyze usage patterns to enhance app features
• Security: Protect against fraud and maintain account security

3. Data Storage & Security

Your data is stored securely using industry-standard practices:

• All data is encrypted in transit using SSL/TLS protocols
• Health data is stored on secure cloud servers (Supabase)
• We implement regular security audits and updates
• Access to personal data is restricted to essential personnel only

4. Data Sharing

We do not sell or rent your personal information. We may share data only in these limited circumstances:

• Service Providers: Third-party services that help us operate the app (e.g., cloud hosting, analytics)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In the event of a merger or acquisition (you will be notified)

5. Your Rights

You have the following rights regarding your personal data:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and all associated data
• Export: Download your health data in a portable format
• Opt-Out: Unsubscribe from non-essential communications

6. Data Retention

We retain your personal information only as long as necessary:

• Active account data is retained while your account is active
• When you delete your account, personal data is deleted within 30 days
• Anonymized analytics may be retained for statistical purposes

7. Children's Privacy

NoSoda is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

8. International Users

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

9. Third-Party Services

NoSoda uses the following third-party services:

• Supabase: Database and authentication services
• RevenueCat: Subscription management (if applicable)
• Apple Sign In: Authentication service

These services have their own privacy policies. We recommend reviewing them.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via:

• In-app notification
• Email (if provided)
• Update notice on this page

Your continued use of NoSoda after changes constitutes acceptance of the updated policy.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information (we don't sell data)
• Right to deletion of personal information
• Right to non-discrimination for exercising your rights

12. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent