← Back to Home

Privacy Policy

Effective Date: October 17, 2025

Last Updated: January 21, 2026

Vit Apps LLC ("Unimeals," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use and share it, and the choices you have.

By using Unimeals (the "App" or "Service"), you agree to this Privacy Policy.

1. What We Collect

We collect information in three ways: (A) you provide it, (B) it's collected automatically, and (C) from third parties you connect.

A. Information You Provide

  • Account Information. Name and email from Apple or Google Sign-In (OAuth).
  • University Preferences. Selected school and dining hall preferences.
  • Body Stats & Goals. Height, weight, date of birth, gender, activity level, target weight, and fitness goals (used for nutrition calculations).
  • Dietary Preferences. Allergens, intolerances, disliked ingredients, and diet types (e.g., vegetarian, vegan).
  • Meal Plan Data. Generated plans, tracked meals, ratings, and customizations.
  • Support Communications. Messages you send us, including feedback or bug reports.

Note: Certain items above (e.g., allergies, diet type, weight) may be considered sensitive in some jurisdictions. We only use them to provide requested features (personalized plans and filters).

B. Information Collected Automatically

  • Device & App Info. Device model, OS version, App version, language, and time zone.
  • Device Identifiers. On iOS, we may collect the Identifier for Advertisers (IDFA) and Identifier for Vendors (IDFV) if you grant permission via Apple's App Tracking Transparency (ATT) prompt. On Android, we may collect the Google Advertising ID (GAID). These identifiers help us measure the effectiveness of our advertising campaigns.
  • IP Address. Your IP address may be collected automatically when you use the App and shared with our analytics and attribution partners.
  • App Events. We track certain in-app events (such as app installs, app opens, registration completion, trial starts, and subscription events) for analytics and advertising attribution purposes.
  • Usage & Diagnostics. In-app actions, crash logs, performance metrics, and basic analytics (aggregate).
  • Approximate Location (if enabled). We do not require precise GPS. If you grant approximate location, we may use it to surface nearby campus options. (If you don't enable it, you can still select your campus manually.)

C. Information From Third Parties

  • Dining Providers. Menu items and nutritional labels surfaced from university/campus dining sources.
  • Subscription Platforms. Status and transaction metadata from Apple App Store and RevenueCat (we do not receive your full payment card details).
  • AI Provider(s). When generating meal suggestions, we may send relevant prompts and preference parameters to our AI vendor(s) (e.g., OpenAI) to produce outputs.

2. How We Use Information

We use your information to:

  • Provide the Service. Generate personalized weekly meal plans, calculate nutrition targets, filter by allergens/diets, and let you track or customize meals.
  • Operate & Improve. Monitor performance, fix bugs, develop new features, and enhance user experience.
  • Communicate With You. Send plan reminders, important notices, and responses to support requests.
  • Process Subscriptions. Manage purchases, trials, renewals, and account status through the App Store/RevenueCat.
  • Security & Legal. Detect, prevent, and address fraud, abuse, or violations; comply with legal obligations.

No Medical Advice

Unimeals is for educational purposes only. We do not provide medical advice, diagnosis, or treatment. Always consult a qualified professional for dietary or medical decisions.

3. Legal Bases (EEA/UK Only)

Where GDPR/UK GDPR applies, we rely on these bases:

  • Contract. To provide and support the Service you request.
  • Legitimate Interests. To maintain and improve the Service, prevent fraud, and secure systems (balanced against your rights).
  • Consent. For certain optional features (e.g., push notifications, approximate location, marketing emails where applicable). You can withdraw consent at any time in-app or via device settings.
  • Legal Obligation. To meet legal, tax, and audit requirements.

4. How We Share Information

We do not sell your personal information. We share it only with:

Service Providers / "Processors"

  • Supabase (managed Postgres, hosting, and auth)
  • RevenueCat (subscription management)
  • Apple App Store (payments)
  • OAuth providers (Apple/Google Sign-In)
  • AI Vendor(s) (e.g., OpenAI) to generate meal suggestions
  • Analytics/Crash Diagnostics (e.g., Apple/RevenueCat diagnostics, Sentry)

Mobile Measurement & Advertising Partners

We work with third-party partners to measure the effectiveness of our advertising campaigns and to help us understand how users discover and interact with the App. These partners may collect device identifiers (such as IDFA, IDFV, or GAID), IP addresses, and app event data (such as installs, opens, and subscription events) to provide attribution and analytics services.

  • AppsFlyer – Mobile measurement partner (MMP) that helps us understand which advertising campaigns lead to app installs and in-app actions. See AppsFlyer's Privacy Policy.
  • Meta (Facebook/Instagram) – Advertising platform. We may share conversion events (e.g., installs, trials, subscriptions) to measure and optimize ad performance. See Meta's Privacy Policy.
  • TikTok – Advertising platform. We may share conversion events to measure and optimize ad performance. See TikTok's Privacy Policy.
  • Dining Data Sources. We surface university dining data but do not share your personal information back to them.
  • Legal/Compliance. Where required by law, regulation, legal process, or to protect rights, safety, or security.
  • Business Transfers. In connection with a merger, acquisition, or asset sale (your data will remain protected under this Policy or a policy of equal or greater protection; we'll notify you of material changes).
  • AI Providers. We minimize personal data sent in prompts and restrict sharing to what is necessary to provide the Service. We configure vendors to limit retention and training use where available; however, vendor practices may change—see their privacy notices for details.

5. Data Storage, Security & Retention

Storage

We store data in Supabase (PostgreSQL) and other reputable cloud providers.

Security

Data in transit is protected with HTTPS/TLS. Access is limited to authorized personnel with role-based controls and is reviewed periodically. We also implement routine patches and security updates.

Retention

  • Account & Profile Data: retained while your account is active and then deleted or anonymized within 30–90 days after deletion.
  • Meal Plans & Preferences: retained to power personalization and history until you delete them or delete your account.
  • Analytics & Attribution Data: device identifiers, app events, and attribution data shared with our measurement and advertising partners are typically retained for up to 24 months for reporting and optimization purposes. Our partners may have their own retention policies—see their privacy notices for details.
  • Backups/Logs: retained for up to 30–180 days (or as required by law) and then purged.

We may retain minimal records as required for legal, tax, security, or dispute-resolution purposes. You can request deletion at any time (see Your Rights below).

6. Your Choices

  • Manage Profile. Update stats, goals, and preferences in the App.
  • Notifications. Control push notifications in the App and in your device settings.
  • Location. Enable/disable approximate location in device settings.
  • Tracking & Advertising (iOS). When you first open the App on iOS 14.5 or later, you will see Apple's App Tracking Transparency (ATT) prompt asking whether you allow tracking. You can choose "Ask App Not to Track" to deny access to your IDFA. You can also change this setting at any time by going to Settings → Privacy & Security → Tracking on your iOS device and toggling off tracking for Unimeals.
  • Tracking & Advertising (Android). On Android, you can reset or opt out of personalized ads by going to Settings → Google → Ads and selecting "Opt out of Ads Personalization" or "Delete advertising ID."
  • Marketing. If we send marketing emails (rare), you can unsubscribe via the link in the email.
  • Access/Export/Delete. Use in-app options where available or email support@unimeals.io.

7. Your Rights

A. United States (Including California & Texas)

Depending on your state (e.g., CA CPRA, VA, CO, CT, UT, TX TDPSA), you may have:

  • Right to Know/Access the categories and specific pieces of personal information we collected about you.
  • Right to Delete personal information (subject to legal exemptions).
  • Right to Correct inaccuracies.
  • Right to Data Portability (a copy in a usable format).
  • Right to Opt-Out of sale or sharing of personal information and targeted advertising (we do not sell personal information; we also do not share it for cross-context behavioral advertising).
  • Right to Limit Use of sensitive personal information (we use sensitive fields only to provide requested features like allergen filtering).
  • Right to Non-Discrimination for exercising your rights.

Appeals Process (where required): If we deny a request, you may appeal by replying to our decision email; we will respond within the timeframe required by your state law.

Submit requests at support@unimeals.io. If you reside in California, you may also designate an authorized agent to make requests on your behalf.

B. EEA/UK (GDPR/UK GDPR)

You may have the rights to: access, rectify, erase, restrict or object to processing, portability, and withdraw consent where processing is based on consent. You may lodge a complaint with your local data protection authority. Contact us at support@unimeals.io to exercise rights.

8. International Data Transfers

We may process and store data in the United States and other countries that may not have the same level of data protection as your home jurisdiction. Where required (e.g., EEA/UK), we use appropriate safeguards such as Standard Contractual Clauses (SCCs).

9. Children's Privacy

Unimeals is intended for users 13+. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided data, contact support@unimeals.io and we will promptly delete it. If you are under the age of majority in your jurisdiction, you must have a parent/guardian's consent to use the App.

10. Cookies, SDKs & Tracking

We don't use web cookies in the native App, but we use mobile SDKs for various purposes including authentication, subscriptions, analytics, diagnostics, and advertising attribution.

App Tracking Transparency (iOS)

On iOS 14.5 and later, we request your permission through Apple's App Tracking Transparency (ATT) framework before accessing your device's advertising identifier (IDFA). This identifier helps us and our advertising partners (such as AppsFlyer, Meta, and TikTok) measure the effectiveness of advertising campaigns that lead users to install and use the App.

If you allow tracking: We may use your IDFA along with other device and event data to attribute app installs and in-app events to specific advertising campaigns. This helps us understand which ads are most effective and improve our marketing.

If you deny tracking: We will not access your IDFA. Our advertising partners may still receive some data (such as IP address and non-identifying device information) for limited measurement purposes, but cross-app tracking will be restricted.

SDKs We Use

  • AppsFlyer SDK – Mobile attribution and analytics
  • RevenueCat SDK – Subscription management
  • Sentry SDK – Crash reporting and diagnostics
  • Supabase SDK – Authentication and data storage

You can limit tracking via device settings (see "Your Choices" above). We do not respond to Do Not Track browser signals as the App does not operate in a web browser context.

11. Third-Party Services

We integrate with third parties to operate the App. Their handling of your data is governed by their own policies. Review them for details:

  • Supabase – database/auth hosting
  • RevenueCat – subscription management
  • Apple App Store – payments and account features
  • Apple / Google OAuth – sign-in
  • AI Provider(s) (e.g., OpenAI) – meal suggestion generation
  • Sentry – crash reporting and performance monitoring
  • AppsFlyer – mobile measurement and attribution
  • Meta (Facebook/Instagram) – advertising and conversion tracking
  • TikTok – advertising and conversion tracking

We only share the minimum data necessary to provide the feature you're using. We do not control third-party availability or accuracy.

12. Data Safety, Allergens & Food Responsibility

Important Safety Information

Unimeals surfaces dining data from third parties and generates AI-assisted suggestions. You are solely responsible for verifying ingredients, food safety, and allergens before consuming any item or preparing any recipe. Always check official dining menus, on-site signage, and consult staff or a medical professional for allergy-related questions. Nutrition values are estimates.

13. FERPA & University Affiliation

Unimeals is not affiliated with any university and is not a FERPA-covered service. We do not request or process your official student education records.

14. Data Subject / Consumer Requests (How-To)

To access, export, correct, delete, or appeal a decision, contact support@unimeals.io from the email on your account and specify your request. We may need to verify your identity (e.g., email verification). We will respond within the timelines required by applicable law.

15. Changes to This Policy

We may update this Policy to reflect changes in the App or laws. We'll post updates here and adjust the "Last Updated" date. For material changes, we'll notify you in-app or by email and, where required, seek your consent.

16. Contact Us

Email: support@unimeals.io

Mailing Address: 5900 Balcones Dr., Austin, TX 78731