Wellsy

Privacy Policy

Last updated: June 9, 2026

YUKI SATO (sole proprietor, hereafter "Operator") operates the health-care application "Wellsy" (hereafter "Service"). This Privacy Policy explains how we collect, use, and protect your personal information. It complies with Japan's Act on the Protection of Personal Information, GDPR, CCPA/CPRA, and Korea's PIPA. By using the Service you consent to this Policy.

1. Data Controller

  • Name: YUKI SATO
  • Service: Wellsy
  • Contact: wellsy.support@gmail.com
  • GDPR inquiries: wellsy.support@gmail.com (subject: GDPR)
  • CCPA inquiries: wellsy.support@gmail.com (subject: CCPA)
  • PIPA inquiries: wellsy.support@gmail.com (subject: PIPA)

2. Data We Collect

Data you provide directly

  • Account: display name, email address
  • Profile picture (stored in Firebase Storage: users/{uid}/profile/avatar.webp)
  • Health profile: height, age, gender, activity level (optional)
  • Weight & body fat percentage, unit
  • Food logs: meal name, type, ingredients, calories, macros (P/F/C), notes
  • Food photos for AI analysis (users/{uid}/meals/{mealId}/image.webp)
  • Sleep logs: bedtime, wake time, duration
  • Group posts: food photo, calories, macros, caption (auto-deleted after 24 h)
  • Comments on group posts (max 100 chars)
  • Reactions: type (5 options) and optional selfie photo
  • Reports & blocks: reported content ID, blocked user ID

Automatically collected data

  • Firebase UID (unique identifier from Firebase Authentication)
  • FCM token (device token for push notifications)
  • Language & timezone settings
  • AI analysis usage count (Cloud Firestore: users/{uid}/usage_limits)
  • Created/updated timestamps
  • Streak data
  • Subscription status (when billing is introduced)

Data from third-party sign-in

  • Apple Sign In: email address (if disclosed) and user identifier
  • Google Sign In: email, display name, profile picture URL

Data NOT currently collected

  • Payment / credit-card data (billing not yet implemented)
  • Location data
  • Detailed crash reports or usage analytics (currently disabled)

3. Purposes & Legal Basis (GDPR)

PurposeLegal basis (GDPR Art. 6)
Account creation, authenticationPerformance of contract (b)
Food, weight, sleep logging & displayPerformance of contract (b)
AI food analysis via OpenAI APIContract / Consent (b)/(a)
On-device OCR via ML Kit (nutrition labels)Performance of contract (b)
Group features: posts, comments, reactions, reports, blocksPerformance of contract (b)
Push & local notificationsConsent (a)
Fraud detection & securityLegitimate interests (f)
Bug fixing & service improvementLegitimate interests (f)
Customer supportContract / Legitimate interests (b)/(f)
Legal complianceLegal obligation (c)
Subscription management (future)Performance of contract (b)

4. OpenAI API Data Transfer

  1. When you use AI food analysis, your food photo or text is sent to OpenAI, Inc. (USA) via our Cloud Functions (asia-northeast1 region).
  2. Only the food image or text is sent — your UID, name, and email are NOT sent to OpenAI.
  3. OpenAI does not use API data to train its models (per their policy since March 2023).
  4. Usage limits: 2 analyses/day (free plan); 10/day planned for premium.
  5. OpenAI Privacy Policy: https://openai.com/privacy

5. ML Kit OCR

  1. We use Google ML Kit OCR (on-device) to recognize text on food packaging and nutrition labels.
  2. All OCR processing happens on your device — no data is sent to Google servers.
  3. Recognised text is stored in Cloud Firestore to help populate food logs.

6. Firebase Storage & Data Location

We use Google Firebase (project ID: wellsy-53ae4). Cloud Firestore, Firebase Storage, and Cloud Functions run in the asia-northeast1 (Tokyo) region. Firebase Authentication uses Google's global infrastructure.

Cloud Firestore collections

  • users/{uid}: display name, profile picture URL, language, timezone, FCM token
  • users/{uid}/meal_logs: food name, ingredients, calories, macros, photo URL, AI comment
  • users/{uid}/weight_logs: weight, body fat, unit
  • users/{uid}/sleep_logs: bedtime, wake time, duration
  • users/{uid}/usage_limits: AI analysis usage count
  • groups/{groupId}: group name, invite code, member count
  • groups/{groupId}/sharedMeals: posts (24 h TTL), comments, reactions, selfie URLs

Firebase Storage paths

  • users/{uid}/profile/avatar.webp
  • users/{uid}/meals/{mealId}/image.webp
  • groups/{groupId}/icon.webp
  • groups/{groupId}/reactions/{mealId}/{uid_timestamp}.webp

Firebase Privacy Policy: https://firebase.google.com/support/privacy

7. Group Content Visibility

  • Display name, profile picture, streak count: visible to all group members
  • Group posts (photo, calories, macros, caption): visible to all members (auto-deleted after 24 h)
  • Comments, reactions, selfie photos: visible to all members
  • Daily status (whether you logged food/weight/sleep): visible to members
  • Detailed nutrition values, exact weight, and detailed sleep data are NOT shared

8. Reports & Blocks

  1. You can report inappropriate content. We collect the reported content ID and category.
  2. You can block other users. Block information is stored in Cloud Firestore.
  3. Report data is used for safety and content moderation only.
  4. Report/block data is not shared with third parties (except when required by law).

9. Data Retention

Data typeRetention
Account info (UID, email, name)While account is active; deleted promptly on account deletion
Food, weight, sleep logsWhile account is active; deleted promptly on account deletion
Food & profile imagesWhile account is active; deleted promptly on account deletion
Group posts, comments, reactions, selfiesAuto-deleted 24 h after posting
FCM tokenWhile account is active; deleted on sign-out/deletion
Report & block dataDeleted after investigation or account deletion
Future billing recordsAs required by applicable law
Support messagesRetained for a reasonable period after resolution

10. Account Deletion & Data Removal

  1. When you delete your account, our Cloud Functions (deleteUserData) are triggered and remove your data from Firebase Authentication, Cloud Firestore, and Firebase Storage.
  2. Deleted: authentication info, all logs, profile & food images, group posts/comments/reactions/selfies, FCM token, report/block data.
  3. Data required by law is not deleted.
  4. Deletion is irreversible.

11. Third-Party Sharing & Data Sales

  1. We do not sell your personal information to third parties.
  2. We do not share data for targeted advertising.
  3. We may share data with service providers (Firebase, OpenAI, RevenueCat) solely to operate the Service.

12. Security

  • TLS 1.2+ encryption for all communications
  • Firebase Security Rules (users can only access their own data)
  • Firebase Authentication handles password hashing
  • API keys never exposed to clients (all sensitive calls via Cloud Functions)

13. EU/EEA User Rights (GDPR)

EU/EEA residents have the following rights under GDPR:

  • Access (Art. 15): obtain a copy of your data
  • Rectification (Art. 16): correct inaccurate data
  • Erasure (Art. 17): request deletion ('right to be forgotten')
  • Restriction (Art. 18): restrict processing
  • Portability (Art. 20): receive your data in machine-readable format
  • Objection (Art. 21): object to processing based on legitimate interests
  • Withdraw consent: at any time, without affecting prior processing

Supervisory authority complaints: https://edpb.europa.eu/about-edpb/about-edpb/members_en. Health data is processed as special category data under GDPR Art. 9 based on explicit consent.

14. California Residents (CCPA/CPRA)

California residents have the following rights:

  • Right to Know: categories and purposes of data collected
  • Right to Delete: request deletion of your personal information
  • Right to Opt-Out: we do NOT sell or share data for targeted advertising
  • Right to Correct (CPRA): correct inaccurate personal information
  • Non-Discrimination: no discriminatory treatment for exercising rights

Submit requests to: wellsy.support@gmail.com (subject: CCPA Rights Request)

15. Korean Residents (PIPA)

  1. Korean residents may request access, correction, deletion, or processing suspension of their personal information.
  2. Privacy Manager: YUKI SATO (wellsy.support@gmail.com)
  3. Cross-border transfer: data is processed in Japan (Firebase) and USA (OpenAI) per PIPA requirements.
  4. Complaints: Personal Information Protection Commission (www.pipc.go.kr) or KISA (privacy.kisa.or.kr)

16. Children's Privacy

  1. The Service is not directed to users under 13 (14 in Korea, 16 in EU).
  2. We will delete data if we become aware we have collected it from a child below the applicable age limit.
  3. Contact: wellsy.support@gmail.com

17. Policy Updates

  1. We may update this Policy to reflect legal changes or service updates.
  2. Significant changes will be notified 30 days in advance via in-app notice or email.
  3. Continued use after the update constitutes acceptance.

18. Contact

  • Privacy Manager: YUKI SATO
  • Email: wellsy.support@gmail.com
  • Languages: Japanese, English
  • Response time: within a reasonable period (typically weekdays)