Privacy Policy

Last updated: March 30, 2026

Welcome to Halcy (“we,” “our,” or “us”).
Your privacy matters to us. This policy explains what information we collect, how we use it, and what rights you have when using the Halcy mobile app (the “App”).

By using Halcy, you agree to this Privacy Policy. If you do not agree, please do not use the App.


1. Information We Collect

We collect only the data needed to provide and improve your experience.

a. Personal Information

When you create an account (via Apple Sign-In or Google Sign-In) or set up your health profile, we may collect:

  • Health preferences (e.g., dietary choices, ingredient sensitivities)

  • Demographics (age, sex, skin and hair type)

  • Lifestyle and product priorities
     This helps personalize your health scores and recommendations.

b. Product Data

  • Photos or barcodes of products you scan

  • AI-generated product analysis and health scores

c. Usage Data

  • App interactions (screen views, button taps, features used)

  • Onboarding progress and user preferences

  • Engagement metrics (time spent, navigation patterns)

d. Device Information

  • Device type (iOS or Android)

  • App version and performance data

  • Network type and connection quality

We do not collect medical records, biometric data, or precise location information.

2. How We Use Your Information

We use your information to:

  • Provide personalized health insights and recommendations

  • Improve app functionality and fix bugs

  • Analyze usage patterns to enhance features

  • Offer relevant content and in-app experiences

We may also use aggregated, anonymized data for research and statistical purposes.
We may process data using third-party services and databases.

3. AI Analysis and Recommendations

Halcy uses trusted AI partners — such as Gemini, and DeepSeek — to analyze ingredient data and generate health insights.
AI processing happens securely, and no identifiable user data is stored by these models.

Disclaimer:
AI-generated information is for informational purposes only and should not be considered medical advice.
Always consult a healthcare professional before making health-related decisions.

4. Third-Party Services

We work with trusted service providers to power key features of Halcy.
These partners follow strong privacy and security practices:

Service: Supabase
Purpose: Secure authentication and user data storage
Policies: https://supabase.com/privacy

Service: Mixpanel
Purpose: App analytics and engagement tracking
Policies: https://mixpanel.com/legal/privacy-policy/

Service: Superwall
Purpose: Subscription and paywall management
Policies: https://superwall.com/privacy

Service: Gemini (Google AI)
Purpose: AI-powered product and text analysis
Policies: https://policies.google.com/privacy

Service: DeepSeek
Purpose: AI-powered ingredient insights
Policies: https://www.deepseek.com/privacy

Service: Open Food Facts
Purpose: Product and nutrition data reference
Policies: https://world.openfoodfacts.org/terms-of-use

Service: Firebase Analytics (Google)
Purpose: App analytics and crash reporting
Policies: https://firebase.google.com/support/privacy

Service: Meta SDK (Facebook)
Purpose: Attribution and ad measurement
Policies: https://www.facebook.com/privacy/policy/

Service: RevenueCat
Purpose: Subscription receipt validation
Policies: https://www.revenuecat.com/privacy



We only share the minimal information necessary for these services to function.

We do not sell or exchange your personal data with anyone.

AI partners process ingredient data but do not store your personal information.

5. Analytics and Tracking

We use Mixpanel to understand how users interact with Halcy.
 Mixpanel tracks:

  • App opens, closes, and navigation

  • Onboarding steps and preferences

  • Engagement and feature usage

  • Device type and app performance

You can opt out of analytics anytime in your account settings:
 Profile → Settings → “Scan Analytics” → Toggle Off

6. Data Retention and Deletion

We retain your data as long as your account is active.
 When you delete your account, your personal data and product history will be permanently removed from our systems within 30 days.

7. Your Rights

You have the right to:

  • Access a copy of your data

  • Correct inaccurate information

  • Request deletion of your account and data

  • Opt out of analytics tracking

To make any of these requests, contact us at: support@halcyai.app

8. Data Security

We use encryption, secure databases, and limited access permissions to protect your information.
 While we take every precaution, no system is completely secure, and we cannot guarantee absolute protection.

9. Children’s Privacy

Halcy is intended for a general audience. Users under 16 should use the app with guidance from a parent or guardian.
We do not knowingly collect data from children under this age.
If you believe a child has provided us data, please contact us for immediate deletion.

10. International Users

Halcy operates globally, and your data may be processed in countries where our partners are located.
We ensure all international transfers comply with applicable data protection laws, including GDPR for EU users and CCPA for US users.

EU users: You have additional rights under GDPR including data portability and objection to processing.

11. Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements.
You’ll always find the latest version inside the app or on our website.
The “Last Updated” date above shows when it was most recently revised.

12. Contact Us

For any privacy-related questions, please contact:
support@halcyai.app