Privacy Policy for Tummynote

Your health logs (primarily on your device).

Entries you create about digestion, food, mood, symptoms, and notes are kept on your device for normal use. We do not maintain a permanent, centralized Profile of your health logs on our own servers.

Your account information (email for authentication and communication).

We collect your email address to authenticate your account (e.g., sign-in and security verification) and to communicate with you when needed — for example, if you contact us or request support. We do not use your email for marketing, newsletters, or unrelated purposes.

LLM-processed structured data (temporarily stored on our servers).

Tummynote uses a large language model (LLM) to analyze and structure your inputs. The structured data is temporarily stored in our database (Google Firestore) so it can sync to your device. Once sync and verification are complete, we delete this data from our database—typically within a few seconds. (In rare cases, deletion may take longer due to system conditions.) Third-party providers such as Google Firestore may retain routine logs or backups under their own policies.

Limited technical data (for reliability and abuse prevention).

We may collect minimal technical information such as device/OS version, app version, basic usage and crash information, and API usage metrics. This helps us keep the app working and combat abuse. We don’t use this information to identify you.

Support communications (if you contact us).

If you email us, we’ll receive the information you share so we can respond.

Tummynote relies on LLM processing. When you use the app, parts of your input (for example, text you type and limited context the app generates to fulfill your request) are sent to third-party LLM service providers (such as Google Gemini and OpenAI ChatGPT) to process and return results to the app.

• We aim to send only what’s needed to perform the task.
• Data is transmitted using encrypted connections (HTTPS/TLS) when available.
• Providers have their own terms and privacy policies and may retain logs under their policies. We don’t control their systems.
• Because LLM processing is integral to how Tummynote works, there isn’t a separate “LLM off” setting. If you prefer not to have your inputs processed by LLM services, the app will not function as intended.

• We do not sell your personal or health information.
• We do not share your information with advertisers or data brokers.
• We do not use your health logs for marketing.

• Health logs are intended to remain on your device; the server copy of LLM-processed structured data exists only temporarily to complete delivery and is then deleted from our production database.
• When data must be transmitted (for example, to LLM services), we use modern encryption (HTTPS/TLS) when available.
• No system is perfectly secure; we take reasonable steps appropriate for a small, independent app.

Your Choices

• Manage Entries: You can edit or delete entries within the app. These changes only affect data stored on your device.
• Right to Delete: You can permanently delete all your data at any time through the app settings.
• Right to Export: You can export your data in a portable format whenever you wish.