What we collect, and why.

Cardia is designed to collect the minimum data needed to give you a heart-health score. Photos you scan are stored privately in our cloud and linked to your account so you can revisit past meals, alongside the derived nutrition values (saturated fat, trans fat, fiber, cholesterol, calories). We never use them for advertising or share them with anyone. When you delete your account, every photo and every record is deleted with it.

We use Apple and Google Sign-In to authenticate. We never receive your password. Your email is stored so we can email you about your account.

We do not sell your data. We do not run ads. Aggregated, fully anonymous metrics are used to improve the scoring model.

Product analytics & diagnostics. We use PostHog (US cloud) to understand which features are used and to debug issues. PostHog receives the events your app emits (e.g. scan started, score viewed), your account's user ID, your device type and OS version, app version, and your IP address. When you're signed in, these events are linked to your account so we can investigate issues you report. Anonymous session replays may be recorded; text inputs (including email and the delete-account confirmation) are automatically masked. We use Sentry to capture crash reports and performance traces. Neither tool is used for advertising, and we do not share this data with anyone else.

You can export your full data at any time from Me → Privacy → Export my data, and delete your account at Me → Privacy → Delete account. Deleting your account also removes your identified events from PostHog.

This is a summary. A full legal privacy policy will be published before public launch.