Privacy Policy

How we collect, use, and protect your data

Privacy Personal Data Terms of Use Public Offer
Effective date: March 19, 2026 · Last updated: March 19, 2026

This Privacy Policy (the “Policy”) describes how information received from users of the “Mera” mobile application and website (the “Service”) is collected, processed, stored, and protected. By using the Service, you agree to the terms of this Policy.

1. Controller

The controller of your personal data is the Mera team (the “Controller”, “we”, “us”). You can reach us at contact@mera-api.ru.

2. What data we collect

2.1. Data provided by the user

  • Registration data: email address, password (stored as a hash).
  • Profile data: gender, age, height, weight, target weight, activity level, rate of weight change, diet type, time zone.
  • Nutrition data: meal names, portion weights, calories, proteins, carbohydrates, fats, notes, meal times, ingredients.
  • Food photographs: images uploaded for AI analysis (processed transiently and not retained on our servers after analysis).
  • Weight data: the history of weigh-ins with their dates.
  • Support requests: subject, description, application version, operating system version, device model.
  • Acquisition source: how the user learned about the Service (captured during onboarding).

2.2. Data collected automatically

  • Device tokens: push token and platform (iOS/Android) for the purpose of delivering notifications.
  • Usage data: number of AI requests (photo, text, assistant), activity dates, streaks.
  • Payment data: subscription identifier, plan, status, period dates, amounts charged, currency. Bank card data is processed by the payment provider YooKassa and is not stored on our servers.

2.3. Data from third-party services

  • OAuth authentication: when you sign in through Google or Apple, we receive your user identifier and email address. Your third-party password is never transmitted to us.

3. Purposes of processing

  • Providing the core functionality of the Service: calorie counting, nutrition and weight tracking, goal calculation.
  • Operating AI features: analysis of food photographs, text-based meal input, the personal assistant.
  • Calculating personalised goals using the Mifflin–St Jeor equation from your profile data.
  • Producing analytics: averages, trends, and projections toward the target weight.
  • Sending notifications: meal reminders, daily reports, nutrition tips, water reminders.
  • Processing payments and managing subscriptions via YooKassa.
  • Handling support requests and improving the Service.
  • Complying with applicable law and legal obligations.

4. Legal bases for processing

  • Performance of a contract — processing necessary to provide the Service you requested.
  • User consent — for sending push notifications and marketing communications.
  • Legitimate interest — for improving the Service and ensuring its security.
  • Legal obligation — where processing is required to comply with applicable law.

5. Transfer of data to third parties

We do not sell personal data and do not transfer it to third parties except in the following cases:

  • Payment processors — for processing of payments and recurring charges, including YooKassa where applicable.
  • AI model providers — processing of photographs and text requests (data is transmitted in a de-identified form).
  • Google / Apple — when OAuth authentication is used.
  • Authorities — when required by applicable law or valid legal process.

6. Storage and protection of data

  • Data is stored on secure servers with appropriate technical and organisational safeguards.
  • Passwords are stored as hashes and cannot be recovered.
  • API access is protected by JWT authentication with a token-refresh mechanism.
  • Rate limiting is applied to mitigate abuse.
  • Food photographs are processed in real time and are not retained after analysis.

7. Retention periods

Personal data is retained until the user deletes their account. Upon account deletion, all data is erased permanently. Payment history is retained for the periods prescribed by applicable law.

8. Your rights

Subject to applicable data-protection law, you have the right to:

  • Obtain information about the processing of your personal data.
  • Update or correct your data through your profile settings.
  • Change your email address (with a confirmation code).
  • Disable push notifications and configure your notification preferences.
  • Delete your account together with all associated data.
  • Withdraw your consent to the processing of personal data.

9. Cookies

The Service’s website may use technical cookies to support authentication and the correct operation of the site. We do not use cookies for tracking or advertising.

10. Changes to this Policy

We reserve the right to amend this Policy. The current version is always available on this page. In the event of material changes, we will notify users by push notification or email.

11. Contact

For questions relating to the processing of personal data, please contact us:

Download on the App Store