Privacy policy

Transparency matters.

MacroHacker respects your data. This statement explains how we handle wearable-informed nutrition insights, accounts, and exports across every touchpoint.

Last updated: 11/15/2025

Privacy Policy

Last updated: 11/15/2025

Macro Hacker Incorporated (“we”, “us”, “our”) provides personalized nutrition and wellness insights by connecting to your wearable devices and health platforms, including Apple Health / Apple Watch and Garmin (“Connected Services”). This Privacy Policy explains how we collect, use, share, and protect your information when you use our services (the “Service”).

If you do not agree with this Privacy Policy, do not use the Service or connect your accounts/devices.

1. Who we are and how to contact us

Controller / Operator:

  • Macro Hacker Incorporated
  • 251 Little Falls Drive, Wilmington, DE 19808
  • Email: team@macrohacker.ai

2. What this policy covers

This policy applies when you:

  • Use our mobile app or web app
  • Connect a wearable or health platform (e.g., Apple Health, Garmin) to our Service
  • Contact us (support, sales, feedback)
  • Take part in our research, surveys, beta programs, or experiments

It does not cover how Apple, Garmin, your employer, your insurer, or any other third party handles your data. Check their privacy policies separately.

3. The data we collect

We collect three main categories of data:

3.1. Data you provide directly

Examples:

  • Identification: name, email, username, password (hashed), profile photo (optional)
  • Demographics: date of birth, age, sex/gender, height, weight (if you choose to provide it)
  • Nutrition details: foods logged, meals, beverages, supplements, preferences, intolerances, goals
  • Lifestyle info: sleep habits, activity patterns, stress, work schedule (if you enter these)
  • Messages: support requests, feedback, survey responses

3.2. Data from connected devices and platforms

When you connect Apple Health / Apple Watch, Garmin, or other platforms, we may receive:

  • Activity & fitness: steps, distance, active minutes, activity type, VO₂ max, training load
  • Heart & physiology: heart rate, heart rate variability, resting heart rate, stress metrics, respiration, pulse ox, body battery (Garmin), body composition, blood pressure (if available)
  • Sleep: time in bed, time asleep, sleep stages/quality, sleep consistency
  • Body metrics: height, weight, BMI, body fat %, lean mass (if available)
  • Workouts: workout type, duration, intensity, calories burned, location (if enabled)
  • Other health data: as available from the Connected Service and as you authorize (e.g., menstrual data, energy expenditure, basal metabolic rate, etc.)

Exactly what we receive depends on:

  • What the platform provides
  • Which permissions you grant inside Apple Health, Apple Watch, Garmin, etc.
  • Your device and OS version

For Apple Health / HealthKit, we must request and receive fine-grained permissions per data type (e.g., steps, heart rate, sleep). You can revoke those permissions at any time in your device settings.

3.3. Automatically collected technical data

When you use the Service, we also collect:

  • Device data: device model, OS, app version, language, time zone
  • Log data: IP address, timestamps, screens viewed, crash logs, performance data
  • Cookies / similar tech (for web): session cookies, authentication tokens, basic analytics

We do not use your health data for third-party targeted advertising. See Section 7.

4. How we use your data

We use your data for the following purposes:

4.1. To provide and personalize the Service

  • Import and sync data from your connected devices and platforms
  • Generate nutrition, recovery, and wellness insights
  • Recommend adjustments to diet, habits, or routines
  • Show trends, charts, and historical reports
  • Tailor in-app content and features to your goals

4.2. To maintain, protect, and improve the Service

  • Debugging and fixing issues
  • Monitoring performance, usage patterns, and stability
  • Developing new features, algorithms, and product improvements
  • Training models using aggregated and/or de-identified data (where legally allowed)

4.3. To communicate with you

  • Account and security notices (e.g., password resets, login alerts)
  • Service updates, feature announcements, and onboarding messages
  • Responding to your questions and support requests
  • With your consent, optional product updates, newsletters, or surveys (you can opt out)

4.4. To comply with legal and contractual obligations

  • Meeting Apple HealthKit and App Store privacy requirements
  • Meeting Garmin API / SDK and security requirements
  • Complying with applicable privacy, consumer health data, and medical data laws
  • Responding to lawful requests from regulators or law enforcement (see Section 8)

5. Special rules for health data

Health data is highly sensitive. In addition to local law, Apple and Garmin impose extra constraints on how their health data is used:

  • We do not use health or fitness data from Apple Health / HealthKit or Garmin for third-party advertising, data brokerage, or ad targeting.
  • We do not sell your health data.
  • We do not share raw health data with social networks or ad networks.
  • We only use health data to provide and improve health, wellness, and research features, as described in this policy.
  • If we ever want to use your health data for new purposes that are materially different from what’s described here, we’ll ask for your explicit consent where required.

6. Legal bases (if you’re in the EEA/UK or similar jurisdictions)

Where applicable law requires a legal basis (e.g., GDPR/UK GDPR), we rely on:

  • Performance of a contract: to run the app, sync your data, and provide insights.
  • Consent: for reading health data from devices/platforms and for any optional processing you turn on (e.g., specific experimental features, some research uses, certain communications).
  • Legitimate interests: to monitor and improve the Service, secure our systems, prevent abuse/fraud, and develop new functionality, unless those interests are overridden by your rights.
  • Legal obligation: when we must retain or disclose data to comply with law.

You can withdraw consent at any time (for example by revoking permissions in Apple Health or Garmin, or via in-app settings), but that won’t affect processing that has already happened.

7. How we share your data

We share data only with the following categories of recipients, and only as necessary:

7.1. Service providers (processors)

Carefully selected third parties that help us operate the Service, such as:

  • Cloud hosting and storage providers
  • Error monitoring and logging services
  • Analytics tools (for aggregated or de-identified usage, not raw health data)
  • Email and push notification providers
  • Customer support tools

We require them by contract to:

  • Process data only on our instructions
  • Implement appropriate security measures
  • Not use your data for their own marketing purposes

7.2. Connected platforms (Apple, Garmin, etc.)

When you connect or disconnect a service, we interact with that platform as necessary:

  • We read the data points you explicitly authorize.
  • In some cases, we may write certain data back (e.g., nutrition logs or workouts), only if you enable that feature.
  • Your relationship with Apple and Garmin is governed by their own terms and privacy policies, not by us.

7.3. Aggregated and de-identified data

We may use and share aggregated or de-identified information (information that cannot reasonably be used to identify you) for:

  • Research and statistical analysis
  • Product development
  • Marketing (e.g., “X% of users improved Y metric in 3 months”)

We do not attempt to re-identify such data.

7.4. Business transfers

If we are involved in a merger, acquisition, sale of assets, financing, or similar transaction, your data may be transferred as part of that transaction, subject to the same or stronger privacy protections.

7.5. Legal and safety reasons

We may disclose data if we reasonably believe it’s necessary to:

  • Comply with applicable law, regulation, legal process, or governmental request
  • Enforce our terms and policies
  • Protect the rights, property, or safety of Macro Hacker Incorporated, our users, or the public

We will push back on overbroad or unreasonable requests where the law allows.

We do not sell your personal information, including health data, as “sale” is defined under many privacy laws (e.g., CCPA/CPRA). If local law defines “sale” more broadly (e.g., for data sharing), we will treat your data accordingly and honor opt-out rights where applicable.

8. Data retention

We keep your data only for as long as necessary to:

  • Provide you with the Service
  • Fulfill the purposes described in this policy
  • Comply with legal, regulatory, tax, accounting, or security requirements

In practice:

  • Account data and synced health data are kept while your account is active.
  • If you delete your account, we aim to delete or irreversibly de-identify personal data within approximately 30 days, subject to legal retention requirements.
  • Backups may retain data for an additional limited period, but are eventually overwritten.
  • We may retain aggregated or de-identified data beyond account deletion, because it cannot reasonably be linked back to you.

9. Data security

We use technical and organizational measures to protect your information, including:

  • Encryption in transit (TLS) and at rest for key systems
  • Access controls and role-based permissions
  • Secure development practices, logging, and monitoring
  • Minimum security measures required by Apple, Garmin, and other partners
  • Regular review of infrastructure and dependencies

No system is perfectly secure. If we become aware of a data breach that affects your rights or freedoms, we’ll notify you and relevant authorities as required by law.

10. Your rights

Your rights depend on where you live. Subject to local law, you may have the right to:

  • Access: Get a copy of the personal data we hold about you.
  • Correction: Ask us to fix inaccurate or incomplete data.
  • Deletion: Ask us to delete your data in certain circumstances.
  • Restriction: Ask us to limit processing in some cases.
  • Portability: Ask for a copy of your data in a structured, machine-readable format.
  • Objection: Object to certain types of processing (e.g., profiling based on legitimate interests).
  • Withdraw consent: When processing is based on consent, you can withdraw it at any time.

You can exercise many of these rights directly in the app (e.g., by disconnecting devices, changing permissions, deleting logs, or deleting your account). Otherwise, contact us at team@macrohacker.ai.

Depending on your jurisdiction, you may also have the right to complain to a supervisory authority (e.g., a data protection authority or regulator).

If you’re in California or a similar U.S. state with omnibus privacy law, you may additionally have:

  • Right to know/access specific pieces and categories of personal information we’ve collected
  • Right to correct and delete
  • Right to opt out of “sale” or “sharing” of personal information for cross-context behavioral advertising
  • Right not to be discriminated against for exercising your rights

We do not use your health data for cross-context behavioral ads.

11. Managing connections and permissions

You remain in control of your device and platform permissions.

  • Apple Health / Apple Watch: You can change which data we can read or write at any time in your iPhone Health settings. Turning off a category stops future syncing from that category.
  • Garmin: You can manage our access in your Garmin account or Garmin Connect settings. Revoking access stops new data flows from Garmin to us.
  • Deleting data in the app typically doesn’t automatically delete it from Apple Health, Garmin, or other third-party platforms. You need to manage data on those platforms separately.
  • If you disconnect a source, we may retain data we already imported, unless you delete it or delete your account.

12. Children’s privacy

Our Service is not intended for children under 18 and we do not knowingly collect personal data from them.

If we learn that we have collected personal data from a child in violation of applicable law, we will delete that data as soon as reasonably practicable. If you believe a child has provided us data, contact us at team@macrohacker.ai.

13. International data transfers

We may store and process data in [list countries/regions] using third-party service providers.

Where law requires specific protections for international transfers (for example, transfers out of the EEA/UK/Switzerland), we rely on appropriate safeguards such as:

  • Adequacy decisions; and/or
  • Standard contractual clauses or similar approved mechanisms

You can contact us for more information about these mechanisms where applicable.

14. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by:

  • Updating the “Last updated” date at the top, and
  • Providing an in-app notice, email, or similar communication where required

If you continue using the Service after the updated policy takes effect, that means you accept the changes. If you do not agree, you should stop using the Service and delete your account.

15. Contact

If you have questions or concerns about this Privacy Policy or our data practices, contact:

  • Macro Hacker Incorporated
  • Email: team@macrohacker.ai
  • Postal: 251 Little Falls Drive, Wilmington, DE 19808

If you are in a jurisdiction with a data protection authority, you may also have the right to lodge a complaint with that authority.