Policies

Privacy Policy

Effective October 7, 2025 • Last Updated October 7, 2025

Onederland (“we,” “our,” or “us”) designs the app so your health history lives on your device. This Privacy Policy explains what information the app stores locally, the limited situations when data leaves your device, and the choices you have. If you do not agree with this policy, please do not use the app.

Information We Handle

On-Device Health Journal

GLP-1 injection history (date, dose, site, streaks, notes)
Manual health metrics you log (weight, vitals, labs, goals, measurements)
Food entries, saved meals, and AI-assisted nutrition estimates you choose to save
Calendar notes, custom graphs, and dashboard preferences

Apple Health Data (Optional)

With your explicit permission, the app reads Apple Health categories such as weight, activity, sleep, nutrition, or vitals to display alongside your manual entries.
Apple Health data is stored in the local app database. It is not forwarded to Onederland servers.

App Preferences & Local Logs

Settings such as theme, units, notification reminders, and sync configuration
Diagnostic logs kept on-device to help troubleshoot issues when you contact support
Optional debug exports you trigger from the settings menu

Device & Diagnostic Identifiers

A random device identifier stored in your secure keychain so the app can request runtime configuration from our Cloudflare Worker
Crash signatures and stack traces captured only if crash reporting is enabled (see below)
We do not collect email addresses, names, birthdays, or passwords, and the app does not create an Onederland account or cloud profile.

When Data Leaves Your Device

By default, your logs remain local. The app transmits data only in the situations listed below, and only for the features you use:

Mixpanel (analytics): When analytics is enabled by configuration or your consent, the app sends pseudonymous event data (feature names, timestamps, device model) tied to a randomized identifier. You can request that we disable analytics for your device at any time.
Onederland Cloudflare Worker (runtime configuration): On launch the app sends the random device identifier to fetch encrypted feature flags, API tokens, and configuration. No health records, meals, or contact details are transmitted in these requests.
AI Nutrition (OpenAI via the Onederland gateway): If you choose photo- or text-based nutrition analysis, the image or description you submit is proxied through our Cloudflare Worker to OpenAI to produce an estimate. Onederland does not retain these uploads beyond returning the result to you.
Barcode lookup (OpenFoodFacts and USDA FoodData Central): When you scan or enter a UPC, the barcode value is sent to these public food databases to retrieve nutrition facts. We do not send your health history with these requests.
RevenueCat (subscriptions): If you start a trial or purchase premium features, Apple App Store receipts and anonymous identifiers are shared with RevenueCat to confirm entitlements. Your health entries are not shared.
Sentry (crash diagnostics, optional): When a Sentry DSN is present, crash reports, stack traces, and limited device metadata are sent to Sentry to help us investigate stability issues. Health data and free-form notes are deliberately excluded.
Apple iCloud Drive (user-managed backups): If you export a backup, the JSON file is saved to a location you choose (e.g., iCloud Drive or Files app). Onederland cannot access these backups.

We do not host your health records on Amazon Web Services or any Onederland-operated cloud database, and we do not sync data across multiple devices automatically.

How We Use Your Information

Provide core functionality: render charts, reminders, streaks, dashboards, and exports using the data stored locally on your device.
Deliver optional features you request: perform AI-assisted nutrition estimates, barcode lookups, or subscription checks only when you initiate those features.
Maintain stability and support purchases: diagnose crashes (if enabled), confirm App Store receipts, and tune feature availability via runtime configuration.

Storage & Security

Your data is stored locally in a SQLite database; sensitive tokens are kept in the device keychain/secure storage.
Backups you export are standard JSON files you save to iCloud Drive or Files and remain in your custody. Onederland cannot access these backups.
Runtime configuration tokens and analytics identifiers are generated on-device and can be reset by clearing the app’s data.
We conduct periodic security reviews of mobile builds and shared code to keep the app current.

Controls & Choices

Manage Health access from iOS Settings → Privacy & Security → Health at any time.
Skip features such as AI nutrition or barcode lookup if you prefer not to send information to those services.
Contact support@fandaria.com to disable analytics for your device or to ask us to remove diagnostic identifiers.
Use Settings → Clear All Data inside the app to delete local records immediately.
Delete any backup files you created from iCloud Drive or other storage providers to remove copies outside the app.

Your Rights

You can access, export, or delete the information stored on your device at any time using the app’s export and deletion tools. Because Onederland does not maintain user accounts, we cannot retrieve data that you delete locally or from your own iCloud storage.

If you reside in a jurisdiction with additional privacy rights (including the CCPA or GDPR), email support@fandaria.com and we will help you exercise access, correction, opt-out, or deletion rights related to analytics identifiers or diagnostic data we control.

Apple Health Integration

We only read Apple Health data types that you explicitly approve.
You can grant or revoke access to individual data types at any time in iOS Settings.
We never use Apple Health data for advertising, and we never sell or share it with third parties.

Compliance Notices

Children’s Privacy

The app is not intended for individuals under 18. We do not knowingly collect data from minors. If we learn that a minor has provided information, we will delete it promptly.

International Data Transfers

Services such as Mixpanel, RevenueCat, Sentry, OpenAI, and Cloudflare may process data in the United States or other regions with appropriate safeguards. By using the app or requesting these features you consent to those transfers.

California Privacy Rights (CCPA)

California residents can request details about the limited personal information shared with processors and may instruct us to disable analytics identifiers by emailing support@fandaria.com.

European Data Protection Rights (GDPR)

EEA, UK, and Swiss residents may contact us to exercise rights of access, rectification, restriction, objection, or erasure with respect to the diagnostic identifiers we control. We process data as necessary to provide the app and based on your consent for optional features.

Updates to This Policy

We may update this Privacy Policy as the app evolves. Material changes will appear in the app with a new “Last Updated” date, and we will provide in-app notice when required.

Contact Us

If you have questions or wish to exercise your privacy rights, contact us at:

Email: support@fandaria.com