Features AI Power How It Works Plans Blog

Tools

๐Ÿ”ฅ Calorie Calculator ๐Ÿ“Š BMI Calculator โš–๏ธ Ideal Weight ๐Ÿƒ Calories Burned
Start Free
โ† Back to home

Privacy Policy

Last updated: March 2026

At Tabeku, we take your privacy seriously. This policy explains what data we collect, how we use it, and your rights regarding your personal information under the General Data Protection Regulation (GDPR) and applicable laws.

1. Data Controller

The data controller responsible for your personal data is the "Tabeku Team", based in Spain. For any privacy-related inquiries or to exercise your rights, you can contact us at [email protected].

2. Data We Collect

We process three main categories of data. 1) Account Data: email, date of birth, gender, and basic profile info. 2) Health & Physical Data (Special Category): height, weight, activity level, food diary entries, meal plans, and water intake. 3) Usage Data: app interactions and technical device information.

3. How We Use Your Data

Your data is used to: create and manage your account; provide personalized calorie and macro targets; analyze the nutritional content of meals using AI; track your fitness progress over time; process payments for PRO features; and improve the overall service and stability of the app.

4. Legal Basis for Processing (GDPR)

We process your data based on: a) Explicit Consent (Art. 9(2)(a) GDPR) for processing special category health and dietary data; b) Contract Performance (Art. 6(1)(b) GDPR) to deliver the service you signed up for; and c) Legitimate Interest (Art. 6(1)(f) GDPR) for essential analytics, service improvement, and security.

5. Third-Party Processors

We use trusted third-party services (subprocessors) to operate Tabeku. These include OVH (EU) for server hosting and database storage, Cloudflare (US/Global) for security and content delivery network (CDN) proxying, Google (Gemini API) for AI food analysis, and RevenueCat (US) for subscription payment processing.

6. International Data Transfers

When your data is transferred to processors outside the European Economic Area (EEA), such as to our US-based partners (Cloudflare, RevenueCat, Google), these transfers are protected by Standard Contractual Clauses (SCCs) approved by the European Commission, ensuring adequate data protection safeguards.

7. Cookies & Local Storage

Currently, Tabeku only uses essential session cookies and local storage mechanisms necessary to keep you logged in and remember your basic app preferences (such as language selection). We do not currently use non-essential tracking or marketing cookies.

8. Data Security

We implement strict security measures to protect your data, including encryption in transit (HTTPS/TLS) and encryption at rest on our EU-based servers. Access to production databases is strictly limited. In the event of a data breach posing a risk to your rights, we will notify you and the competent supervisory authority within 72 hours.

9. Data Retention

We retain your personal data for as long as your account remains active. If you choose to delete your account, all identifiable personal and health data is permanently removed from our active databases within 30 days. We may retain anonymized, aggregated analytical data indefinitely for statistical purposes.

10. Children's Privacy

Tabeku is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from minors. If we become aware that we have collected information from someone under 16 without verified parental consent, we will take steps to securely delete that information immediately.

11. AI Transparency & EU AI Act

We utilize AI models to estimate the nutritional content of your meals based on photos or text you provide. Photos are processed in real-time and are NEVER permanently stored or used to train third-party AI models. The AI provides estimates, which you can manually override at any time. You have the right to request clarification on how these estimates are generated.

12. Your Rights

Under the GDPR, you have the right to: access your data; request rectification of incorrect data; request deletion of your data (Right to be Forgotten); restrict or object to processing; receive your data in a portable format; and withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

13. Changes & Complaints

We may update this policy periodically. Significant changes will be communicated to you via the app or email. If you have concerns about how we handle your data, please contact us first at [email protected]. You also retain the right to lodge a complaint with the Spanish Data Protection Agency (AEPD) or your local supervisory authority.