Privacy Policy
This Privacy Policy describes how Hippiekit (“we,” “us,” or “our”) collects, uses, stores, shares, and protects information when you use the Hippiekit mobile application, related websites, and services (collectively, the “Service”). By using the Service, you agree to this policy.
1. Health, wellness, and product-safety informationHippiekit helps you evaluate products for ingredients, packaging, microplastics-related signals, and related product-safety context. Depending on how you use the Service, we may access, process, or store information that can relate to your personal wellness or dietary choices, including:
- Ingredient lists, labels, and product categories from barcode databases or similar sources
- Nutrition facts or nutrition-related fields when available for a scanned or identified product
- Chemical or materials analyses, safety scores, flags, and explanations generated by our systems or partners
- Photos you capture or select for product identification (which may show packaging or products you use)
- Your saved scan history, including product names, brands, images, and analysis summaries associated with your account
Not medical advice. Hippiekit is for general information and consumer product research only. It is not a medical device and does not diagnose, treat, or prevent any disease. If you have health concerns, consult a qualified professional.How we use this information: We use it to provide scan results, explanations, recommendations, your history and notifications inside the app, to improve accuracy and reliability of the Service, to enforce subscription limits, and to maintain security and legal compliance. We do not sell this information.
2. Information we collectAccount and profile
- Name, email address, and optional phone number when you register or update your profile
- Password or authentication credentials (stored and processed using industry-standard security on our systems; we do not store plaintext passwords in client logs)
- Profile photo if you upload one (hosted via our file upload provider)
- Barcodes and camera input used for barcode scanning and product lookup
- Images from your camera or photo library when you use identify-by-photo flows
- Derived product data: names, brands, images, ingredient and nutrition fields, packaging or materials notes, and generated analyses
- Data sent to our backend and AI/analysis services to produce results you see in the app
- Saved scan results, favorites, search history, shopping lists, and similar features you use while signed in
- In-app notifications related to scans or your account
- Device type, operating system, app version, language, and similar diagnostics needed to run the app
- IP address and network data when you connect to our servers
- Authentication tokens stored in encrypted storage on the device where supported (for example secure storage on native builds)
- Non-sensitive preferences (for example region or filter preferences) stored locally on your device
Account deletion requestsIf you submit an account deletion request, we collect the email (and optional name or reason) you provide so we can verify and process the request.
3. How we use your information
- To create and secure your account and authenticate you
- To perform barcode, photo, and text-based product lookup and analysis
- To show history, favorites, lists, recommendations, and notifications you expect from the Service
- To operate subscription tiers, usage limits, and restore purchases
- To maintain, secure, debug, and improve the Service; detect abuse; and comply with law
- To respond to support requests, deletion requests, and legal inquiries
4. Sharing and subprocessorsWe do not sell your personal information. We may share data with:
- Cloud hosting and APIs: Servers that host our API, database, and related processing
- AI and analysis services: Systems that generate product and ingredient insights you request
- File storage / uploads: Providers used to store uploaded profile or scan-related images
- RevenueCat: Subscription and entitlement management on mobile
- Google: Google Sign-In; on Android, Google Play services components used for features such as barcode scanning may apply under Google’s terms and device settings
- Apple: App Store purchases and related receipt processing under Apple’s terms
- Legal and safety: When required by law, regulation, legal process, or to protect rights, safety, and security
- Business transfers: In a merger, acquisition, financing, or sale of assets, subject to appropriate safeguards
5. Data retentionWe keep information only as long as needed for the purposes above. Typical periods:
- Account data: For as long as your account is active. After we complete a verified account deletion, we delete or irreversibly anonymize personal data associated with your account within a reasonable period, generally within thirty (30) days, unless a longer period is required by law or dispute resolution.
- Scan history and saved content: Until you delete individual items, use bulk-delete features where available, or your account is deleted—whichever comes first.
- Backups: Residual copies may persist in secure backups for a limited time after deletion and are then overwritten or removed in line with our backup practices.
- Security and server logs: Often retained for up to approximately twelve (12) months (or less if our systems allow), unless a longer period is needed for security investigations or legal obligations.
- Transactional / tax / fraud records: May be retained as required by payment rules, app stores, or law, even after account closure.
Exact timelines can vary by system. If you need certainty for a specific category, contact us using the details below.
6. How to access, correct, or delete your data
You can control your data in the following ways:
- Profile: Update name, phone, or profile photo in the app where editing is available.
- Scan history: Delete individual saved scans or use delete-all options where provided in the app so associated records are removed from our systems according to our retention rules above.
- Account deletion: Use the account deletion request flow in the app (or on our website, if offered), which submits a request to our team to verify and delete your account and associated personal data. Keep access to your email so we can confirm your identity if needed.
- Email requests: You may also contact us at the addresses below to request access, correction, export where applicable, or deletion. We may need to verify your identity before processing.
- App stores and payments: Subscription billing records are held by Apple or Google under their policies. Deleting your Hippiekit account does not automatically cancel a store subscription; manage subscriptions in your Apple ID or Google Play settings.
- RevenueCat: Tied to your app user ID for entitlement checks; subject to RevenueCat’s privacy policy for the data they process as a processor.
7. Data securityWe use technical and organizational measures designed to protect personal information, including encryption in transit (HTTPS), access controls, and secure credential storage on supported devices. No method of transmission or storage is completely secure; we cannot guarantee absolute security.
8. Your rightsDepending on where you live, you may have rights to access, rectify, delete, restrict, or object to certain processing, data portability, and to withdraw consent where processing is consent-based. You may also have the right to lodge a complaint with a supervisory authority. To exercise these rights, contact us using the information in Section 14. We will respond within the timeframes required by applicable law.
9. Cookies and similar technologies (web)If you use Hippiekit in a web browser, we may use cookies or similar technologies for session management, preferences, and security. You can control cookies through your browser settings. Mobile app use does not rely on browser cookies in the same way; local storage on the device may still be used for login state and preferences.
10. ChildrenThe Service is not directed at children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have done so, contact us and we will take appropriate steps to delete the information.
11. International transfersWe may process and store information in the United States and other countries where we or our providers operate. Those countries may have different data protection laws than your country. Where required, we use appropriate safeguards (such as contractual clauses) for cross-border transfers.
12. U.S. state privacy (including California)If you are a California or other U.S. state resident with privacy-specific rights, you may request access or deletion of personal information as described above. We do not “sell” personal information as defined by the CCPA/CPRA. You may designate an authorized agent where permitted by law; we may require verification.
13. Changes to this policyWe may update this Privacy Policy from time to time. We will post the new version in the app and update the “Last Updated” date. For material changes, we may provide additional notice (for example, an in-app message or email). Continued use after the effective date means you accept the updated policy.
14. Contact usQuestions about this Privacy Policy, your data, or deletion requests:
- Privacy: privacy@hippiekit.com
- General / legal: ecowarriors@hippiekitgp.com
- Support (account & deletion help): ecowarriors@hippiekitgp.com
By using Hippiekit, you acknowledge that you have read this Privacy Policy and understand how we handle your information.