NexoPlate

Legal

Data & Compliance Policy

Last updated: April 5, 2026

This Data & Compliance Policy supplements our Privacy Policy and provides detailed information about the types of data NexoPlate collects and processes, our data retention practices, the third-party services we use, and how we comply with applicable privacy laws in the United States and Canada.

NexoPlate is operated by Evercrest Technologies LLC, a Pennsylvania limited liability company. The Service is available to users in the United States (including California) and Canada.

1. Data Architecture Overview

NexoPlate uses a privacy-first architecture. The app does not require user accounts. The vast majority of user data is stored exclusively on the user's device using Apple's SwiftData framework and is never transmitted to our servers during normal use.

Data is only transmitted off-device in the following scenarios:

• When you actively use an AI-powered feature (NexoPlate Coach or AI Photo Entry)
• When you search for food or scan a barcode
• When you redeem or validate a subscription access code
• When you submit a contact form or feature suggestion

2. Data Stored On-Device Only

The following data never leaves your device under any circumstances:

• Food entries and calorie logs
• Weight entries and history
• Calorie, macro, step, and burn goals
• Saved foods and saved meals
• Dashboard widget configuration
• Onboarding profile (age, gender, height, activity level, goal type)
• Streak data
• AI Coach memories
• App preferences and settings

This data is protected by Apple's built-in device encryption and is only accessible through the NexoPlate app on your device.

3. Data Processed by Our Servers

When you use features that require server communication, the following data flows through our Cloudflare-hosted backend:

Feature	Data Sent	Destination	Retention
NexoPlate Coach	Chat message, session ID, device ID, app context (food log, profile, goals, weight, steps, burns, saved memories)	Cloudflare → OpenAI	Not stored on our servers. OpenAI retains for up to 30 days.
AI Photo Entry	Food photo (base64), optional notes, session ID	Cloudflare → OpenAI	Not stored on our servers. OpenAI retains for up to 30 days.
Food Search	Search query text	Cloudflare → USDA FoodData Central	Cached up to 12 days. No user-identifying data.
Barcode Scan	Barcode number (UPC)	Cloudflare → USDA / OpenFoodFacts	Cached up to 7 days. No user-identifying data.
Subscription Validation	Device ID	Cloudflare KV	Life of subscription + 30 days
Code Redemption	Access code, device ID	Cloudflare KV	Life of subscription + 30 days
Rate Limiting	Device ID, daily/monthly message counts	Cloudflare KV	Counts reset daily/monthly. Free user keys deleted after 90 days of inactivity.
Contact Form	Name, email, topic, message	Cloudflare → Resend (auto-reply)	90 days after resolution

4. Third-Party Data Processors

4.1 OpenAI

Role: AI processing for NexoPlate Coach and AI Photo Entry

Data received: Chat messages, food photos, and app context (food log, profile data, health metrics, AI memories)

Retention: API inputs are retained for up to 30 days for safety and abuse monitoring, then deleted. OpenAI does not use API data to train its models.

Policy: OpenAI API Data Usage Policy

4.2 Stripe

Role: Payment processing for web-based subscriptions

Data received: Full payment card details, email address, billing information — provided directly by you to Stripe during checkout

What we receive from Stripe: Customer email address only (via webhook), used to deliver the access code

What we store: Email address alongside the access code in Cloudflare KV

Policy: Stripe Privacy Policy

4.3 Resend

Role: Transactional and marketing email delivery

Data received: Recipient email address, email subject and body content

Emails sent: Access code delivery after purchase, contact form auto-replies, feature suggestion confirmations, and marketing communications (with user consent)

Policy: Resend Privacy Policy

4.4 Cloudflare

Role: Backend infrastructure hosting, KV data storage, request routing

Data processed: Request metadata (IP addresses, headers), KV-stored subscription data

Policy: Cloudflare Privacy Policy

4.5 Apple (App Store & HealthKit)

Role: App distribution, in-app purchase processing, HealthKit data access

Data processed: App Store purchase information (managed by Apple), HealthKit data (steps, active energy burned — read-only, on-device)

HealthKit commitment: HealthKit data is never used for advertising, never shared with data brokers, and never transmitted to our servers except when included in AI Coach context during active chat sessions initiated by you.

Policy: Apple Privacy Policy

4.6 USDA FoodData Central

Role: Public food nutrition database for search queries

Data sent: Search query text and barcode numbers only. No personal or device-identifying data.

4.7 Open Food Facts

Role: Public barcode database (fallback)

Data sent: Barcode numbers only. No personal or device-identifying data.

4.8 Squarespace

Role: Website hosting for nexoplate.com

Data processed: Standard website visitor analytics (IP address, browser information, pages visited)

Policy: Squarespace Privacy Policy

5. Data We Do Not Collect

For clarity, NexoPlate does not collect or process the following:

• Names, usernames, or account credentials (we have no accounts)
• Location data (GPS, geolocation, or IP-based location)
• Contacts, calendar, or address book data
• Microphone or audio recordings
• Advertising identifiers (IDFA)
• Browsing history or cross-app tracking data
• Payment card numbers (handled entirely by Stripe or Apple)
• Social media profiles or connections
• Biometric data (Face ID / Touch ID are handled by Apple on-device)

6. Data Retention Schedule

Data Type	Storage Location	Retention Period
On-device app data (food logs, goals, etc.)	Your device (SwiftData)	Until you delete the app or clear app data
Subscription access codes + email	Cloudflare KV	Life of subscription + 30 days after expiration or revocation
Free user rate limit counters	Cloudflare KV	Reset daily; deleted after 90 days of inactivity
Pro user usage counts	Cloudflare KV (within access code record)	Reset daily/monthly; deleted with access code
Cached nutrition data	Cloudflare KV	7–12 days
AI chat/photo data at OpenAI	OpenAI servers	Up to 30 days (per OpenAI policy)
Contact form submissions	Cloudflare	90 days after resolution

7. Cross-Border Data Transfers

NexoPlate is operated from the United States. All backend processing occurs on Cloudflare's global network and OpenAI's servers, which are primarily located in the United States.

If you are located in Canada, the following data may be transferred to and processed in the United States:

• AI Coach messages and app context (processed by OpenAI)
• Food photos submitted for AI analysis (processed by OpenAI)
• Subscription validation requests (processed by Cloudflare)
• Payment information (processed by Stripe)

By using these features, you expressly consent to the cross-border transfer of your data to the United States. All data in transit is encrypted using HTTPS/TLS.

8. Security Measures

We implement the following security measures to protect your data:

• Encryption in transit: All communications between the app and our servers use HTTPS/TLS encryption
• Encryption at rest: On-device data is protected by Apple's built-in device encryption (Data Protection)
• Minimal data collection: We collect only the minimum data necessary for the Service to function
• No persistent server storage: AI chat messages and photos are processed in real time and not stored on our servers
• Access control: Administrative access to backend systems is protected by authentication and limited to authorized personnel
• Infrastructure security: Our backend is hosted on Cloudflare, which provides DDoS protection, Web Application Firewall (WAF), and enterprise-grade infrastructure security

9. Compliance Framework

9.1 United States — Federal

• COPPA: NexoPlate is not intended for children under 13. We do not knowingly collect data from children under 13.
• CAN-SPAM: All marketing emails include a working unsubscribe link. Opt-out requests are honored within 10 business days.
• FTC Act: We do not engage in deceptive or unfair data practices.

9.2 California — CCPA/CPRA

Under the California Consumer Privacy Act (as amended by the California Privacy Rights Act), California residents have the following rights:

• Right to Know: Request the categories and specific pieces of personal information we collect
• Right to Delete: Request deletion of personal information (processed within 45 days)
• Right to Correct: Request correction of inaccurate personal information
• Right to Opt-Out: Opt out of the sale or sharing of personal information (we do not sell or share for cross-context behavioral advertising)
• Right to Limit: Limit use of sensitive personal information to what is necessary for the Service
• Right to Non-Discrimination: We do not discriminate against users who exercise their privacy rights

Categories of personal information collected (per CCPA):

• Identifiers: Device ID (randomly generated UUID)
• Commercial information: Subscription purchase records (via Stripe or Apple)
• Internet/electronic activity: AI chat messages, food photos submitted for analysis
• Sensitive personal information: Health and nutrition data (food logs, weight, calorie/macro data, HealthKit metrics) — used only to provide the Service

We do not sell personal information. We do not share personal information for cross-context behavioral advertising.

To exercise your CCPA/CPRA rights, email legal@nexoplate.com or use our contact form.

9.3 Canada — PIPEDA

Under the Personal Information Protection and Electronic Documents Act (PIPEDA), Canadian users have the right to:

• Access their personal information held by us
• Request correction of inaccurate information
• Withdraw consent for data processing (which may limit your ability to use certain features)
• File a complaint with the Office of the Privacy Commissioner of Canada

Consent: By using AI-powered features of the Service, Canadian users provide express consent for the collection, use, and cross-border transfer of their data as described in this policy. You may withdraw consent at any time by ceasing to use the relevant features or by contacting us.

CASL (Canada's Anti-Spam Legislation): Marketing emails are sent only with your consent (obtained at the time of purchase). Every marketing email includes a working unsubscribe mechanism. Opt-out requests are processed promptly.

To exercise your PIPEDA rights, email legal@nexoplate.com.

10. Data Deletion and Your Rights

On-device data: You can delete all on-device data at any time by deleting the NexoPlate app from your device. You can delete individual entries (food logs, weight entries, saved foods, meals, and AI memories) within the app.

Server-side data: To request deletion of any data stored on our servers (such as your subscription record, email address, or rate limit data), email legal@nexoplate.com with the subject line "Data Deletion Request." Include your device ID (found in the app under Settings) so we can locate your records. We will process your request within 45 days and confirm completion.

Third-party data: Data processed by OpenAI is retained for up to 30 days per their policy and then automatically deleted. Data held by Stripe is subject to Stripe's retention policies. We cannot delete data held by third parties on your behalf, but we can direct you to the appropriate process.

11. Do Not Sell or Share My Personal Information

Evercrest Technologies LLC does not sell your personal information to third parties. We do not share your personal information for cross-context behavioral advertising purposes.

If you would like to submit a formal "Do Not Sell or Share" request, please email legal@nexoplate.com with the subject line "Do Not Sell or Share."

12. Changes to This Policy

We may update this Data & Compliance Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Continued use of the Service after changes are posted constitutes your acceptance of the updated policy.