The Grub Log

Privacy Policy

Last updated 24 June 2026

This Privacy Policy explains how The Grub Log ("we", "us", "the app") collects, uses, and protects your personal data when you use our food and macro logging app. We are committed to processing your data in accordance with the EU General Data Protection Regulation (GDPR) and applicable data protection laws.

The data controller responsible for your personal data is Hugo Pires. For any privacy-related questions or to exercise your rights, contact us at hugo@thegrublog.com.

1. Data we collect

We collect only what we need to run the app:

  • Account data: your email address and authentication details when you create an account or sign in.
  • Profile data: optional details you choose to add, such as your first and last name, country of residence, and a profile photo.
  • Nutrition data: the meals you log, including descriptions, calories, macros, and your daily calorie and protein goals.
  • Meal photos: images you choose to take or upload for AI-assisted meal analysis.
  • Voice input: if you log meals by voice, your speech is transcribed to text on your device.
  • Technical data: basic information needed for security and to keep the service working (such as error reports).

We do not knowingly collect special-category health data beyond the nutrition information you voluntarily enter, and we never sell your data.

2. How we use your data

  • To provide meal logging, tracking, and goal features.
  • To analyse meal photos and descriptions and estimate nutritional values using AI.
  • To sync your data across your devices when signed in.
  • To secure your account and prevent abuse.

3. Legal bases for processing

Under the GDPR, we rely on:

  • Contract: to deliver the app's core features you have signed up for.
  • Consent: when you choose to provide a meal photo or use voice input. You can withdraw consent at any time.
  • Legitimate interests: to keep the service secure and functioning.

4. AI processing

When you submit a meal photo or description for analysis, it is processed by AI services to estimate calories and macros. Photos are used only to generate that analysis and are not used to train third-party models on your behalf without your consent.

5. Data sharing and processors

We share data only with service providers who help us run the app (such as cloud hosting, authentication, and AI analysis providers), acting as our processors under contract. We do not sell or rent your personal data to anyone.

6. Data retention

We keep your account and nutrition data for as long as your account is active. When you delete your account, your personal data — including meal logs and photos — is deleted immediately from our active systems. Limited copies may persist briefly in routine backups before being overwritten.

7. Your rights under the GDPR

You have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data ("right to be forgotten").
  • Restrict or object to certain processing.
  • Request a portable copy of your data.
  • Withdraw consent at any time.
  • Lodge a complaint with your local data protection authority.

To exercise any of these rights, email hugo@thegrublog.com.

8. Data security

We use appropriate technical and organisational measures, including encrypted connections and access controls, to protect your data. No method of transmission or storage is completely secure, but we work to protect your information.

9. International transfers

Some of our providers may process data outside the European Economic Area. Where this happens, we rely on appropriate safeguards such as Standard Contractual Clauses.

10. Children

The Grub Log is not intended for children under 16. We do not knowingly collect data from children.

11. Changes to this policy

We may update this policy from time to time. Material changes will be reflected by the "Last updated" date above.

See also our Terms & Conditions.