Version v1 ยท Effective 2026-05-12
- You own your data. Export or delete it anytime.
- We never train models on your raw photos or food log.
- No third-party ads. No data sale to ad networks.
- Subprocessors are listed below โ and minimized.
Data we collect
Account email, profile health preferences (age, height, weight, diet), food and weight log entries, photos you upload, and analytics about app usage. Carbo is GDPR + Israeli Privacy Protection Law compliant.
How we use your data
Personalize daily targets, render your charts, and improve the deterministic recommendation engine. Photos are processed for moderation + LLM analysis; raw photo bytes never train any model.
Your rights
- Export your data: /api/profile/export.
- Delete your account: Profile โ Danger zone.
- Withdraw consent at any time from Profile โ Privacy.
Subprocessors
Cloudflare (US, hosting + CDN), Neon (US/EU, database), Google Gemini (LLM), Stripe (payments โ disabled at launch), Sender + Brevo (email), Sentry + Axiom (observability).
Israeli Privacy Protection Authority
Carbo evaluates Database Registry registration per Amendment 13 thresholds. At v1.0 we do not meet any registration trigger; this is re-evaluated at DAU = 10k, before flipping paymentsEnabled to true, or before hiring any employee.