Effective Date: February 15, 2026
1. Introduction
ZYME ("we", "us", "our", or "the app") is a nutrition and health tracking application developed by Denkilab. We are committed to protecting your privacy and being transparent about how we handle your data.
This Privacy Policy explains what information ZYME collects, how it is used, and your rights regarding your personal data. By using ZYME, you consent to the practices described in this policy.
2. Data Controller
Denkilab Email: info@denkilab.com
For any privacy-related inquiries, please contact us at the email address above.
3. Data Storage Philosophy
ZYME is designed with a local-first, privacy-by-design approach. All your personal data is stored directly on your device and is not transmitted to any central server or cloud service. You maintain full control over your data at all times.
4. Information We Collect
4.1 Personal Information (Stored Locally on Your Device)
When you use ZYME, the following information may be stored locally on your device only:
| Data Category | Examples |
|---|---|
| Profile Information | Username, avatar photo, phone number, email, birthday, gender, height, activity level, fitness goals |
| Nutrition Data | Food diary entries, meal plans, water intake, dietary preferences |
| Health & Fitness Info | Weight, body measurements, steps, sleep data (total, deep, light, REM), heart rate |
| Health Annotations | Mood, energy levels, digestion notes, menstrual cycle tracking |
| Allergies & Intolerances | Your specific food allergies and intolerances |
| Supplements | Information about supplements and medications you track |
Important: This data never leaves your device unless you explicitly choose to share it via peer-to-peer sync with another device you own.
4.2 Data We Do NOT Collect
- We do not collect or store your data on external servers
- We do not sell, rent, or trade your personal information
- We do not use your data for advertising purposes
- We do not share your data with third parties for marketing
5. Device Permissions
ZYME requests the following permissions. You can deny any permission and still use core app features:
| Permission | Purpose | Required? |
|---|---|---|
| Camera | Capture photos for profile avatar or food images; scan barcodes for food lookup | Optional |
| Photo Library | Select existing photos from your device | Optional |
| Internet Access | Search the Open Food Facts database; report application errors | Required for food search |
| Health Data Access | Read steps, sleep, and heart rate data from Google Health Connect (Android) or Apple Health (iOS) | Optional |
| Location/WiFi | Required only for peer-to-peer device synchronization via WiFi Direct | Optional |
| Background Processing | Update home screen widgets with your daily diary data | Optional |
6. Legal Basis for Processing (GDPR)
Under the General Data Protection Regulation (GDPR), we process your data based on the following legal grounds:
- Consent: You provide explicit consent when granting permissions (camera, health data, etc.)
- Contract Performance: Processing necessary to provide the app's core functionality
- Legitimate Interest: Error reporting to maintain app stability and security
7. How We Use Your Information
7.1 Local Processing
All nutrition calculations, health tracking, and data analysis are performed locally on your device. We do not have access to your personal data.
7.2 Open Food Facts API
When you search for foods or scan barcodes, ZYME sends search queries to the Open Food Facts public database.
- Data sent: Search terms or barcode numbers only
- Data NOT sent: No personal information, health data, or device identifiers
- Purpose: Retrieve nutritional information for foods
7.3 Error Reporting (Sentry/GlitchTip)
To improve app stability, ZYME uses error tracking software in release builds only.
When an error occurs, the following may be sent:
- Error messages and stack traces
- App version and platform information
Explicitly NOT included: Personal data, health information, nutrition data, profile information, or any user-generated content.
7.4 Peer-to-Peer Sync (Optional)
ZYME offers an optional feature to sync your data between devices using WiFi Direct.
- How it works: Direct device-to-device transfer over your local network
- No external servers: Data is transferred directly between your devices without passing through any external servers
- User-initiated: Only activated when you explicitly choose to sync
8. Third-Party Services
| Service | Purpose | Data Shared | Privacy Policy |
|---|---|---|---|
| Open Food Facts | Food database lookup | Search queries and barcodes only | openfoodfacts.org/privacy |
| Sentry/GlitchTip | Error tracking | Error logs and app version (no personal data) | sentry.io/privacy |
| Google Health Connect | Health data integration | Data is read from this service, not sent to it | Google Privacy Policy |
| Apple Health | Health data integration (iOS) | Data is read from this service, not sent to it | Apple Privacy Policy |
9. Data Retention
Since all data is stored locally on your device:
- Your data persists until you delete it within the app or uninstall the app
- Uninstalling ZYME removes all locally stored data permanently
- We do not retain any copy of your personal data on external servers
- Error logs sent to Sentry are retained for 90 days for debugging purposes
10. Your Rights (GDPR & Global Privacy Rights)
You have the following rights regarding your personal data:
| Right | Description | How to Exercise |
|---|---|---|
| Access | View all your stored data | Access directly within the app |
| Rectification | Correct inaccurate data | Edit directly within the app |
| Erasure ("Right to be Forgotten") | Delete your data | Delete within the app or uninstall |
| Data Portability | Export your data | Use P2P sync to transfer to another device |
| Withdraw Consent | Revoke permissions | Modify in device settings at any time |
| Restriction | Limit processing | Deny specific permissions |
| Object | Object to processing | Contact us at the email above |
To exercise any of these rights, you can either use the in-app features or contact us at the email address provided in Section 2.
11. Data Security
Your data is protected by:
- Device-level encryption: Data stored in your device's secure application sandbox
- No cloud transmission: Personal data stays on your device
- Secure connections: All network requests use HTTPS encryption
We recommend:
- Keeping your device's operating system updated
- Using device-level security (PIN, fingerprint, face recognition)
- Being cautious when using peer-to-peer sync on public networks
12. International Data Transfers
Since your data is stored locally on your device, no international data transfers occur for personal data.
For error reporting (Sentry), data may be processed in the European Union. This processing complies with GDPR requirements.
13. Children's Privacy
ZYME is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has used ZYME, please contact us and we will assist you in understanding that all data is stored locally on the device.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Changes will be indicated by:
- Updating the "Last Updated" date at the top of this policy
- Notifying users through the app for significant changes
We encourage you to review this Privacy Policy periodically. Continued use of the app after changes constitutes acceptance of the updated policy.
15. Google Play Data Safety Disclosure
In accordance with Google Play requirements, here is a summary of our data practices:
| Category | Collected? | Shared? | Purpose |
|---|---|---|---|
| Personal info (name, email) | Stored locally only | No | App functionality |
| Health info | Stored locally only | No | Health tracking features |
| Fitness info | Stored locally only | No | Fitness tracking features |
| Photos | Stored locally only | No | Profile and food photos |
| App activity | No | No | N/A |
| Device identifiers | No | No | N/A |
| Crash logs | Yes (errors only) | Yes (Sentry) | App stability |
Data is encrypted in transit: Yes (HTTPS) Data can be deleted: Yes (uninstall app or delete within app)
16. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or ZYME's data practices, please contact us at:
Denkilab Email: [INSERT YOUR CONTACT EMAIL]
We will respond to your inquiry within 30 days.
17. Summary
- Local-first: All personal data is stored locally on your device
- No cloud sync: No central server storage of your data
- No selling data: We never sell, rent, or trade your information
- Camera: Used for photos and barcode scanning only
- Open Food Facts: Used for food database lookups (no personal data shared)
- Error tracking: Collects only technical error information (no personal data)
- P2P sync: Optional, transfers data directly between your devices
- Full control: You can access, modify, delete, or transfer your data at any time
This privacy policy is provided in compliance with the General Data Protection Regulation (GDPR), Google Play Developer Program Policies, and Apple App Store Guidelines.