Effective: May 21, 2026 · Last updated: May 21, 2026
Puubu helps you track meals and symptoms to spot patterns in how food relates to how you feel. This Privacy Policy explains how Puubu LLC ("we," "us," or "our") collects, uses, processes, and protects your data, and what control you have over it, including your rights under the General Data Protection Regulation (GDPR), the UK GDPR, and the California Consumer Privacy Act as amended by the CPRA (CCPA/CPRA).
By using Puubu, you explicitly consent to the collection, use, and processing of your health-related data as described in this policy. If you do not agree with these terms, please do not use the app.
Because Puubu tracks symptoms, digestion, and bowel movements, the data you enter includes health-related information. Under the GDPR this is classified as "Special Category Data" and requires explicit consent to process.
Your consent. By inputting this data into Puubu, you provide your explicit consent for us to process it for the sole purpose of providing the app's tracking, pattern-detection, and AI-insight features.
Scope of the consent. Your consent also covers sending summarized health data to our AI subprocessor (Anthropic) as part of generating weekly reviews, as described in Section 3. Anthropic's processing terms are described in Section 5.
Withdrawal of consent. You can withdraw your consent at any time by deleting your data within the app (Settings → Your Data) or by uninstalling the app entirely. Withdrawal does not affect the lawfulness of any processing carried out before the withdrawal.
All of your detailed health data, including meals, symptoms, bowel movements, weekly reviews, and detected patterns, is stored locally on your device using your phone's built-in storage.
No cloud sync. We do not sync this health data to a cloud or store it on our servers. If you delete the app or lose your phone, this data is removed with it.
Basic profile. We also store a basic profile (age range, gender selection, subscription status, and selected gut conditions) locally on your device to personalize your experience.
To identify ingredients and generate insights, limited data is sent temporarily through our infrastructure and then forwarded to Anthropic's Claude API for processing.
Food lookups. When you search for a food by name, we send that name to identify likely ingredients.
Photo and barcode scans. When you scan food, the image or barcode is sent for analysis. Images are processed for analysis and discarded immediately after the response is returned. They are not persisted on Puubu's servers.
Weekly reviews. To generate weekly insights, we send a summarized snapshot of that week's meals, symptoms, bowel movements, and timing. This summary contains only what is needed to identify patterns and does not include your full history. This summary includes health-related data. Sending it to our AI subprocessor is part of the processing you consented to in Section 1, and Anthropic's retention terms are described in Section 5.
No persistent identifiers. We do not send or collect your name, email, account information, or persistent advertising or marketing identifiers, because we do not maintain accounts.
IP addresses. Like all internet services, your IP address is inherently transmitted to our servers and our third-party infrastructure providers in transit so a secure connection can be established. We do not log, store, or link IP addresses to any individual user profile. Standard HTTPS/TLS encryption protects this data in transit (see Section 9).
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, our legal bases for processing your personal data under the GDPR are:
You can object to processing carried out under legitimate interest at any time by contacting us (see Section 10).
We minimize the third parties we work with. To provide Puubu's services, data is processed by the following:
Anthropic (Claude API). Processes food lookups, scanned images, and weekly summaries. According to Anthropic's published API data policy, inputs and outputs may be retained for up to 30 days for trust, safety, and abuse prevention purposes, and are not used to train Anthropic's AI models. Anthropic is located in the United States.
Railway. Our cloud hosting infrastructure provider. Our Puubu server, hosted on Railway, does not log the content of requests passing through it. Railway may retain standard infrastructure metrics (request counts, error rates, IP addresses for security purposes) per their own privacy policy, which is independent of Puubu's. Railway is located in the United States.
OpenFoodFacts. When you scan a product barcode, the barcode number is sent to this open-source product database to look up product information. No personal data, health data, or identifiers are sent. OpenFoodFacts is an EU-based nonprofit.
RevenueCat. Used to validate and manage subscription entitlements across platforms. RevenueCat receives a pseudonymous user identifier it generates (not your name or email), purchase events from Apple or Google, and basic device information (such as OS version and locale) used solely for subscription validation and fraud prevention. RevenueCat does not receive your meals, symptoms, or any health-related data. RevenueCat is located in the United States.
Apple App Store and Google Play Store. If you subscribe to Puubu Pro, purchases are handled entirely by Apple or Google under their respective privacy policies. We do not receive or store your payment details.
Puubu does not use advertising networks, behavioral analytics services, crash reporting trackers, or cookies.
When you use Puubu from outside the United States, including from the EEA, the UK, or Switzerland, your data (such as temporary AI requests and IP addresses in transit) is transferred to and processed by service providers located in the United States, as listed in Section 5. Where applicable, these transfers rely on appropriate safeguards under GDPR Chapter V, including Standard Contractual Clauses entered into by our subprocessors.
Because the bulk of your data is stored locally on your device and never leaves it, the volume of data subject to international transfer is limited to the items described in Section 3.
Depending on your location (including the EEA, the UK, Switzerland, and California), you have rights regarding your personal data. These include the rights to access, rectify, delete, restrict, or object to the processing of your data, the right to data portability, and the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects.
Because of Puubu's local-first architecture, we do not hold your health data on our servers, meaning we have nothing to look up, export, or delete remotely on your behalf. You have direct, total control over your data:
If you wish to formally exercise your data protection rights under the GDPR, the UK GDPR, or the CCPA/CPRA, please email us at support@puubu.com with the subject line "Data Privacy Request." We will acknowledge your request within 10 business days and respond substantively within 30 days (extendable by an additional 60 days for complex requests, in which case we will notify you).
Because we do not collect names, emails, or accounts, we may need to ask you for additional context to verify whether any temporary, pseudonymous data (such as an active RevenueCat identifier) exists in our systems that relates to you. If we cannot verify your identity, we may not be able to act on the request.
You also have the right to lodge a complaint with your local supervisory authority (for example, your country's data protection authority in the EEA, or the Information Commissioner's Office in the UK).
If you are a California resident, the following applies in addition to the rights described in Section 7.
Categories of personal information. Since this policy took effect, Puubu has processed the following categories of personal information as defined by the CCPA: identifiers (a pseudonymous RevenueCat ID and transient IP addresses), commercial information (subscription purchase events), internet activity information (limited to API requests), and inferences drawn from health-related inputs you voluntarily provide on-device. We have disclosed these categories of information only to the service providers and subprocessors specified in Section 5 for the operational business purposes described therein.
Sensitive personal information. Health-related data you enter into Puubu may constitute "sensitive personal information" under the CPRA. We use this information only to provide the app's core functionality and do not use or disclose it for purposes beyond what you have consented to.
No sale or sharing. We do not "sell" or "share" your personal information, health data, or identifiers for monetary or other valuable consideration, or for cross-context behavioral advertising purposes, as those terms are defined under the CCPA/CPRA.
No discrimination. We will not discriminate against you for exercising any of your CCPA/CPRA rights, including by denying you services, charging you different prices, or providing you a different level of service.
We take the security of your data seriously. All communication between the Puubu app, our pass-through server, and our third-party subprocessors is encrypted in transit using standard HTTPS/TLS encryption.
Data stored on your device is protected by your device's built-in storage encryption and by the access controls you have configured on your device (such as PIN, biometrics, or device encryption). Because we do not store your health data on our servers, the primary security perimeter for your data is your device itself.
Data breach notification. In the unlikely event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours where required, and we will notify affected users without undue delay where the breach is likely to result in a high risk to them. Because we do not collect email addresses, user accounts, or other direct contact information, such notifications will be posted prominently within the app and on the Puubu website rather than sent individually.
Puubu is intended for users aged 18 and older. We do not knowingly collect, process, or solicit data from anyone under the age of 18. If you believe we may have inadvertently processed data from a minor, please contact us at support@puubu.com and we will take steps to ensure it is discarded.
We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. If we make material changes, we will update the "Last updated" date at the top of this policy and post the revised policy within the app under Settings → Legal. Where a change materially affects how your health data is processed, we will additionally surface a notice within the app. Your continued use of the app after changes take effect constitutes your acceptance of the updated policy.
Puubu is operated by Puubu LLC, acting as the Data Controller for the limited personal data described in this policy.
If you are located in the EEA or the UK and you have unresolved concerns, you have the right to contact your local data protection authority.