🚀 Launch week: 50% off your first month — use code LAUNCH50
ProteinPlan

Privacy Notice

Last updated: May 14, 2026

This Privacy Notice explains how ProteinPlan ("we", "us"), operating ProteinPlan (the "Service"), collects and processes personal data. We act as the data controller for the personal data described below.

1. Personal data we collect

  • Account data: email address, hashed password or OAuth identifier.
  • Usage data: meal-plan prompts you submit, generated plans, generation timestamps.
  • Technical data: IP address, browser and device information, log data.
  • Support data: messages you send us when you request help.
  • Subscription data: plan tier, status, and billing period (payment details are handled by Paddle, not us).

2. Purposes and legal basis

  • Provide the Service (account creation, generating meal plans, saving history) — performance of a contract.
  • Security and fraud prevention (detecting abuse, rate limiting) — legitimate interests.
  • Service improvement (aggregated analytics, debugging) — legitimate interests.
  • Customer support — performance of a contract / legitimate interests.
  • Legal compliance (tax, accounting, responding to lawful requests) — legal obligation.

3. Sharing your data

We share personal data with the following categories of recipients:

  • Merchant of Record (Paddle): for sale of subscriptions, subscription management, payments, tax compliance, and invoicing.
  • Service providers / subprocessors: hosting and database (Lovable Cloud / Supabase), AI model providers used to generate meal plans, and error-monitoring tools.
  • Professional advisers such as legal and accounting where required.
  • Authorities where we are required to do so by law.

4. International transfers

Some of our service providers are located outside the UK/EEA. Where personal data is transferred internationally, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

5. Retention

We keep account data for as long as your account is active. Generated meal-plan history is retained while you subscribe and for a short period afterwards so you can recover it. Technical logs are retained for up to 90 days. Data is deleted or anonymised when no longer needed, subject to legal retention requirements.

6. Your rights

Depending on your location, you have rights to access, rectify, erase, restrict or object to processing of your personal data, request portability, and withdraw consent at any time. UK/EEA users also have the right to lodge a complaint with a supervisory authority. We will respond to verified requests within one month.

7. Security

We use appropriate technical and organisational measures, including encryption in transit, access controls, and least-privilege database policies, to protect your personal data.

8. Cookies

We use essential cookies and local storage to keep you signed in and to operate the Service. We do not use advertising cookies. You can clear cookies in your browser settings; doing so will sign you out.

9. Contact

For privacy questions or to exercise your rights, contact ProteinPlan through the Service.

Try free — no signup needed