Privacy Policy for Veranvi
Last updated: March 2026
Language: English · Polski
Thank you for using Veranvi (“we”, “us”, or “our”).
This Privacy Policy explains what information we collect, how we use it, and what choices you have.
Some of the information described in this policy may constitute personal data under applicable data protection laws, even if it does not directly identify you.
Veranvi is designed to function without user accounts or mandatory personal identification.
Data Controller
The data controller responsible for processing personal data in the Veranvi app is:
Michał Porwisz, conducting business activity under the name "Michał Porwisz"
Machaya 22
30-135 Kraków
Poland
For any privacy-related inquiries, you may contact us at:
support@veranvi.com
Legal Basis for Processing (EEA Users)
If you are located in the European Economic Area (EEA), we process personal data based on the following legal grounds:
- Performance of a contract – to provide the core functionality of the app.
- Legitimate interests – to maintain and protect the security and reliability of our services.
Medical Disclaimer
Veranvi is not a medical device and does not provide medical advice, diagnosis, or treatment.
The information and guidance provided by the app, including AI-generated responses, are intended for general informational and lifestyle purposes only. Users should consult a qualified healthcare professional for medical advice.
1. Information We Collect
a) Information You Provide Directly
Health and Lifestyle Data
When you use the app, you may voluntarily enter information such as:
- body weight
- progress tracking information
- diet-related information
- goals related to weight management
This information is used solely to provide the core functionality of the app.
Meal Descriptions
You may enter free-text descriptions of meals for analysis.
Please do not include personal, sensitive, or identifying information beyond the description of the meal itself.
Some of the data you provide (such as weight or dietary information) may be considered health-related data under applicable laws. We process such data solely to provide the app’s functionality and do not use it for any other purposes.
b) Information We Collect Automatically
Pseudonymous Device Identifier
We use a pseudonymous device identifier associated with your app installation.
This identifier:
- may use a platform-provided identifier such as Android ID
- is not linked to your identity
- is used to enable app functionality such as backend access control, abuse prevention, and rate limiting
Security and Anti-Abuse Data
To protect the app and backend services, we may automatically process technical and security-related data such as:
- Google Play Integrity attestation tokens
- your pseudonymous device identifier
- IP address and related network information used for rate limiting and abuse prevention
- limited technical and security log data, which may include pseudonymous identifiers derived from device- or network-related information
This information is used solely to secure the service, detect abuse, and enforce access controls.
Subscription and Billing Verification Data
If you purchase or restore a subscription, we may process subscription-related data required to verify and maintain your premium access, such as:
- purchase tokens
- subscription product identifiers
- subscription status and expiry information
- information received from Google Play needed to verify and manage your subscription
This information is used solely for subscription verification, fraud prevention, entitlement management, and customer support or audit purposes where necessary.
2. How We Use Your Information
We use the collected information for the following purposes:
- Core App Functionality
To track weight, goals, and progress and to provide feedback within the app.
- Service Protection
The pseudonymous device identifier, Play Integrity attestation data, limited network/security metadata, and limited technical/security logs are used to protect the backend services from misuse, enforce fair usage limits, and secure premium access.
- Subscription Management
Subscription and billing verification data are used to validate purchases, restore entitlements, detect fraud or abuse, and manage premium access.
AI-Based Features
Some features of the app may use third-party artificial intelligence (AI) services to analyze user-provided information and generate responses or feedback.
This may include:
- analysis of meal descriptions
User-provided content such as meal descriptions submitted for analysis may be transmitted to third-party AI service providers for processing.
These providers process the data according to their own privacy policies and applicable data protection laws. We only transmit the information necessary to generate the requested response.
Some third-party AI service providers may process data outside the European Economic Area (EEA), including in the United States, in accordance with applicable data protection laws and contractual safeguards.
3. Data Processing and Sharing
We do not sell your personal data and do not use your data for advertising profiling or targeted advertising.
Third-Party Processing
User-provided content such as meal descriptions submitted for analysis may be processed by third-party cloud-based AI service providers acting on our behalf in order to generate responses or feedback within the app.
Platform and Payment Providers
Subscription-related data may also be processed by platform providers such as Google Play to manage billing, subscription renewals, purchase verification, and entitlement status.
Legal Requirements
We may disclose information if required by law or to comply with legal obligations.
International Transfer
Where personal data is transferred outside the European Economic Area (EEA), we rely on appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or equivalent mechanisms provided by our service providers, where applicable.
4. Data Storage
Information you provide may be stored:
- locally on your device
- on our servers only where needed to provide specific backend-supported features, such as subscription verification, security, and meal analysis processing
Server-side records used for these features are associated with a pseudonymous device identifier rather than your name or direct identity.
5. Data Retention
We retain personal data only for as long as necessary to provide the app’s functionality, ensure security, and comply with legal obligations.
Our current server-side operational retention periods are generally as follows:
- backend application logs: up to 30 days
- temporary rate-limiting and operational cache data: from minutes to no more than 24 hours, depending on the type of data
- subscription entitlement and verification records: retained for as long as needed to manage premium access, prevent fraud or abuse, handle support issues, and meet legal, accounting, or audit requirements
- deletion request handling records: up to 12 months after completion
Temporary technical data such as logs or security-related information is retained for a limited period (typically 30–90 days depending on purpose and log type) for debugging, abuse prevention, and system integrity purposes, after which it is deleted or allowed to expire.
Where feasible, technical and security logs are designed to use pseudonymous identifiers rather than directly logging raw device identifiers.
If you uninstall the app, locally stored data is removed from your device.
For server-side data deletion requests, you may contact us using the information below. Because Veranvi currently operates without user accounts, we may need information that allows us to match your request to the relevant app installation or server-side record before processing deletion.
Deletion from active systems does not necessarily mean immediate deletion from encrypted backups or disaster recovery copies. Where backup copies exist, they are retained only until they are overwritten or expire under the applicable backup retention schedule.
6. Your Rights and Choices
Depending on your location and applicable law, you may have the right to:
- access your personal data
- request correction of inaccurate data
- request deletion of your data
- request restriction of processing of your data
- object to processing of your data based on legitimate interests
- request portability of your data in a structured, commonly used format
- manage notification preferences
If you are located in the EEA, you also have the right to lodge a complaint with your local data protection supervisory authority.
To exercise any of these rights, please contact us at the address listed below.
Because the app currently does not use user accounts, some rights requests may require additional verification information so we can reasonably match your request to the correct pseudonymous server-side record.
7. Data Security
We implement appropriate technical and organizational measures to protect data against unauthorized access, loss, or misuse.
Data transmitted between your device and our servers is encrypted.
8. Children’s Privacy
Veranvi is not intended for children under the age of 13, and we do not knowingly collect personal information from children.
9. Changes to This Policy
We may update this Privacy Policy from time to time.
Significant changes will be communicated within the app.
10. Contact Us
If you have questions or requests regarding this Privacy Policy, please contact us at:
support@veranvi.com