Privacy Policy

When you sign up and use MacroMatch, we collect the following information:

• Account info from Clerk (our authentication provider): email address, name, and any identity you connect via Google or other OAuth providers.
• Profile info you provide directly: birth date (used to calculate your basal metabolic rate), sex assigned at birth, height, weight, activity level, dietary goal, location (city or ZIP), and any dietary preferences, allergies, or avoidances you set.
• Usage data: meals you log in your diary, searches you run, meals you save or order, and the preferences you set in the app.
• Technical data: standard server logs (IP address, user agent, request timestamps) from our hosting provider (Vercel).

• We do not collect payment card details directly. Payments, when applicable, are handled by Stripe — your card never touches our servers.
• We do not access your device's contacts, photos, microphone, or camera.
• We do not collect precise GPS location. Location is approximated from your IP address or a ZIP code you enter manually.
• We do not sell your personal data. Ever.

• To calculate your personal calorie and macro targets.
• To rank restaurant meals against your targets and preferences.
• To sync your profile and diary across devices when you sign in.
• To improve the product — we look at anonymized usage trends (e.g. which search prompts return zero results) to fix gaps.

MacroMatch sends limited data to these services to provide functionality. Each one has its own privacy policy:

• Clerk — account authentication and session management. They receive your email and any profile metadata we store with them.
• Anthropic (Claude API) — powers our AI features (natural-language search, meal estimation, the consultant). Your search prompts and meal descriptions are sent to Claude. Anthropic does not train their models on this data.
• Nutritionix — restaurant nutrition database. When you search, we send the food-related search terms (e.g. “chicken bowl”) to Nutritionix to look up matching menu items. Your name, email, account identity, and macro profile are never included in these requests.
• FatSecret — restaurant nutrition database, used the same way as Nutritionix: it receives only food-related search terms, never your identity or profile data.
• Supabase — our database. Stores your profile, diary, and saved meals so they sync across devices.
• PostHog — product analytics. Records how the app is used (pages viewed, searches run, meals selected) so we can fix what isn’t working. If you’re signed in, these events are linked to your account identifier so we can understand usage across sessions; they are never sold or shared for advertising.
• Sentry — error monitoring. If the app crashes or hits a bug, technical details (including your IP address and, in a sample of sessions, a replay of the in-app interaction that led to the error) are sent to Sentry so we can reproduce and fix it.
• Vercel — hosting and infrastructure. Server logs pass through their network.
• Stripe — payments processing, if you ever subscribe to a paid plan.

• Access: you can see your profile and diary at any time inside the app.
• Edit: you can update your profile, dietary preferences, and diary entries directly.
• Delete: email us (see below) to request account deletion. We will remove your account and associated data from our systems and ask Clerk to delete your authentication record. Some anonymized usage data may persist in aggregated form.
• Export: email us to request a copy of your data.

We use cookies set by Clerk to keep you signed in. We do not use third-party advertising cookies or cross-site tracking. We use PostHog, a first-party analytics tool, to understand how users move through the app. For visitors who aren’t signed in, this data is anonymous; for signed-in users, events are associated with your account identifier (see “Third-party services” above). We never use this data for advertising, and we never sell it.

MacroMatch is not intended for users under 13. If you are under 13, do not use this app. We do not knowingly collect data from children under 13; if we learn we have, we will delete it.

Your data is stored with industry-standard providers (Clerk, Vercel) that encrypt data in transit (TLS) and at rest. No system is perfect; in the event of a breach affecting your data, we will notify affected users within 72 hours of discovery, in line with applicable law.

We may update this policy as the product evolves. Material changes will be communicated via email or an in-app notice. The "Last updated" date at the top of this page always reflects the current version.

Questions, requests, or concerns about your data? Email hello@macro-match.com.