Privacy Policy

Last updated: April 16, 2026

The short version: your recovery data is yours. We don't train AI models on your messages or check-ins. We don't sell your data to anyone. We collect the minimum we need to make Unbinge work, and we're transparent about what that is. This page spells out the details.

Who we are

Unbinge is a mobile recovery app for people healing their relationship with food. Unbinge is operated as a sole proprietorship. You can reach us anytime at support@unbingeapp.com.

What we collect

Account information

When you create an account, we store your email address and a securely hashed password. If you use Unbinge in guest mode, we don't collect any account information — your data stays on your device.

Recovery data you enter

Unbinge stores the information you choose to track: your recovery start date, urges you log, meals you check in with (hunger and fullness only — no calories or weight), mood check-ins, body relationship check-ins, journal entries, and streak history. If you create an account, this data is synced to our servers via Supabase so it's available on all your devices. If you're in guest mode, it lives only on your device.

Koa (AI companion) conversations

Messages you send to Koa are transmitted to Google's Gemini API to generate a response, then stored in our database so you can see your chat history. We do not use your Koa conversations to train any AI model, and we have configured our Google Cloud account to opt out of their usage for Google's model improvement. We also apply rate limits to Koa (200 messages per day, 5 per minute) to protect both you and the service from abuse.

Community posts and replies

Posts you create in the community feed, and your support replies to others, are visible to all Unbinge members. Your community username is separate from your email address by default. You can block users, report posts, and delete your own content at any time.

Device and usage information

We collect standard mobile app diagnostics — crash reports, performance metrics, and basic usage patterns (e.g., which tabs are opened). This data is aggregated and used to fix bugs and improve the app. We do not collect your device's location, contacts, photos, or health data.

Payment information

Subscriptions are processed by Apple via the App Store (and Google Play for Android). We never see your card number. We use RevenueCat to track subscription status — they receive an anonymous user ID and the product you purchased, and nothing more.

What we don't collect

• We do not collect your weight, height, BMI, or any body measurements.
• We do not collect calorie, macro, or nutritional data.
• We do not collect food photos.
• We do not collect location data.
• We do not collect contacts, photos, or camera data.
• We do not use third-party advertising SDKs. There are no ads in Unbinge.

How we use your data

We use the data we collect to (a) make Unbinge work — showing you your streak, insights, and conversation history; (b) respond to you when you message Koa; (c) keep the community feed running and moderated; (d) fix crashes and improve the app; and (e) process your subscription. That's it.

Who we share data with

We share data only with the infrastructure providers we need to run the app:

• Supabase (authentication, database, storage) — stores your account and recovery data
• Google Gemini (AI) — processes Koa messages; usage for model training is disabled
• Apple & Google — process payments and distribute the app
• RevenueCat — tracks subscription status
• Expo / EAS — handles app builds and over-the-air updates

We never sell your data. We never share data with advertisers, data brokers, or third parties outside of the infrastructure list above.

Your rights

You have the right to see, correct, export, or delete the data we have about you at any time.

• See or export: Email us at support@unbingeapp.com and we'll send you a full export within 14 days.
• Correct: You can edit most of your data directly in the app (streak start date, journal entries, posts, etc.).
• Delete: You can delete your account from inside the app (Profile → Settings → Delete Account). This removes your data within 30 days.

If you're in the EU or UK, you also have specific rights under GDPR (access, rectification, erasure, restriction, objection, portability). If you're in California, you have specific rights under CCPA. You can exercise any of these rights by emailing us.

Data retention

We keep your data as long as your account is active. When you delete your account, we delete your personal data within 30 days, except where we're legally required to keep certain records (e.g., transaction records for tax purposes). Anonymized, aggregated usage data may be retained for analytics.

Children

Unbinge is not intended for users under 17. If we learn we've collected data from someone under 17, we'll delete it immediately. Please contact us if you believe a child has created an account.

Security

We use industry-standard encryption in transit (TLS) and at rest. Passwords are hashed using bcrypt. Access to production data is restricted and logged. That said, no system is perfectly secure — if a breach occurs that affects your data, we'll notify you within 72 hours.

International transfers

Our servers are located in the United States. If you're using Unbinge from outside the US, your data will be transferred to and processed in the US. By using Unbinge, you consent to this transfer.

Changes to this policy

If we make material changes to this policy, we'll notify you via email (if you have an account) and post a notice in the app. Continued use of Unbinge after changes means you accept them.

Contact us

Questions, concerns, or data requests: support@unbingeapp.com. We aim to respond to every email within 2 business days.