Privacy Policy

Overview

TrackFlow (the "App") is operated by the TrackFlow team ("we", "us"). This policy explains what data we collect, how it is stored, and the rights you have over it.

What we collect

• Account data: your name, email address and a hashed password.
• Profile data: the body stats you enter (weight, height, age, gender, activity level, goal) used to calculate your calorie and macro targets.
• Health data you log: food entries, habit completions, water intake, sleep, mood, weight and body fat entries.
• App usage: anonymous events and crash reports used to keep the app stable.

Where and how your data is stored

Your account and health data are stored on TrackFlow's own servers in a managed Postgres database (Neon), accessed through a Node.js/Express API that we operate. Data is encrypted in transit using HTTPS/TLS. Passwords are never stored in plain text — they are securely hashed (bcrypt). We do not currently advertise end-to-end encryption of your stored data.

AI Coach & third-party processors

When you ask the AI Coach a question, the prompt and relevant recent health-data summaries are sent through our server to Groq, which generates the AI response. Groq is a model inference provider; we use it strictly to produce coaching responses.

What we do not do

• We do not sell your personal data.
• We do not share your individual health data with advertisers.
• We do not use your private health data to train third-party models.

Your rights

You can export all your data or permanently delete your account at any time from inside the app. Both features are real, self-serve, and don't require contacting support.

Children

TrackFlow is not intended for children under 13. We do not knowingly collect data from anyone under 13.

Contact

Questions about this policy? Email hello@trackflow.app.