Privacy Policy

Effective Date: April 1, 2026

DitchToxic ("we," "us," or "our") is operated by ConsultingWhiz LLC. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use the DitchToxic mobile application and related services (collectively, the "Service"). By using the Service, you agree to the practices described in this policy.

1. Information We Collect

1.1 Information You Provide

Account Information: When you create an account, we collect your email address and display name.
Health Preferences: You may optionally provide health concerns, allergies, or dietary preferences to receive personalized safety alerts.
Product Preferences: Categories of products you are interested in scanning (cosmetics, food, household, baby, pet, supplements).
Community Submissions: If you contribute product data, ingredient corrections, or reviews, we collect that content along with your account identifier.
Support Communications: If you contact us for support, we collect the content of your messages.

1.2 Information Collected Automatically

Scan History: Records of products you scan, including barcode data, product names, and the safety grades generated.
Device Information: Device model, operating system version, app version, unique device identifiers, and language settings.
Push Notification Tokens: If you enable push notifications, we collect your device token to deliver product safety alerts and recall notices.
Usage Data: How you interact with the app, including features used, screens viewed, and scan frequency.

1.3 Information We Do NOT Collect

Photos and Images: When you use the AI Ingredient Analyzer camera feature, images are processed in real time and immediately discarded. We do not store, save, or retain any photos from your device.
Location Data: We do not collect, track, or store your geographic location.
Contacts: We do not access your contacts or address book.

2. How We Use Your Information

We use the information we collect to:

Provide and operate the Service, including generating ingredient safety ratings.
Personalize your experience by surfacing alerts for ingredients that match your health concerns.
Send push notifications about product recalls, safety updates, and scan results.
Improve and optimize the Service through analytics.
Monitor app stability and diagnose crashes.
Manage your subscription and process transactions through the App Store or Google Play Store.
Respond to your support requests.
Enforce our Terms of Service and protect against fraud or abuse.

3. Third-Party Services

We use the following third-party services to operate DitchToxic. Each service processes data only as necessary for its stated purpose:

Supabase: Cloud database and authentication. Stores your account data and scan history. Data is encrypted at rest and in transit. Supabase Privacy Policy
PostHog: Product analytics. Collects anonymized usage events to help us understand how the app is used and identify areas for improvement. PostHog Privacy Policy
RevenueCat: Subscription management. Processes subscription status and purchase receipts from Apple and Google. Does not handle payment card details directly. RevenueCat Privacy Policy
Google Cloud Vision (OCR): Optical character recognition for reading ingredient labels. Images are sent for processing and are not stored by Google after the response is returned. Google Cloud Privacy Notice
OpenAI: Ingredient analysis and safety evaluation. Ingredient text (not images) is sent for analysis. Data sent to OpenAI is not used to train their models and is not stored after processing. OpenAI Privacy Policy

4. Data Retention

Account Data: Retained for as long as your account is active. When you request account deletion, we will delete your personal data within 30 days.
Scan Cache: Temporary scan results are cached locally on your device for up to 7 days to improve performance, then automatically purged.
Analytics Data: Anonymized usage analytics are retained for up to 24 months for trend analysis.
Support Communications: Retained for up to 12 months after resolution.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties. We may share information only in the following circumstances:

Service Providers: With the third-party services listed in Section 3, solely to operate the Service.
Legal Requirements: If required by law, regulation, legal process, or governmental request.
Protection of Rights: To protect the rights, property, or safety of ConsultingWhiz LLC, our users, or the public.
Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

6. Data Security

We implement industry-standard security measures to protect your information, including encryption in transit (TLS 1.2+), encryption at rest, secure authentication, and access controls. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you.
Deletion: Request that we delete your personal data. You can initiate this from the app settings or by contacting us.
Correction: Request that we correct inaccurate personal data.
Portability: Request a machine-readable export of your data.
Opt Out of Analytics: You can disable analytics collection in the app settings.
Push Notifications: You can disable push notifications through your device settings at any time.

For California Residents (CCPA)

Under the California Consumer Privacy Act, you have the right to know what personal information we collect, request its deletion, and opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact us at privacy@ditchtoxic.com.

For European Residents (GDPR)

If you are in the European Economic Area, you have rights under the General Data Protection Regulation including access, rectification, erasure, restriction, portability, and the right to object to processing. Our legal basis for processing is your consent (which you may withdraw at any time) and our legitimate interest in operating and improving the Service. To exercise your rights, contact us at privacy@ditchtoxic.com.

8. Children's Privacy

DitchToxic is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete that information promptly. If you believe a child under 13 has provided us with personal data, please contact us at privacy@ditchtoxic.com.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. These countries may have different data protection laws. We take appropriate safeguards to ensure your information remains protected in accordance with this Privacy Policy.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy within the app and updating the "Effective Date" above. Your continued use of the Service after changes are posted constitutes your acceptance of the revised policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@ditchtoxic.com

Company: ConsultingWhiz LLC

Website: ditchtoxic.com