UtilizeXai
Back home

Privacy Notice

Last updated: 6/18/2026

1. Who we are

This Privacy Notice describes how UtilizeXAI (“we”, “us”), trading as UtilizeXai, collects and processes personal data when you use the Service. We act as the data controller for the personal data described below.

2. Personal data we collect

  • Account data: name, email, password hash, authentication identifiers.
  • Profile data: optional fitness profile (weight, height, age, gender, activity level, goal).
  • Content you submit: images you scan, prompts, and AI-generated outputs.
  • Usage data: scans performed, credits consumed, feature interactions, daily food/workout logs.
  • Device & technical data: IP address, browser type, device identifiers, log data.
  • Support data: messages you send to support.

Payment card data is collected directly by our payment processor Stripe and is not stored on our servers.

3. Why we use it (purposes & legal basis)

  • Provide the Service (account creation, AI processing, displaying results) — performance of contract.
  • Personalise outputs (fitness profile, daily targets) — performance of contract.
  • Billing and subscription management via Stripe — performance of contract / legal obligation.
  • Security, fraud prevention, and abuse moderation — legitimate interests.
  • Product improvement and analytics — legitimate interests.
  • Customer support — performance of contract / legitimate interests.
  • Legal compliance — legal obligation.

4. Who we share data with

  • Stripe Payments — our payment processor. Stripe handles checkout, payments, tax calculation, invoicing, and subscription management.
  • Hosting and infrastructure providers — for running our database, storage, and edge functions.
  • AI model providers — your prompts and submitted images are sent to AI providers to generate outputs.
  • Analytics tooling — to understand usage in aggregate.
  • Professional advisers (legal, accounting) where necessary.
  • Authorities where required by law.

5. International transfers

Our service providers may process data outside your country, including in the United States and the European Economic Area. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

6. Retention

We keep personal data only as long as necessary to provide the Service and meet legal, accounting, or reporting obligations. Account and usage data is retained for the life of your account; on deletion we remove or anonymise it within a reasonable period, except where retention is required by law (e.g. tax and billing records held by Stripe).

7. Your rights

Subject to your local law, you have the right to:

  • Access the personal data we hold about you;
  • Request correction or deletion;
  • Restrict or object to processing;
  • Request portability of data you provided;
  • Withdraw consent where processing is based on consent;
  • Lodge a complaint with your local data protection authority.

To exercise these rights, contact us through the in-app support channel.

8. Security

We use appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, and authentication safeguards. No system is fully secure; please use a strong, unique password.

9. Cookies

We use strictly necessary cookies and local storage to keep you signed in and remember your preferences. We may also use limited analytics cookies to understand usage patterns. You can manage cookies through your browser settings.

10. Children

The Service is not intended for children under 16. We do not knowingly collect data from children. If you believe a child has provided us data, please contact us so we can delete it.

11. Changes

We may update this Notice. Material changes will be communicated through the Service.

12. Contact

For privacy questions, contact UtilizeXAI through the in-app support channel. For payment-related data handled by Stripe, see Stripe's privacy policy.