Privacy Policy

This Privacy Policy explains how Vookka ("we", "us", or "our") collects, uses and protects information when you use the Vookka mobile application ("App"). By using the App, you agree to the practices described in this policy.

1. Information We Collect

• Account information — your name and contact (phone number or email address), used for authentication.
• Label images — photos you take of product labels, stored on our servers to enable scan history.
• Extracted text — the ingredient list extracted from your label images via OCR processing.
• Health & family profiles — optional health information (age, medical conditions, activity level) you provide for personalised analysis.
• Device push token — used solely to send you in-app alerts you have opted into.
• Usage data — aggregated, non-personal metrics such as total scans and average score, used to display your in-app statistics.

2. How We Use Your Information

• To analyse ingredient lists and generate per-ingredient health insights using AI.
• To personalise scan results for each family member based on their health profile.
• To save your scan history so you can review it at any time.
• To send optional push notifications you have enabled.
• To authenticate you and secure access to your account.

3. AI Processing & Third-Party Services

• Anthropic (Claude AI) — ingredient text extracted from your labels is sent to Anthropic's API for analysis. Anthropic's privacy policy governs this data. We do not send images — only extracted text.
• OCR processing — text extraction runs on our own servers. Your images are not shared with third parties.
• Firebase (Google) — used for authentication. Governed by Google's Privacy Policy.
• Google Cloud Run — our API is hosted on Google Cloud, Asia-South1 (Mumbai) region.

We do not sell, rent, or share your personal data with advertisers or data brokers.

4. Data Storage & Security

• All data is stored on secured servers and protected with JWT authentication.
• Passwords are never stored — we use OTP-based authentication only.
• API access is authenticated and authorised — no other user can access your data.
• Data is stored in MongoDB with connection-level encryption.

5. Data Retention

We retain your account data and scan history for as long as your account is active. You may delete individual scans or your entire account at any time from within the App. Upon account deletion, all associated data — including images, scan records and health profiles — is permanently removed within 30 days.

6. Your Rights

• Access — view all your stored data through the App at any time.
• Correction — edit your profile, health information and family members at any time.
• Deletion — delete individual scans or your entire account from Profile → Delete Account.
• Data export — contact us at support@vookka.com to request an export of your data.
• Notification opt-out — disable push notifications at any time in your device settings.

7. Children's Privacy

Vookka is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by displaying a notice in the App. Your continued use of the App after any changes constitutes your acceptance of the revised policy.

9. Contact