Privacy Policy

Last updated: April 22, 2026

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.

We use Your Personal Data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

  • Account means a unique account created for You to access our Service or parts of our Service.
  • Affiliate means an entity that controls, is controlled by or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
  • Application refers to Tima, the calorie and nutrition tracking mobile application provided by the Company.
  • Company (referred to as either "the Company", "We", "Us" or "Our" in this Agreement) refers to Tima.
  • Country refers to: Algeria.
  • Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
  • Personal Data is any information that relates to an identified or identifiable individual.
  • Service refers to the Application.
  • Service Provider means any natural or legal person who processes the data on behalf of the Company. This refers to third-party companies or individuals employed by the Company to facilitate the Service, provide the Service on behalf of the Company, perform services related to the Service or assist the Company in analyzing how the Service is used.
  • Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself.
  • You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

  • Email address
  • First name and last name
  • Push notification token (a device identifier used solely to deliver meal reminders and in-app notifications). You can disable notifications at any time via your device settings.

Health and Fitness Data

To provide the core functionality of the Service, we collect and process the following health and fitness information that you voluntarily provide:

Body Metrics

  • Age, height, current weight, goal weight, and (optionally) body fat percentage
  • Weight history entries

Nutrition Targets Your personalized daily targets for calories, protein, carbohydrates, fat, fiber, sugar, and sodium — calculated from your body metrics using standard nutritional science formulas.

Food Log Data Each meal entry you log stores:

  • Meal type (breakfast, lunch, dinner, or snack) and date
  • Serving amount, unit, and standardized weight in grams
  • The following 7 nutrition values: calories (kcal), protein (g), carbohydrates (g), fat (g), fiber (g), sugar (g), and sodium (mg)

Aggregated Nutrition Summaries We automatically compute and store daily totals and weekly averages from your food logs to power your dashboard and progress tracking. These summaries include the same 7 nutrition fields listed above and are retained as part of your account data.

Water Intake Records Daily water intake entries you log within the App.

Usage and Engagement Data We track your logging streak (consecutive days logged), your longest streak, and milestone achievements to support the motivation features within the App.

All health and fitness data is securely stored on our servers and is never sold or shared with advertisers. You may delete all of your data at any time.

Usage Data

Usage Data is collected automatically when using the Service. Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.

Legal Basis for Processing Your Personal Data

We process your Personal Data under the following legal bases:

  • Performance of a contract: account creation, service delivery, subscription management, and all functionality you actively use.
  • Explicit consent: collection and processing of your health and fitness data. We collect this data only with your affirmative consent provided during onboarding. You may withdraw this consent at any time by deleting your account.
  • Legitimate interests: anonymous crash reporting (Sentry), service security monitoring, and aggregate usage analytics to improve the App — provided these interests are not overridden by your rights.
  • Legal obligation: disclosures required by law or valid requests from public authorities.

Use of Your Personal Data

The Company may use Personal Data for the following purposes:

  • To provide and maintain our Service, including to monitor the usage of our Service.
  • To manage Your Account: to manage Your registration as a user of the Service. The Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user.
  • For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased or of any other contract with Us through the Service (e.g., via Google Play or Apple App Store).
  • To calculate your personalized nutrition targets: Your age, height, weight, goal weight, activity level, fitness goal, and (optionally) body fat percentage are processed on our servers to generate your daily calorie and macro targets. This processing occurs server-side via Supabase Edge Functions; no raw biometric data is shared with external parties.
  • To contact You: To contact You by email, push notifications, or other equivalent forms of electronic communication regarding updates or informative communications related to the functionalities, products or contracted services, including security updates.
  • To manage Your requests: To attend and manage Your requests to Us, including account deletion requests.
  • To improve food data quality: If you submit a food report (e.g., incorrect nutrition values) or a food name suggestion, your account identifier is stored alongside the report to allow follow-up and prevent abuse. These reports are not shared with third parties.
  • For business transfers: We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets.
  • For crash reporting and diagnostics: We use Sentry for anonymous crash reports to fix bugs. Sentry does not receive your health or fitness data.
  • For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends, and to evaluate and improve our Service.

What We Never Do

  • We never sell or transfer your health or fitness data to advertisers, data brokers, or information resellers.
  • We never use your health data to determine your eligibility for employment, insurance, credit, or housing.
  • We never share your health data for unauthorized social sharing or any purpose beyond delivering the Service to you.

Crowd-Sourced Food Contributions

When you use the Tima AI feature to analyze a traditional dish, an anonymous identifier (not linked to your account, name, or any personal data) is associated with that food analysis contribution. This anonymous contribution may be used to improve the shared Tima food database for all users. No personal data, health logs, or identifiable information is stored with crowd-sourced food analyses.

Retention of Your Personal Data

The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. Specifically:

  • Account and health data (food logs, body metrics, nutrition summaries): retained while your account is active, plus up to 30 days following a deletion request to allow for processing and backup clearance.
  • Usage and diagnostic data (Sentry crash reports): retained for 90 days.
  • Financial and subscription records: retained as required by applicable law (typically 5–7 years).

Transfer of Your Personal Data

Your information, including Personal Data, is processed at the Company's operating offices and on infrastructure provided by our Service Providers, which may be located outside of Algeria, including in the United States or the European Union.

Such international transfers are governed by our Service Providers' data processing agreements, which include Standard Contractual Clauses (SCCs) or equivalent safeguards as required, ensuring your data receives a level of protection consistent with applicable data protection law. By using the Service, You acknowledge this transfer.

Disclosure of Your Personal Data

Service Providers

We may share your Personal Data with the following third-party Service Providers to operate our Service:

  • Supabase — database and authentication infrastructure. Your account and health data is stored securely on Supabase servers with Row-Level Security (RLS) ensuring your data is isolated from other users.
  • Sentry — crash reporting and error diagnostics. Sentry receives anonymous technical and device data only; it does not receive your health or fitness data.
  • RevenueCat — subscription lifecycle management. RevenueCat receives your app store transaction identifiers, subscription status, and anonymous device identifiers. RevenueCat does not receive your health or fitness data.
  • Third-party food databases — the nutritional reference values in the Tima food database are sourced from trusted third-party food data platforms. These platforms do not receive your personal data or food logs; their data is pre-loaded into our servers.

Business Transactions

If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

Law Enforcement

Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Your Rights

You have the following rights regarding your Personal Data:

  • Right to access: You may request a copy of the personal data we hold about you by emailing support@tima.dz.
  • Right to rectification: You may correct inaccurate or incomplete data directly within the App or by contacting us.
  • Right to erasure: You may delete all your data at any time via Settings → Delete Account in the App, or by emailing support@tima.dz with the subject "Account Deletion Request".
  • Right to data portability: You may request an export of your personal data in a structured, machine-readable format by emailing support@tima.dz.
  • Right to object: You may object to the processing of your personal data for purposes based on legitimate interests.
  • Right to withdraw consent: You may withdraw your consent to health data processing at any time by deleting your account. Withdrawal does not affect the lawfulness of processing prior to withdrawal.

We will respond to all rights requests within 30 days. Please note that we may need to retain certain information when we have a legal obligation or lawful basis to do so.

Security of Your Personal Data

The security of Your Personal Data is important to Us. We implement the following security measures:

  • Encryption of data in transit (TLS/HTTPS) for all communications between the App and our servers.
  • Encryption of data at rest on Supabase infrastructure.
  • Row-Level Security (RLS) ensuring each user's data is strictly isolated and inaccessible to other users.
  • Role-based access controls limiting internal access to personal data on a need-to-know basis.

While We strive to use commercially acceptable means to protect Your Personal Data, no method of transmission over the Internet or method of electronic storage is 100% secure, and We cannot guarantee its absolute security.

Data Breach Notification

In the event of a data breach that affects your personal data, we will notify affected users within 72 hours of becoming aware of the breach, via email to your registered address. We will describe the nature of the breach, the data affected, and the steps we are taking to contain and remediate it.

Children's Privacy

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. We rely on users self-certifying their age during registration. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We will delete the account and all associated data within 7 days.

Links to Other Websites

Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party's site. We strongly advise You to review the Privacy Policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Changes to this Privacy Policy

We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.

We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the "Last updated" date at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, You can contact us:

By email: support@tima.dz