Privacy Policy

Last updated: February 2026

AllerGen is designed with privacy at its core. All your personal data, including allergy profiles, food logs, and reaction logs, is stored locally on your device. We do not operate user accounts and do not store your personal data on our servers.

Octopye Digital Designs ("we", "us", or "our") operates the AllerGen mobile application (the "App") and the website at allergen.octopye.com (the "Website"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App and Website.

We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data Controller

Octopye Digital Designs is the data controller responsible for your personal data. If you have any questions about this policy, please contact us at support@octopye.com.

2. Information We Collect

2.1 Locally Stored Data (On-Device Only)

AllerGen stores all user-generated data locally on your device using AsyncStorage. This data never leaves your device unless you explicitly use a feature that requires transmission (such as scanning). Locally stored data includes:

Allergy Profiles: Your food allergies and sensitivity levels that you enter into the App.
Food Logs: Records of foods you have scanned or manually logged, including product names, ingredients, and safety assessments.
Reaction Logs: Any allergic reaction records you create, including symptoms, severity, dates, and suspected trigger foods.
App Preferences: Your settings and preferences within the App.

AllerGen does not require user accounts, registration, or authentication. We do not collect your name, email address, phone number, or any other personally identifiable information to use the App.

2.2 AI Image Analysis Data

When you use the food label scanning feature, images of food labels or products are sent to our servers for processing using artificial intelligence (powered by OpenAI). This processing is necessary to identify ingredients and detect potential allergens.

Images are transmitted securely over HTTPS to our servers for real-time analysis.
Images are processed in memory and are not stored, saved, or retained on our servers after analysis is complete.
The analysis results are returned to your device and stored locally as part of your food log.
We do not use your images for training, marketing, or any purpose other than providing the allergen analysis you requested.
Image processing is subject to OpenAI's Privacy Policy.

2.3 Barcode Scanning Data

When you scan a product barcode, the barcode number is sent to the Open Food Facts API to retrieve product information. Open Food Facts is a free, open, collaborative database of food products from around the world.

Only the barcode number is transmitted — no personal information is sent with these requests.
Product data retrieved is stored locally on your device as part of your food log.
Open Food Facts operates under its own terms of use.

2.4 Subscription Data (RevenueCat)

If you purchase a subscription through the App, payment and subscription management is handled by RevenueCat. RevenueCat may collect:

An anonymous app user ID generated by the RevenueCat SDK
Purchase and subscription transaction history
Device identifiers for subscription validation and fraud prevention
Platform information (iOS or Android) and app version
Country and currency information for pricing

Actual payment processing is handled entirely by Apple (App Store) or Google (Google Play). We do not have access to your payment card details, billing address, or financial information.

3. User Accounts & Authentication

AllerGen does not require user accounts or authentication. You do not need to create an account, provide an email address, or sign in to use the App. This means we hold no user credentials, account data, or login information.

4. How We Use Your Information

We use the information described above for the following purposes:

Allergen Detection: To analyse food labels and identify ingredients that may trigger your allergies.
Barcode Product Lookup: To retrieve product information and ingredient lists from the Open Food Facts database.
Food Safety Assessment: To provide you with safety ratings and warnings based on your allergy profile.
Personal Record Keeping: To allow you to maintain logs of foods consumed and any allergic reactions experienced.
Subscription Management: To manage your subscription status and provide access to premium features.

5. Data Storage and Security

Local-Only Storage

All personal data within AllerGen is stored exclusively on your device using AsyncStorage. We do not maintain any user databases, cloud storage, or server-side repositories of your personal information. This means:

Your data is as secure as your device itself.
If you uninstall the App or clear its data, all locally stored information is permanently deleted.
We cannot access, recover, or retrieve your data because it exists only on your device.
There is no synchronisation or backup to external servers.

Data transmitted to third-party services for processing (image analysis, barcode lookups) is sent over encrypted HTTPS connections.

6. Cookies

The AllerGen mobile app does not use cookies. Our Website landing page may use essential cookies only for basic functionality. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. For more information, please see our Cookie & Data Policy.

7. Third-Party Services

The App integrates with the following third-party services:

OpenAI — Powers AI food label analysis. Images are sent for processing and are not retained. Subject to OpenAI's Privacy Policy.
Open Food Facts — Provides barcode product lookups. Only the barcode number is transmitted. Subject to Open Food Facts Terms of Use.
RevenueCat — Manages subscriptions and in-app purchases. Collects anonymous identifiers and purchase data. Subject to RevenueCat's Privacy Policy.
Apple App Store / Google Play Store — Handles app distribution and payment processing.

Each third-party service operates under its own privacy policy, and we encourage you to review them.

8. Data Retention

Since all user data is stored locally on your device, data retention is entirely within your control. Data persists on your device until you choose to delete it. We do not retain any user data on our servers. When you use the AI image analysis feature, images are processed in real-time and immediately discarded after the analysis result is returned to your device.

For detailed instructions on deleting your data, see our Data Deletion page.

9. Your Rights Under UK GDPR

Under the UK General Data Protection Regulation and the Data Protection Act 2018, you have the following rights:

Right of Access: You have the right to request copies of your personal data. Since all data is stored locally on your device, you already have full access.
Right to Rectification: You can correct any inaccurate data directly within the App at any time.
Right to Erasure: You can delete individual entries within the App or remove all data by uninstalling the App or clearing its storage.
Right to Restrict Processing: You can restrict processing by not using specific features such as the AI scanning or barcode lookup.
Right to Data Portability: As all data resides on your device, you maintain complete control over your information.
Right to Object: Since data processing occurs only when you actively use features, you control when and whether processing occurs.

To exercise any of these rights regarding data held by third-party services (such as RevenueCat), please contact us at support@octopye.com. We will respond to your request within 30 days.

10. Lawful Basis for Processing

Where we process personal data, we rely on the following lawful bases under Article 6 of the UK GDPR:

Consent: You consent to image processing when you choose to use the food label scanning feature.
Contractual Necessity: Processing is necessary to provide the services you have requested, including barcode lookups and subscription management.
Legitimate Interests: We have a legitimate interest in maintaining the security and functionality of the App and Website.

11. Children's Privacy

AllerGen is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@octopye.com, and we will take steps to address the situation. For children aged 13 to 16 in the EEA/UK, parental consent may be required in accordance with GDPR Article 8.

12. International Data Transfers

When you use the food label scanning feature, image data may be transmitted to servers located outside your country of residence (including the United States) for AI processing. Barcode data may also be sent to Open Food Facts servers. These transfers are conducted using encrypted connections and are limited to the duration of the processing request, as data is not retained.

13. No Advertising or Tracking

AllerGen does not contain any third-party advertising. We do not share your data with advertisers, ad networks, or data brokers. We do not use tracking pixels, advertising identifiers, or any form of ad-related data collection.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

15. Related Policies

Cookie & Data Policy — Learn about how cookies and local storage are used.
Delete Your Data — Instructions for deleting your data and submitting data requests.

16. Contact Us

If you have any questions about this Privacy Policy, your data, or our practices, please contact us:

Octopye Digital Designs

Email: support@octopye.com

Website: allergen.octopye.com