Privacy Policy

Effective: 25 April 2026 · App: Protein Pilot (iOS) · Operator: Ugur Kilic

What we collect

We collect the absolute minimum to make Protein Pilot work. Specifically:

• Anonymous user ID. A random UUID generated on-device the first time you launch the app, stored in iOS Keychain. This is what we use to associate your meal plans with you. It is not linked to your name, email, phone number, or Apple ID.
• Onboarding inputs. Weight, height, age, sex, region, dietary preferences and your protein/calorie targets. Sent to our server so we can generate your meal plan.
• Meal plans + check-in history. The plans the AI generates for you and which meals you mark as done. Stored on our server keyed by your anonymous UUID.
• Crash + error reports. If the app crashes or hits an error, we send a stack trace to Sentry for diagnosis. These reports do not include your identity, weight, or any food data.

What we don't collect

• No name, email, phone number, or Apple ID.
• No advertising IDs, IDFA, or fingerprinting signals.
• No location.
• No camera, photos, microphone, or contacts.
• No tracking across other apps or websites. We do not use Apple's App Tracking Transparency framework because we do not track.

Third parties we share data with

• OpenAI — your protein/calorie targets, region, and dietary preferences are sent to OpenAI's API to generate your plan. OpenAI's data-usage policy for API customers prohibits training on this data. See OpenAI API data usage policies.
• Apple StoreKit / App Store — subscription purchases happen entirely through Apple. We never see your payment details.
• Sentry — crash and error reports as described above.
• Hetzner — our backend runs on Hetzner Cloud servers in Germany / Finland. They host the data only; they do not access it.

How long we keep data

Plans, check-ins, and prompt logs are kept indefinitely while you use the app. If you uninstall, the anonymous UUID is deleted from your device's Keychain and we have no way to identify you again. To request deletion of any plan rows on the server before then, email us (see below).

Children

Protein Pilot is not intended for children under 13. We do not knowingly collect data from children.

Your rights (GDPR / UK GDPR)

If you are in the UK or EU, you have the right to access, correct, or delete your personal data, and to object to processing. Email the address below to exercise any of these rights. Because all of our data is keyed on an anonymous UUID, the easiest way to exercise your right of erasure is to send us your UUID — you can find it under Settings → About in a future build, or simply uninstall the app and we'll have no way to identify you.

Changes

If we change this policy, the "Effective" date at the top will update. Material changes will be announced in the app on next launch.

Contact

Questions or requests: contact@urklc.com.