Our promises.
- 01Your photos are never stored — permanently deleted immediately after analysis.
- 02We never sell your personal data to any third party. Ever.
- 03We never use your health data for advertising purposes.
- 04You can delete your account and all data at any time.
- 05This app is not a medical device — it does not diagnose, treat, or prevent any condition.
Who we are
poo.ai is an independent mobile application developed and operated by Cagri Uzun ("we", "us", or "our"). We are accessible via the poo.ai app on iOS.
For privacy-related questions, you can reach us at privacy@pooai.app.
Photos & image data
poo.ai uses your device camera to capture an image for analysis. This is the most sensitive part of our service, and we want to be completely transparent about how it works.
You take a photo using the in-app camera. Gallery uploads are not permitted — only live camera captures are accepted.
The image is transmitted over an encrypted connection directly to our AI analysis provider (Google Gemini) for processing.
The AI returns a text-based analysis result. The image is then immediately and permanently deleted — never written to disk on our servers, never stored in a database.
Only the text result (score, Bristol type, color assessment, nutrition tips) is saved to your account history.
What data we collect
Information you provide
| Data | Why we collect it | Stored? |
|---|---|---|
| Email address | Account creation and login | Yes — encrypted |
| Password | Authentication | Yes — hashed |
| Age group | Personalise AI analysis | Yes |
| Sex | Personalise AI analysis | Yes |
| Known gut conditions | Improve analysis accuracy | Yes |
| Medications (optional) | Improve analysis context | Yes |
| Leaderboard nickname | Anonymous leaderboard display | Yes |
| Photos / camera captures | AI analysis only | No — deleted immediately |
Data collected automatically
| Data | Purpose |
|---|---|
| Scan results (score, type, color, tips) | Your personal history and trends |
| Scan timestamps | Streak tracking and history |
| App usage events (anonymised) | Improving the app experience |
| Device type and OS version | Technical support and compatibility |
| Subscription status | Access control for premium features |
What we do not collect
- Your precise location or GPS data
- Your contacts, messages, or other apps
- Your browsing history or activity outside poo.ai
- Any photos from your camera roll or photo library
- Your real name (only an email is required)
- Any biometric identifiers
How we use your data
We use your data only for the following purposes:
- Providing the service: Running your scan analysis, saving your history, and displaying your results.
- Personalising your analysis: Using your age, sex, and health profile to improve the accuracy and relevance of AI-generated insights.
- Account management: Authentication, subscription management, and customer support.
- Improving poo.ai: Anonymised, aggregated usage patterns to improve app performance and features. This data cannot be traced back to you.
- Legal compliance: Meeting our obligations under applicable laws.
Third-party services
poo.ai uses a small number of trusted third-party services to operate. Here is exactly who they are and what data they receive:
| Service | Purpose | Data shared | Policy |
|---|---|---|---|
| Supabase | User auth, database, app infrastructure (EU region) | Email (encrypted), account data, scan results, health profile | View → |
| Google Gemini API | AI image analysis of stool photo | Captured photo only — no name, email, or profile data. Image processed in seconds and not retained. | View → |
| RevenueCat | Subscription and payment management | Anonymised user ID, subscription status, purchase events | View → |
| Resend | Transactional email delivery (verification, password reset) | Email address and email content (verification code) | View → |
| Apple App Store | App distribution and payment processing | Governed by Apple's own privacy policy | View → |
We do not use any advertising networks, data brokers, or analytics services that track you across other apps or websites.
Your consent to AI processing
Before your first scan, the app explicitly asks for your permission to send your photo to Google Gemini for analysis. You may withdraw this consent at any time by ceasing to use the scan feature; doing so does not delete your existing account data. You may also delete your account at any time to remove all associated data.
Health data — special protections
Some of the information you share with poo.ai — such as your known gut conditions, medications, and scan results — may be considered health data under applicable privacy laws including GDPR (EU/UK), CCPA (California), and HIPAA-adjacent frameworks.
We apply the following additional protections to all health-related data:
- Health data is stored in encrypted form at rest and in transit.
- Access to health data is strictly limited to the systems and personnel necessary to provide the service.
- We do not share health data with any third party for commercial, research, or marketing purposes.
- Health data is deleted immediately and permanently when you delete your account.
Your rights
Depending on where you live, you may have the following rights over your personal data. We honour all of these regardless of your location.
California residents (CCPA)
California residents have additional rights under the California Consumer Privacy Act. We do not sell personal information. You have the right to know, delete, and opt-out of the sale of your personal information (though we do not sell it). To exercise these rights, contact us at privacy@pooai.app.
EU/UK residents (GDPR)
Our legal basis for processing your personal data is your consent (given at account creation) and the performance of our contract with you (providing the service). You have the right to lodge a complaint with your local data protection authority.
Children's privacy
poo.ai is intended for use by individuals aged 18 and over. We do not knowingly collect personal information from anyone under the age of 18.
If we become aware that a person under 18 has created an account, we will immediately delete their account and all associated data. If you believe a minor has used poo.ai, please contact us at privacy@pooai.app.
Data security
We take the security of your data seriously and implement the following measures:
- All data is transmitted using TLS encryption (HTTPS).
- All stored data is encrypted at rest using industry-standard AES-256 encryption.
- Passwords are hashed using bcrypt and are never stored in readable form.
- Photos are processed in memory and never written to persistent storage.
- Access to user data is restricted to authorised systems only.
- We conduct regular security reviews of our infrastructure.
In the unlikely event of a data breach that affects your personal information, we will notify you within 72 hours as required by applicable law.
Changes to this policy
We may update this privacy policy from time to time. If we make material changes, we will notify you via a notification within the app and update the "Last updated" date at the top of this page.
Your continued use of poo.ai after any changes constitutes your acceptance of the updated policy. If you do not agree with the updated policy, you may delete your account at any time.
Contact us
If you have any questions, requests, or concerns about this privacy policy or how we handle your data, please don't hesitate to get in touch. We aim to respond to all privacy-related enquiries within 5 business days.
We're happy to answer.
Reach out anytime. We read every email and respond within 5 business days.
privacy@pooai.app →