← Back to Suppro

Privacy Policy for Suppro

Last updated: 10 May 2026

Company: Suppro Ltd

Contact: hello@suppro.co.uk

1. Overview

This Privacy Policy explains how Suppro Ltd ("Suppro", "we", "us", or "our") collects, uses, shares, stores, and protects personal data when you use the Suppro mobile app.

This policy is intended for users in the United Kingdom and the United States.

UK privacy law requires organisations to tell individuals what personal data is collected, why it is used, how long it is kept, and who it is shared with.

2. Data we collect

Depending on how you use Suppro, we may collect the following types of information.

Account information

This may include:

  • email address;
  • authentication provider information, such as Apple or Google sign-in identifiers;
  • account creation and login status;
  • subscription entitlement status.

Onboarding and questionnaire information

This may include:

  • supplement goals;
  • wellness interests;
  • dietary preferences or restrictions;
  • supplement usage preferences;
  • answers used to personalise your experience.

Supplement and scan information

This may include:

  • barcodes scanned;
  • supplement product names;
  • product photos or label images you upload;
  • OCR and AI-extracted ingredient information;
  • active ingredients, dose information, and product metadata;
  • tracked supplements or favourites if you use those features.

AI chat and AI-generated content

If you use AI chat or AI supplement summary features, we may process:

  • messages you send;
  • AI-generated responses;
  • contextual supplement or app information needed to answer your request.

You should not enter sensitive medical information that is not necessary for the feature.

Apple Health information

If you choose to connect Apple Health, Suppro may access only the categories of Apple Health data you explicitly permit. You can manage or revoke this access through your iOS settings.

Apple requires apps that use Health data to request permission and explain how that data is used.

Payment and subscription information

Payments are handled by the relevant app store and subscription services. We may receive subscription status information, such as whether you have an active entitlement, expired subscription, trial, renewal, or cancellation status. We do not receive your full payment card details.

Technical and security information

We may collect:

  • device type;
  • app version;
  • operating system version;
  • error logs;
  • crash or diagnostic information;
  • IP address or approximate region where necessary for security, infrastructure, or fraud prevention.

Analytics

At the moment, Suppro does not use PostHog analytics. If we add analytics in the future, we will update this Privacy Policy to explain what is collected and why.

3. How we use your data

We use personal data to:

  • create and manage your account;
  • provide supplement scanning and product identification;
  • generate AI-powered supplement information;
  • show ingredient, benefit, dose, risk, and interaction information;
  • manage subscriptions and entitlements;
  • provide customer support;
  • improve app safety and reliability;
  • detect abuse, fraud, rate-limit misuse, and unauthorised access;
  • comply with legal obligations.

4. Legal bases for UK users

For UK users, we rely on the following lawful bases under UK GDPR where applicable:

  • Contract: to provide the app, account, subscription access, and requested features.
  • Consent: for optional features such as Apple Health access, where applicable.
  • Legitimate interests: to secure the app, prevent abuse, improve reliability, and understand core app performance.
  • Legal obligation: where we must retain or disclose information to comply with the law.

ICO guidance states that organisations should explain the lawful basis for processing personal data in privacy information.

5. Health-related data

Suppro is a supplement information app, not a medical service. However, some information you provide may relate to health, wellness, supplements, medications, allergies, or Apple Health.

We use health-related information only to provide the features you choose to use, improve app functionality, maintain safety, and comply with the law. We do not sell health-related data.

6. AI processing

Suppro may use third-party AI providers, including OpenAI, to process text, images, OCR outputs, supplement information, and user requests.

This processing may be used to:

  • extract supplement ingredients from images;
  • interpret product labels;
  • generate AI chat responses;
  • produce supplement summaries or guidance.

OpenAI states that business data sent to its services is encrypted in transit and at rest.

You should not submit information that you do not want processed by AI systems.

7. Who we share data with

We may share personal data with service providers that help us operate Suppro, including:

  • Supabase for authentication, database, backend functions, and storage;
  • RevenueCat for subscription entitlement management;
  • Apple and Google for authentication, app distribution, and payment systems;
  • OpenAI for AI-powered processing;
  • SerpApi for product image enrichment where used;
  • Open Food Facts and NIH supplement data sources as product/reference data sources;
  • hosting, monitoring, security, and support providers where necessary.

We do not sell your personal data. We do not share your personal data with advertisers.

8. International transfers

Suppro is intended for users in the UK and US. Some service providers may process data in countries outside your own country.

Where required, we rely on appropriate safeguards, contractual protections, or lawful transfer mechanisms to protect personal data.

9. How long we keep data

We keep personal data only for as long as reasonably necessary for the purposes described in this policy.

Typical retention periods may include:

  • account data: while your account is active;
  • subscription records: as needed for billing, entitlement, tax, fraud prevention, or app store records;
  • scan and supplement data: while needed to provide app features or until deleted;
  • support messages: while needed to respond and maintain records;
  • security logs: for a limited period needed to protect the app;
  • deleted account data: removed or anonymised unless retention is required for legal, billing, fraud prevention, or security reasons.

10. Account deletion

You may delete your account in the app. When you delete your account, we aim to remove or anonymise account-linked personal data, subject to legal, billing, fraud prevention, security, and operational requirements.

Deleting your account does not automatically cancel an active app store subscription. You must cancel subscriptions through Apple or the relevant app store.

11. Your privacy rights

Depending on your location, you may have rights to:

  • access your personal data;
  • correct inaccurate data;
  • delete your data;
  • restrict or object to processing;
  • request a copy of your data;
  • withdraw consent where processing is based on consent;
  • complain to a data protection authority.

UK users can complain to the Information Commissioner's Office if they are unhappy with how their data is handled.

To exercise your rights, contact hello@suppro.co.uk.

12. US privacy rights

If you are in the United States, state privacy laws may give you additional rights depending on where you live. These may include rights to access, delete, correct, or obtain a copy of personal information.

We do not sell personal information and do not share personal information for cross-context behavioural advertising.

13. Children

Suppro is not intended for children under 13. If you are under 18, you should use Suppro only with the involvement of a parent or guardian.

We do not knowingly collect personal data from children under 13. If you believe a child has provided personal data, contact us at hello@suppro.co.uk.

14. Security

We use reasonable technical and organisational measures to protect personal data. However, no app, database, network, or transmission method is completely secure.

You are responsible for keeping your device and account credentials secure.

15. App Store privacy information

Apple requires developers to provide accurate App Store privacy information about data collection and use.

We aim to ensure that our App Store privacy disclosures match this Privacy Policy.

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we may notify you in the app or by other appropriate means.

The updated version will be effective from the date shown at the top.

17. Contact

For privacy questions or requests, contact:

Suppro Ltd

Email: hello@suppro.co.uk