LalisaPrivacy Policy & Terms of Service
Effective Date: April 30, 2026
1. Introduction
Welcome to Lalisa (hereby referred to as the "Application"), a freemium health, diet, and AI-powered meal tracking application developed by Ghassan Abu Khaled (hereby referred to as the "Service Provider").
By downloading, accessing, or using the Application, you agree to be bound by these Terms of Service and our Privacy Policy. If you do not agree to these terms, please refrain from using the Application.
2. Data Collection
The Service Provider is highly committed to protecting your privacy and ensuring the security of your personal information. To provide you with tailored calorie tracking and AI meal analysis services, the Application collects and processes the following categories of data:
- Account & Authentication Data: Name, email address, and sign-in identifiers from Apple or Google (we do not receive or store your passwords).
- Health & Dietary Data: Daily calorie and nutritional targets, macronutrient breakdowns, and comprehensive food logs. Note: Under regulations such as the GDPR, this is considered "special category" sensitive data. By creating an account and using the Application, you provide your explicit consent for us to process this data solely to deliver the Application's core functionality.
- AI Processing Data: Textual prompts and images submitted to the chat interface are securely processed using Artificial Intelligence to extract relevant nutritional metadata.
- Operational Logs & Telemetry: For debugging, abuse prevention, and service reliability, we securely log metadata associated with your AI requests (e.g., timing, model used, error codes, and your user ID) along with the raw AI response.
International Data Transfers: Your data is processed in the United States and other countries where our service providers operate. Where required, we rely on Standard Contractual Clauses for transfers out of the EEA/UK.
3. Third-Party Service Providers
The Application securely integrates with certified third-party service providers to manage infrastructure, process subscriptions, and facilitate AI capabilities. By invoking these services through the Application, you accept their respective privacy practices and terms:
- RevenueCat (In-App Subscriptions & Financial Processing)
- Supabase (Secure Cloud Database & Authentication)
- Apple (Authentication via Sign-In with Apple)
- Google Cloud Generative AI (AI Meal Parsing Capabilities)
4. Data Deletion & Retention
You maintain ultimate control and ownership over your personal data. You possess the continuous right to request the permanent deletion of your account and all associated health, dietary, and historical data.
Deletion Process: You may invoke an immediate account deletion directly within the Application by navigating to the Profile settings, or alternatively, by submitting a formal data deletion request via email to the Service Provider. Upon fulfillment of a deletion request, all related tracking records, authentication credentials, and personal identifiers are permanently expunged from our active production servers.
Data Retention: We retain your account and health data only for as long as your account remains active. Upon initiating an account deletion, your data is permanently removed from our active production databases within 30 days. Encrypted database backups containing your data are automatically purged within 90 days of the deletion request.
5. Regional Privacy Rights (GDPR & CCPA)
Depending on your region, you may have specific rights regarding your personal data. If you are a resident of the European Economic Area (EEA) or the UK (under GDPR), you have the right to access, rectify, port, restrict the processing of, or object to the processing of your data, as well as the right to lodge a complaint with your supervisory authority.
If you are a resident of California (under CCPA/CPRA), you have the right to know what personal information is collected, the right to delete, and the right to opt-out of the sale or sharing of your personal information. Please note that we do not sell or share your personal information to third parties.
To exercise any of these rights, please contact us using the information provided at the end of this policy.
6. Children's Privacy
Lalisa is not directed at children under the age of 13 (or under 16 in the European Economic Area, where applicable). We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected such data, we will take immediate steps to delete the information from our servers.
7. Subscriptions and Freemium Features
Lalisa encompasses a "Freemium" business model. Certain elevated features—including expanded AI scanning, extended historical records, and advanced nutritional breakdowns—require an active subscription. All associated costs and billing intervals (e.g., monthly, annually) will be clearly communicated and authorized prior to any transaction.
Subscription Terms: Payment will be charged to your Apple ID or Google Play account at the confirmation of purchase. Your subscription automatically renews at the same price and duration unless auto-renew is turned off at least 24 hours before the end of the current period. Your account will be charged for renewal within 24 hours prior to the end of the current period.
Managing Subscriptions: You can manage and cancel your subscriptions by going to your Account Settings on the App Store or Google Play after purchase. Subscriptions are securely governed and managed via the official payment processing rails of your respective App Store and RevenueCat. By purchasing a subscription, you also agree to the standard Apple Terms of Use (EULA) and Google Play Terms of Service.
8. Data Security
We implement industry-standard security measures to protect your data. All data is encrypted in transit using Transport Layer Security (TLS) and at rest utilizing Supabase-managed AES-256 encryption. Sign-in identifiers and active session tokens are securely stored locally within your device’s secure enclave (Keychain on iOS or Keystore on Android).
9. Usage Restrictions and Intellectual Property
You strictly agree not to copy, reverse-engineer, decompile, modify, distribute, sell, or lease any portion of the Application, its source code, or included software frameworks. All trademarks, database rights, proprietary algorithms, and intellectual property associated with Lalisa are the exclusive property of the Service Provider.
Termination: We reserve the right to suspend or terminate your account and access to the Application at our sole discretion, without prior notice, for conduct that we believe violates these Terms of Service or is harmful to other users of the Application, us, or third parties, or for any other reason.
10. Limitation of Liability
The dietary tracking methodologies and AI-generated nutritional estimations surfaced by the Application are strictly provisioned for informational and self-management purposes only. Under no circumstances are they intended to substitute professional medical advice, clinical diagnosis, or medical treatment.
You hereby agree that the Service Provider accepts zero liability for any health-related outcomes, dietary consequences, or decisions enacted based upon the AI estimations or calculations provided by the Application.
Furthermore, the Service Provider disclaims liability for damages or service interruptions arising from a lack of stable internet connectivity, third-party infrastructure outages, or unauthorized modifications executed on your device’s operating system (e.g., rooting or jailbreaking).
Medical Disclaimer: Lalisa is an informational tool, and its dietary recommendations should not be used by individuals with eating disorders or pre-existing medical conditions without strict medical supervision. By using the Application, you acknowledge this risk.
11. General Provisions
Changes to this Policy: We may update this Privacy Policy and Terms of Service from time to time. The "Effective Date" at the top reflects the latest revision. Material changes will be communicated via in-app notice or email prior to taking effect. Continued use of the Application after the effective date constitutes acceptance of the updated terms.
Governing Law: This Agreement is governed by the laws of Jordan, without regard to its conflict-of-laws principles. Any disputes shall be resolved exclusively in the courts of Amman, Jordan.
12. Contact Information
For any formal inquiries, legal notices, or data requests regarding this Privacy Policy and Terms of Service, please contact the Service Provider at the authorized email address below: