Privacy Policy
This Privacy Policy describes how FIBYC ("we," "us," or "our") collects, uses, and shares information in connection with the FIBYC Chrome extension and the website at fibyc.ai (together, the "Service"). It covers how the current version of the Service handles data, how we may handle data as the Service evolves, and the rights available to you under applicable law.
Contents
- Scope and definitions
- Information we collect today
- Information we may collect in the future
- How we use information
- Sharing and third parties
- Affiliate links and click tracking
- Storage, retention, and security
- Browser permissions
- International data transfers
- Children
- Your rights
- Changes to this policy
- Contact
Scope and definitions
This Policy applies to all users of the Service. Throughout this document, "Personal Information" means any information that identifies, relates to, or could reasonably be linked with you, directly or indirectly. "Service" means the FIBYC Chrome extension, any future browser extension or mobile or desktop application we publish under the FIBYC name, and the website located at fibyc.ai. "We," "us," and "our" refer to FIBYC and its operator.
The Service is offered "as is," and your use of it constitutes acceptance of this Policy and of our Terms of Service.
Information we collect today
The current version of the Service collects only the information necessary to provide ingredient analysis on supported retailer pages. This includes:
- The publicly visible content of product pages on supported retailers, read locally in your browser, in order to detect and analyze ingredient lists, material disclosures, prices, product names, and product images.
- Product image URLs, product name, and page host that may be sent to FIBYC's image-label OCR service when a full ingredient list is visible only in a product photo and not readable as page text.
- Product names and barcodes that we look up in publicly available ingredient databases when an ingredient list is not present on the page or readable from product images.
- Basic service logs automatically created when our OCR service is called, such as request time, IP address, response status, and error information, used to operate and secure the service.
- Information you choose to provide directly, such as messages sent to our support email.
Your scan history, saved-favorite products, local product-cache records, and unknown-term review records are stored locally on your own device using your browser's storage APIs. They are not transmitted to FIBYC servers in the current version of the Service.
Information we may collect in the future
As the Service evolves, we expect to introduce additional features that may require collecting and processing additional categories of information. These may include, without limitation:
- Account information — such as a name, email address, password, profile picture, and authentication identifiers (including third-party sign-in tokens) when you create or sign in to a FIBYC account.
- Synced user data — such as scan history, favorites, preferences, allergens or sensitivities you choose to disclose, and product feedback, stored on our servers and synchronized across your devices.
- Health and wellness information — such as biomarkers, lab or bloodwork results, dietary preferences, fitness or sleep data, and information from connected health platforms (for example, Apple HealthKit, Google Fit, or third-party device APIs), to the extent you choose to provide or connect them.
- Personalization signals — information used to tailor product recommendations to you, including derived attributes computed from the categories above.
- Communications — messages, ratings, or feedback you submit through the Service.
- Device and technical information — including IP address, browser and device type, operating system, language, time zone, and basic diagnostic information, used to operate and secure the Service.
We will not begin collecting any new category of Personal Information described in this section until this Policy has been updated to reflect the change and, where required by applicable law, we have obtained your consent. Where the law treats certain categories — such as health information — as sensitive or special-category data, we will provide additional notice and will request your explicit, opt-in consent before any such collection begins.
How we use information
We use the information described above for the following purposes:
- To operate, maintain, and improve the Service, including ingredient analysis, scoring, and the suggestion of alternative products.
- To provide, in the future, account-based features, synchronization across devices, and personalized recommendations based on information you choose to share with us.
- To respond to your inquiries, provide customer support, and send service-related communications (such as security alerts, policy updates, and account notices).
- To monitor and improve the safety, security, integrity, and performance of the Service, including the detection and prevention of fraud, abuse, and misuse.
- To comply with applicable law, legal process, and lawful requests from public authorities.
- For other purposes disclosed at the time information is collected, with your consent where required.
Sharing and third parties
We do not sell Personal Information to third parties for the third parties' own advertising or marketing purposes. We may share information in the following circumstances:
- With service providers who perform services on our behalf (for example, cloud hosting for the image-label OCR service, analytics, error monitoring, customer support tooling, payment processing, and security services), under contractual obligations to protect the information.
- With third-party platforms you connect — for example, if you choose to link a health, fitness, or wearable-device account, we may exchange information with that platform under your direction and consent.
- With affiliate networks and retailers when you click an affiliate link, as described in Section 6 below.
- To comply with law, legal process, or enforceable governmental requests; to protect the rights, property, or safety of FIBYC, our users, or others; or to investigate suspected fraud or violations of our Terms.
- In a corporate transaction — if FIBYC is involved in a merger, acquisition, financing, reorganization, sale of assets, or bankruptcy, information may be transferred as part of that transaction. We will provide notice of any such transfer.
- With your consent, or at your direction.
Affiliate links and click tracking
The Service contains affiliate links. When you click an affiliate link, the destination retailer and/or the affiliate network we partner with (currently Amazon Associates; Skimlinks may be used for non-Amazon retailers if enabled) may place a cookie or use other tracking mechanisms on your browser to attribute any resulting purchase to FIBYC and to calculate commission. We may receive aggregated, non-identifying commission reports from these partners. The collection and use of information by retailers and affiliate networks is governed by their respective privacy policies, which we encourage you to review. Additional details are available in our Affiliate Disclosure.
Storage, retention, and security
Where information is stored on our servers, we use commercially reasonable administrative, technical, and physical safeguards designed to protect it against loss, misuse, and unauthorized access, alteration, or disclosure. These safeguards include encryption in transit, encryption at rest for sensitive data, access controls, and routine monitoring.
We retain Personal Information for as long as reasonably necessary to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. When information is no longer needed for these purposes, we will delete or anonymize it.
No security measure is perfect. By using the Service, you acknowledge that no transmission of information over the internet can be guaranteed to be completely secure.
Browser permissions
The current version of the Chrome extension requests the following permissions in order to provide its functionality. Each is used only for the purposes described.
- activeTab — to read the visible content of the active tab when you interact with the extension.
- storage — to save preferences, scan history, saved favorites, product-cache records, and unknown-term review records locally in your browser.
- scripting — to inject the analysis script into supported retailer pages on demand.
- host permissions — access to the supported retailer domains listed at the time of installation, public product databases, official product-page lookup, and FIBYC image-label OCR. The full list is shown by your browser before installation.
Future versions of the Service may request additional permissions; any such request will be shown to you by your browser, and continued use of the new version constitutes consent to the updated permission set.
International data transfers
FIBYC operates internationally. Where we transfer Personal Information across national borders, including from the European Economic Area, the United Kingdom, or Switzerland to the United States or any other country, we rely on appropriate legal mechanisms for such transfers, including, where applicable, standard contractual clauses approved by the European Commission and supplementary measures designed to protect transferred data.
Children
The Service is intended for users aged 13 and over. We do not knowingly collect Personal Information from children under 13. If we learn that we have inadvertently collected such information, we will delete it. Parents or guardians who believe their child has provided information to us may contact us at info@fibyc.ai.
Your rights
Depending on your jurisdiction, you may have rights in relation to your Personal Information, including the rights to access, correct, delete, port, or restrict the processing of your information, and to object to processing or to withdraw consent where processing is based on consent. Residents of the European Economic Area, the United Kingdom, Switzerland, California, Virginia, Colorado, Connecticut, Utah, and other jurisdictions with comparable laws are entitled to additional protections under applicable law.
To exercise any of these rights, contact us at info@fibyc.ai. We will respond within the time period required by applicable law. We will not discriminate against you for exercising any of these rights.
Changes to this policy
We may update this Policy from time to time, including to reflect new features, legal requirements, or our practices. When we make a material change, we will update the "Last updated" date above and, where required by applicable law, we will provide additional notice (for example, by an in-product notification, an email if we have your email address, or a notice posted on this page). Where new collection of Personal Information requires your consent, we will request that consent before the new collection begins. Your continued use of the Service after the effective date of any update constitutes your acceptance of the updated Policy.
Contact
If you have questions, comments, or requests regarding this Policy or our data practices, please contact us at info@fibyc.ai.
This Privacy Policy is provided for informational purposes and is intended to describe FIBYC's data practices. It does not constitute legal advice. Specific rights and obligations may vary by jurisdiction.