Privacy Policy
Last updated: March 28, 2026
1. Who we are
Wellthra ("we", "us", "our") operates the website wellthra.com and the Wellthra nutrition platform. We are committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR) and the German Bundesdatenschutzgesetz (BDSG).
Data Controller
Wellthra
Bremer Strasse 30, 65824 Schwalbach am Taunus
Email: privacy@wellthra.com
2. What data we collect
Data you provide:
- Account data: name, email, password (hashed, never stored in plain text)
- Profile data: age, gender, height, weight, dietary preferences, health goals
- Health data: allergies, medical conditions, medications (voluntarily provided) — classified as "special category data" under GDPR Article 9
- Wearable & biometric data: if you connect Fitbit, Garmin, Apple Health, Google Fit, Strava, Withings or similar — we ingest steps, active calories, heart-rate aggregates, sleep summaries, body composition and recovery scores. Also classified as "special category data" under GDPR Article 9 and processed only on your explicit consent (Art. 9(2)(a)). You can disconnect any provider in settings at any time, which immediately stops ingestion and triggers the deletion timeline in Section 8.
- Photo / vision data: if you use Plate Vision (camera-based meal logging), the photo is sent to Anthropic for analysis and is not stored on our servers — only the extracted macro envelope (calories, protein, carbs, fat estimates) is retained, and only while your account is active.
- Payment data: processed by Stripe — we never store your card details
- Communications: messages sent through our contact form
Data collected automatically:
- Usage data: pages visited, features used, time spent
- Device data: browser type, operating system
- Log data: IP address (anonymized after 30 days)
- Cookies: see Section 7 below
3. Why we process your data
| Purpose | Legal basis (GDPR) |
|---|---|
| Provide personalized meal plans | Contract performance (Art. 6(1)(b)) |
| Process payments | Contract performance (Art. 6(1)(b)) |
| Send account-related emails | Contract performance (Art. 6(1)(b)) |
| Send marketing emails | Consent (Art. 6(1)(a)) — opt out anytime |
| Process health-related data | Explicit consent (Art. 9(2)(a)) |
| Improve our service | Legitimate interest (Art. 6(1)(f)) |
| Prevent fraud and abuse | Legitimate interest (Art. 6(1)(f)) |
| Tax and legal compliance | Legal obligation (Art. 6(1)(c)) |
4. How we use artificial intelligence
Wellthra uses AI technology (Claude by Anthropic) to generate personalized meal plans, recipes, and nutritional advice. When you use our AI features:
- Your dietary preferences and goals are sent to Anthropic's API to generate content
- Anthropic does not use your data to train their models
- We do not share your identity (name, email) with Anthropic
- AI-generated content is not medical advice (see Section 10)
5. Who we share your data with
| Provider | Purpose |
|---|---|
| Anthropic (Claude AI) | AI meal plan generation |
| Stripe | Payment processing |
| MongoDB Atlas | Database hosting |
| Vercel | Website hosting & analytics |
| Resend | Transactional emails |
| Google Analytics | Usage analytics (opt-in only) |
| Sentry | Error monitoring (no PII) |
| Upstash Redis | Rate limiting & abuse prevention |
| Telegram Bot API | Push notifications (if connected) |
| Unsplash | Food imagery for meal plans |
| USDA FoodData Central | Restaurant food nutrition lookup |
We do not sell your personal data. We do not share your data with advertisers. Affiliate links (Amazon, MyProtein, iHerb) use standard referral tags and do not transmit your personal data.
6. Your rights under GDPR
As an EU/EEA resident, you have the right to:
- Access (Art. 15): Request a copy of all personal data we hold about you
- Rectification (Art. 16): Correct any inaccurate or incomplete data
- Erasure (Art. 17): Request deletion of your data ("right to be forgotten")
- Data portability (Art. 20): Receive your data in machine-readable format (JSON)
- Restriction (Art. 18): Limit how we process your data
- Objection (Art. 21): Object to processing based on legitimate interest
- Withdraw consent: At any time for marketing and health data processing
- Lodge a complaint: With your local Data Protection Authority
To exercise any right, email privacy@wellthra.com. We respond within 30 days.
German users may also contact the BfDI at www.bfdi.bund.de.
7. Cookie policy
| Cookie | Purpose |
|---|---|
| session_token | Keep you logged in |
| cookie_consent | Remember your choice |
| _ga / _gid | Google Analytics |
| cookie_consent_prefs | Granular cookie preferences |
Essential cookies cannot be disabled. Analytics cookies are only set after you consent via our cookie banner. You can change your preferences at any time by clearing your cookies.
8. How long we keep your data
We apply data minimisation (GDPR Art. 5(1)(c)) and storage limitation (Art. 5(1)(e)) — every category below has a defined upper bound, and special-category data (Art. 9) is held no longer than necessary for the purpose you consented to.
- Account data (name, email, hashed password): While your account is active. Erased within 30 days of you requesting deletion via Settings → Delete Account or emailing privacy@wellthra.com.
- Health data (allergies, medical conditions, medications) — Art. 9 special category: While your account is active. Erased within 30 days of account deletion or withdrawal of consent.
- Wearable raw data (steps, active calories, heart-rate aggregates, sleep summaries) — Art. 9 special category: Raw daily aggregates retained for 365 days rolling (the technical TTL on our
WearableDailyAggregatecollection) so we can compute your trend cards. After 365 days the raw row is auto-deleted by the database. You may shorten this by disconnecting the provider — disconnecting also immediately suspends new ingestion. - Wearable / biometric derivatives (recovery scores, weekly trends, anonymised aggregates): Retained while your account is active. Erased within 30 days of account deletion or withdrawal of Art. 9 consent.
- Vision / photo logs (Plate Vision uploads): Photos are not stored — they are forwarded to Anthropic, the macro envelope is returned, and the original image is dropped. Only the extracted numeric estimate persists on your account.
- Meal plans & logs: While your account is active. Erased within 30 days of account deletion.
- Payment records: 10 years — mandatory under German tax law (AO § 147 Abs. 3). Even if you delete your account, anonymised invoice records are retained for this statutory period; we cannot delete them earlier.
- Server logs / IP: 30 days, then anonymised or deleted.
- Analytics data (Google Analytics, only after consent): Anonymised after 26 months, then deleted.
- Cookie consent record: 12 months (so we don't re-prompt you), then re-asked.
Right to instant deletion (GDPR Art. 17)
You can erase your account and ALL associated data — meal plans, recipes, food logs, wearable aggregates, health profile, chat history, streaks — at any time from Settings → Delete Account. The flow requires your password (anti-takeover safeguard), cancels any active Stripe subscription, deletes your Stripe customer object, and wipes your data across our MongoDB collections. The technical operation completes within seconds; the formal Art. 17 SLA is 30 days. The only exception is the 10-year tax retention above for any past invoices, which is required by German federal law and cannot be waived.
9. How we protect your data
- All data encrypted in transit (TLS 1.3) and at rest (AES-256)
- Passwords hashed using bcrypt
- Database access restricted by IP whitelist
- 2FA enabled on all administrative accounts
- Regular security audits and dependency scans
- Payments handled by Stripe (PCI DSS Level 1 certified)
- Error monitoring via Sentry (configured to exclude PII)
10. Health data disclaimer
Important medical notice
Wellthra is not a medical service or a replacement for professional medical advice. Our AI-generated meal plans are for general informational purposes only. Always consult a qualified healthcare professional before making dietary changes, especially if you have medical conditions or take medications.
11. Children's privacy
Wellthra is not intended for children under 16. We do not knowingly collect data from children under 16. Contact privacy@wellthra.com if you believe a child has provided us with personal data.
12. International transfers
Some providers are outside the EU/EEA (primarily USA). We rely on the EU-US Data Privacy Framework and Standard Contractual Clauses (SCCs) for these transfers.
13. Changes to this policy
We will notify you of significant changes by email at least 14 days before they take effect. The "Last updated" date at the top reflects the most recent revision.
14. Contact us
For privacy questions: privacy@wellthra.com
Response time: within 30 days.