Legal
Privacy Policy
Last updated May 25, 2026
This Privacy Policy explains how Aether AI LLC (“Aether AI,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal information when you use the Meal Planner website and application (the “Service”). It also describes the choices and rights you have regarding your information.
Meal Planner is a wellness and meal-planning tool. It is not a healthcare provider, and we are nota “covered entity” or “business associate” under HIPAA. The information you give us is not protected health information under HIPAA, but we treat your health and diet information as sensitive and handle it as described below. By using the Service, you agree to this Policy. If you do not agree, please do not use the Service.
1. Who we are
The Service is operated by Aether AI LLC, a limited liability company organized under the laws of the State of Florida, United States. We are the “business” and data controller responsible for the personal information processed through the Service. You can reach us using the details in the Contact section below.
2. Age requirement — the Service is for adults
The Service is intended only for individuals who are 18 years of age or older. We do not knowingly collect or solicit personal information from anyone under 18, the Service is not directed to children, and it is not designed to appeal to minors. If we learn that we have collected personal information from a person under 18, we will delete that information promptly. If you believe a minor has provided us personal information, contact us at [email protected] and we will take appropriate action. See Children’s Privacy.
3. Information we collect
We collect the following categories of personal information.
Information you provide
- Account information: your email address and authentication credentials when you create an account or sign in (including magic-link or password sign-in).
- Profile and health-related information: your goal (lose/maintain/gain weight), daily calorie and macronutrient targets, and any of the following you choose to provide: date of birth, sex, height, weight, dietary restrictions, and food dislikes. This is information about your physical health and diet.
- Activity and logged data: meals you log, meals you skip, foods you add, pantry items, photos you upload for meal logging, and messages you send to the in-app assistant.
- Precise geolocation (optional):if you grant permission, your device’s latitude and longitude, used to detect your city and suggest nearby options. You may instead enter a city manually or skip location entirely.
- Payment information: if you subscribe, our payment processor (Stripe) collects and processes your payment-card details. We do not store full card numbers; we retain a customer identifier and subscription status.
- Communications: information you submit through our contact form or when you email us, including your name, email, subject, and message.
Information collected automatically
- Device and log data: IP address, browser type, device and operating-system information, timestamps, and pages or features accessed, collected through our hosting and error-monitoring providers to keep the Service secure and working.
- Cookies and similar technologies: strictly necessary cookies for authentication and session management. See Cookies.
- Usage and cost metering: records of AI requests you generate (e.g., plan generations, chat messages) used for rate limiting, abuse prevention, and internal cost accounting.
Information from third parties
- Payment status from Stripe (e.g., whether a subscription is active), to provide paid features.
- Geocoding results from a mapping provider (OpenStreetMap / Nominatim) when you choose to detect your location, which returns a city name for the coordinates your browser sends.
4. Sensitive personal information
Some of what we collect is “sensitive personal information” under California and other state laws — specifically your health and diet information and, if you enable it, your precise geolocation. We use sensitive personal information only to provide and improve the Service you ask for (for example, to generate a meal plan that fits your goals and restrictions). We do not use or disclose sensitive personal information to infer characteristics about you, and we do not sell or share it. Where required by law, you have the right to limit our use of sensitive personal information; because we already limit it to providing the Service, no further action is generally necessary, but you may contact us with questions.
5. How we use your information
- Create and manage your account and authenticate you.
- Generate personalized meal plans, recommendations, and progress insights based on the goals, targets, restrictions, and preferences you provide.
- Track your logged meals and progress against your targets, and provide reminders or re-engagement messages consistent with your preferences.
- Process subscriptions, billing, and customer support.
- Secure the Service, prevent fraud and abuse, enforce rate limits, and debug and improve the product.
- Comply with legal obligations and enforce our terms.
We do not use your personal information to train third-party generative-AI models, and we do not use your content for advertising.
6. How we use AI
The Service uses a third-party AI provider (Anthropic, the maker of Claude) to generate meal plans, parse meals you describe or photograph, and power the in-app assistant. To do this, we send relevant inputs to Anthropic’s API — for example, your goals and targets, dietary restrictions and dislikes, your general city (not precise coordinates), pantry items, meal photos you upload, and the messages you send the assistant. Anthropic processes this data to return a response and, per its commitments to us, does not use API inputs or outputs to train its models. AI output can be inaccurate or incomplete; it is not medical or nutritional advice. See our Terms of Service for important health disclaimers.
7. How we share information
We do not sell your personal information, and we do not share it for cross-context behavioral advertising (as those terms are defined under California law). We disclose personal information only as follows:
Service providers (processors)
We share information with vendors that process it on our behalf, under contracts that limit them to providing services to us:
- Supabase — authentication and database hosting (stores your account and app data).
- Anthropic — AI processing (see Section 6).
- Stripe — payment processing and subscription management.
- Vercel — application hosting and delivery.
- Sentry — error monitoring and diagnostics.
- Upstash — rate limiting and abuse prevention.
- OpenStreetMap / Nominatim — optional reverse geocoding of coordinates you choose to share.
Legal, safety, and business transfers
We may disclose information (i) to comply with law, legal process, or enforceable governmental requests; (ii) to enforce our terms or protect the rights, property, or safety of our users, the public, or us; and (iii) in connection with a merger, acquisition, financing, or sale of assets, in which case we will require the recipient to honor this Policy or notify you of any material change.
8. Cookies and tracking
We use strictly necessary cookies to keep you signed in and to operate the Service securely. We do not use advertising cookies or third-party marketing trackers, and we do not engage in cross-context behavioral advertising. Because we do not sell or share personal information or serve targeted ads, there is nothing to opt out of for those purposes; we nonetheless honor recognized opt-out preference signals (such as Global Privacy Control) where applicable. Stripe and our infrastructure providers may set cookies necessary to deliver their services.
9. Data retention
We keep personal information for as long as your account is active or as needed to provide the Service, and thereafter as needed to comply with legal obligations, resolve disputes, prevent abuse, and enforce our agreements. You can delete your account and associated data at any time by contacting us; some records (e.g., transaction records required for tax or accounting) may be retained for a limited period as required by law.
10. Security and breach notification
We use administrative, technical, and organizational safeguards designed to protect personal information, including encryption in transit, access controls, and row-level data isolation between users. No method of transmission or storage is completely secure, so we cannot guarantee absolute security. Because Meal Planner handles health-related information and is not covered by HIPAA, we are subject to the U.S. Federal Trade Commission’s Health Breach Notification Rule. If unsecured personally identifiable health information is acquired without authorization, we will notify affected individuals, the FTC, and, where required, the media, as that rule requires.
11. Your privacy rights
California residents (CCPA/CPRA)
If you are a California resident, you have the right to:
- Know and access the categories and specific pieces of personal information we have collected, the sources, the purposes, and the categories of third parties to whom we disclose it.
- Delete personal information we collected from you, subject to legal exceptions.
- Correct inaccurate personal information.
- Limit the use and disclosure of sensitive personal information (we already limit it to providing the Service).
- Opt out of sale or sharing — we do not sell or share personal information, so there is nothing to opt out of.
- Non-discrimination — we will not deny service, charge a different price, or provide a different quality of service because you exercised your rights.
We do not knowingly sell or share the personal information of minors. You may use an authorized agent to submit a request on your behalf; we may require proof of authorization and verification of your identity. If we deny a request, you may appeal by replying to our decision.
Other U.S. states
Residents of other states with comprehensive privacy laws (for example, Virginia, Colorado, Connecticut, Texas, Florida, and others) may have similar rights to access, correct, delete, and obtain a copy of their personal information, and to opt out of targeted advertising, sale, or certain profiling. Because we do not sell personal information, share it for targeted advertising, or conduct such profiling, those opt-outs do not apply, but we honor the access, correction, deletion, and portability rights described here.
How to exercise your rights
Submit a request by emailing [email protected] or through our contact form. To protect your information, we will verify your request against information associated with your account before fulfilling it. We respond within the timeframes required by applicable law.
12. Children’s privacy
The Service is for adults 18 and older. We do not knowingly collect personal information from anyone under 18 and we do not target or design the Service for minors. Consistent with the Children’s Online Privacy Protection Act (COPPA), if we discover that we have collected personal information from a child under 13 — or any user under our minimum age of 18 — we will delete it. Parents or guardians who believe their child has used the Service may contact us at [email protected].
13. Where your data is processed
We are based in the United States and process and store information in the United States. If you access the Service from outside the United States, you understand your information will be transferred to and processed in the United States, where privacy laws may differ from those in your jurisdiction.
14. Changes to this Policy
We may update this Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, provide additional notice. Your continued use of the Service after an update means you accept the revised Policy.
15. Contact us
Questions, requests, or complaints about this Policy or your personal information:
- Aether AI LLC
- Email: [email protected]
- Or use our contact form.