Privacy Policy
Last updated: July 12, 2026
1. Introduction
Welcome to Miso ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have a positive experience when using our application. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and web service.
2. Information We Collect
We may collect information about you in various ways:
• Account Information: When you create an account, we collect your email address and authentication credentials.
• OAuth Data: If you sign in using third-party services (Google, Apple, Facebook, Microsoft), we receive basic profile information such as your name and email address as permitted by those services.
• Usage Data: We collect information about how you interact with our app, including the apps you create and your preferences.
• Device Information: We may collect device-specific information such as your device type, operating system, and unique device identifiers.
• Photos and Media: Photos you send (such as meal photos) are processed to identify foods and estimate nutrition, and are stored as part of your conversation history.
• Voice Recordings: If you use voice dictation, your recording is transcribed by a third-party speech-to-text service and then discarded; only the transcript is kept as part of your conversation.
• Location Information: If you grant location permission, we collect your device location to provide local context (such as weather and nearby suggestions) in your conversations. We share coordinates with weather and air-quality providers to answer your questions. We do not store your location in our database.
• Purchase Information: We collect your subscription status and purchase history, processed by Apple and our subscription provider (RevenueCat), to deliver the features you paid for.
3. How We Use Your Information
We use the information we collect to:
• Provide, maintain, and improve our services
• Create and manage your account
• Process and complete transactions
• Send you technical notices and support messages
• Respond to your comments and questions
• Analyze usage patterns to improve user experience
4. AI and Conversation Data
When you use Miso's AI features, your conversations are stored to provide message history and continuity. Your messages and any photos or voice recordings you send are shared with third-party AI service providers solely to generate responses and process your requests; these providers are contractually restricted from using your data to train their models. Your conversation data is:
• Stored securely on our servers
• Accessible only to you
• Shared with third-party AI service providers only as needed to generate responses, never sold, and never shared for advertising
• Not used to train AI models, ours or our providers'
• Deleted when you delete your account
5. Third-Party Integrations and Health Data
Miso allows you to connect external services to enhance your experience:
• Apple Health (HealthKit): With your permission, Miso reads health and fitness data from Apple Health, such as steps, active energy, exercise, sleep, and heart rate, and may save nutrition data you log back to Apple Health. We use this data only to provide app features like calorie tracking, health summaries, and personalized context in your conversations. We never use Apple Health data for advertising, marketing, or use-based data mining; we never sell it; and we never share it with third parties except as needed to provide these features at your request. You can revoke access at any time in the Health app or iOS Settings.
• Oura Ring: Sleep, activity, and readiness data
• Google Calendar: Calendar events, including titles, descriptions, locations, times, and organizer and attendee names and email addresses, used to provide scheduling features like reminders and availability checks
• Other services as added
When you connect a service:
• We only access data types you explicitly authorize
• Data is used solely to provide features within Miso
• You can disconnect services at any time in Settings
• Disconnecting removes the associated data from our systems
6. iMessage and Phone Number Information
When you use Miso through iMessage, we collect and process your phone number along with the content of messages you send and receive:
• Phone number: collected when you provide it (on the website, in the iOS app, or by texting our number directly). Used to deliver and receive iMessages on your behalf.
• Message content: the text and any media you send to Miso, plus our responses, are stored as part of your conversation history (see Section 4: AI and Conversation Data above).
• Delivery provider: messages are sent and received through a third-party iMessage messaging provider acting as our service provider under contract. They process messages solely to deliver them on our behalf.
Your phone number is used solely to provide the Service. We do not share, sell, or rent it to third parties for their marketing purposes. Phone numbers are retained while your account is active and deleted when you delete your account.
Opt-out: see Section 9 (iMessage and Text Message Communications) of our Terms of Service for STOP, HELP, and START opt-out mechanics.
7. Information Sharing
We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:
• With your consent
• To comply with legal obligations
• To protect our rights and prevent fraud
• With service providers who assist in our operations (see Section 8: Service Providers and Subprocessors), including AI and speech-to-text providers that generate responses (Section 4), our message delivery provider (Section 6), weather and air-quality providers that receive coordinates when you ask location-based questions (Section 2), and our subscription provider (RevenueCat)
8. Service Providers and Subprocessors
To operate Miso, we share limited personal information with vendors ("subprocessors") that process it on our behalf, under contract, solely to provide their service to us. The categories of subprocessors we use are:
• AI / large language model (LLM) providers: process your messages, food descriptions, meal photos, and health context to generate responses and estimate nutrition. We currently use Google (Gemini) and OpenAI. These providers are contractually prohibited from using your data to train their models.
• Messaging delivery (iMessage / SMS): a third-party messaging provider that sends and receives the iMessages and text messages you exchange with Miso.
• Speech-to-text: a third-party transcription provider that converts voice dictation to text; the audio is discarded after transcription (see Section 2).
• Hosting and database infrastructure: cloud hosting and managed-database providers, located in the United States, that store your account, conversation, and app data.
• Subscriptions and payments: RevenueCat and the applicable app store or payment processor (Apple, and our web payment processor) that manage your subscription status and process purchases.
We do not authorize any subprocessor to use your information for its own purposes, and none of these arrangements involves selling your personal information.
9. Tracking Technologies and Advertising
Miso does not track you across apps or websites owned by other companies. We do not use the device advertising identifier (IDFA), we do not serve third-party advertising, and we do not share your information with advertising networks or data brokers.
Consistent with this, our iOS app declares NSPrivacyTracking = false in its privacy manifest and does not present the App Tracking Transparency (ATT) prompt, because we do not engage in "tracking" as Apple defines it. Any analytics we collect are first-party and used only to operate and improve Miso (see Section 3), never to build advertising profiles.
10. Data Security
We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet is 100% secure.
11. Data Retention
We retain your data as follows:
• Account data: Retained while your account is active
• Conversation history: Retained until you delete it or your account
• Health/biometric data (e.g., Oura Ring): 30 days
• Other integration data: Up to 1 year (configurable in Settings)
• Usage analytics: 90 days (anonymized)
You can request data deletion at any time by contactingsupport@sunod.ai or using the "Delete Account" feature in the app.
12. Account Deletion
You can delete your account at any time:
1. Go to Settings > Account > Delete Account
2. Confirm deletion
3. All your data will be permanently deleted within 30 days
Alternatively, email support@sunod.ai to request account deletion.
13. Data Storage and Transfer
Your data is stored on servers located in the United States. If you are accessing our service from outside the United States, your data will be transferred to and processed in the United States.
14. Your Rights
You have the right to:
• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Withdraw consent at any time
• Export your data in a portable format
15. California Privacy Rights (CCPA)
If you are a California resident, you have the right to:
• Know what personal information we collect
• Request deletion of your personal information
• Opt-out of the sale of personal information (we do not sell your data)
• Non-discrimination for exercising your rights
To exercise these rights, contact support@sunod.ai.
16. European Privacy Rights (GDPR)
If you are in the European Economic Area, you have additional rights:
• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to data portability
• Right to object to processing
• Right to lodge a complaint with a supervisory authority
To exercise these rights, contact support@sunod.ai.
17. Third-Party Services
Our app may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites. We encourage you to read the privacy policies of any third-party services you access.
18. Children's Privacy
Our service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.
19. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.
20. Contact Us
If you have any questions about this Privacy Policy, please contact us at: support@sunod.ai
© 2026 Sunod. All rights reserved.