Pensum Home

Privacy Policy

Pensum · last updated 21 June 2026

Pensum is a nutrition tracker built privacy-first. It works locally on your device and does not require an account. This policy explains what data Pensum handles and what (very little) ever leaves your phone.

Controller: Alessandro Parini, Einzelfirma, Grienmattweg 1, 4410 Liestal, Switzerland (UID CHE-181.827.819). Contact: [email protected].

1. Data stored on your device

Your diary, foods, recipes, weight log, and targets are stored in a local database on your device only. Pensum has no user account and does not upload this data to any server. Uninstalling the app removes it.

2. Health Connect (Android)

If you grant permission, Pensum reads total energy expenditure, steps, and weight from Android Health Connect to show your energy balance. This data is read on your device and is not transmitted off your device by Pensum. Access is read-only; Pensum never writes to Health Connect. You can revoke this permission in Health Connect at any time.

3. Camera and meal photos (the one thing that leaves your phone)

The optional photo-logging feature is the only point where data leaves your device. When you choose to analyse a meal photo, that photo and any context you add (e.g. known ingredients, portions) are sent over HTTPS to our own processing endpoint at proxy.pensumapp.com, which forwards it to a vision model and returns an editable ingredient breakdown. The image is used solely to perform that analysis and is not stored by us. You can use the entire rest of the app without ever using photo logging.

4. Food databases

Food information comes from open data sources: Open Food Facts, Bundeslebensmittelschlüssel (BLS), the Swiss Food Composition Database, and USDA FoodData Central. Barcode lookups query Open Food Facts; the generic-food catalogue is bundled with the app. These lookups send a barcode or search term, not personal data.

5. No analytics, ads, or tracking

Pensum contains no third-party analytics, no advertising, and no trackers. We do not sell or share your data with anyone.

6. Your rights (GDPR and Swiss FADP)

Because Pensum is local-first with no account, your personal data lives on your device and is under your control; deleting the app erases it. For the photo-analysis described in section 3, or any question about your data, contact [email protected]. Users in the EU/EEA and Switzerland have rights of access, rectification, and erasure under the GDPR and the Swiss FADP.

7. Children

Pensum is not directed at children under 16.

8. Changes to this policy

We may update this policy; the date at the top reflects the latest version.

Questions: [email protected]