2BIB← Back to home

Privacy Policy

Effective Date: May 19, 2026 · Last Updated: May 19, 2026

1. About This Policy

2BIB ("we," "our," or "us") operates the 2BIB nutrition tracking platform, including the website at 2bib.com, the web application at app.2bib.com, and the 2BIB mobile applications for iOS and Android (collectively, the "Services").

This Privacy Policy describes what personal information we collect, why we collect it, how we use and protect it, and the rights available to you. By using our Services, you acknowledge that you have read and understood this policy.

2. Information We Collect

Account Information

When you create an account, we collect:

  • Name and email address
  • Password (stored as a cryptographic hash by Clerk, our authentication provider; we never see your plaintext password)
  • OAuth profile identifiers if you sign in with Apple or Google

Health & Nutrition Data

To provide personalized tracking and goal recommendations, we collect and store:

  • Body metrics: age, biological sex, height, and weight
  • Activity level
  • Food and beverage logs — foods eaten, serving sizes, macronutrients (protein, carbs, fat), and calories
  • Water and hydration entries
  • Daily weight and body composition entries over time
  • Nutrition and fitness goals, including target calories and macros

Photos & Images

When you use the AI food scanning feature, you upload photos of food items, meals, or nutrition labels. These images are transmitted to a third-party AI service solely for the purpose of generating a nutritional estimate. Images are not permanently stored by 2BIB; only the resulting nutritional data (e.g., estimated calories and macros) is saved to your food log.

Payment Information

Subscription payments are processed by a third-party payment processor. We do not store your credit card numbers, CVV codes, or full payment account details. We receive and retain subscription status, plan type, and billing cycle information.

Device & Usage Data

We automatically collect certain technical information when you use our Services, including:

  • Device type, operating system version, and app version
  • IP address and coarse location (country or region level)
  • Screens or pages visited and features used
  • Crash reports and performance diagnostics

3. How We Use Your Information

We use the information we collect to:

  • Provide the Services — operate your account, process food logs, calculate macros and calories, and display your nutrition history.
  • Personalize your experience — calculate Basal Metabolic Rate (BMR), Total Daily Energy Expenditure (TDEE), and adaptive nutrition targets based on your body metrics, goals, and real-world weight progress.
  • Power AI scanning — transmit food photos to a third-party AI service to generate nutritional estimates on your behalf.
  • Process payments — manage your subscription and billing through a third-party payment processor.
  • Provide customer support — respond to your inquiries and resolve account issues.
  • Improve our Services — analyze usage patterns in aggregate (not tied to individual identities) to enhance features and fix bugs.
  • Maintain security — detect and prevent abuse, fraud, and unauthorized access.
  • Comply with legal obligations — respond to lawful requests and meet applicable regulatory requirements.

4. How We Share Your Information

Service Providers

We share personal data with trusted third-party service providers who assist us in operating the Services — including authentication, AI-powered food analysis, payment processing, and database infrastructure. These providers act as data processors and are contractually obligated to handle your data only under our instructions and in accordance with applicable privacy law.

Group / Team Features

If you voluntarily join a group or team (e.g., a corporate wellness program using 2BIB Teams), the group administrator will be able to view your food log history, daily macro summaries, and goal progress. You can leave a group at any time from your profile settings.

Legal Requirements

We may disclose personal information if required by law, court order, or governmental authority, or when we believe in good faith that disclosure is necessary to protect our legal rights, ensure the safety of our users, or investigate suspected fraud or abuse.

Business Transfers

In the event of a merger, acquisition, financing, or sale of all or a material portion of our assets, your information may be transferred as part of that transaction. We will notify you of any material change via email or a prominent in-app notice before it takes effect.

We Do Not Sell Your Personal Data

We do not sell, rent, or trade your personal information to third parties for their own marketing or commercial purposes. This includes under the California Consumer Privacy Act (CCPA) definition of "sale."

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Services:

  • Account and profile data: retained while your account is active; deleted within 30 days of account deletion.
  • Food and health logs: retained while your account is active and permanently deleted when you delete your account.
  • Food scan photos: transmitted to a third-party AI service for processing and not stored by 2BIB.
  • Payment and billing records: retained for up to 7 years as required by applicable financial and tax regulations.
  • Anonymized analytics: aggregate, non-identifiable data may be retained indefinitely.

You can delete your account at any time via Profile → Delete Account. Upon deletion, your personal data will be permanently removed, except where retention is required by law.

6. Your Privacy Rights

All Users

Regardless of your location, you may:

  • Access and update your personal data at any time via your Profile settings.
  • Delete your account via Profile → Delete Account, permanently removing your personal data.
  • Request a data export by emailing support@2bib.com.

European Economic Area, UK, and Switzerland — GDPR Rights

If you are in the EEA, UK, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right of access — request a copy of the personal data we hold about you.
  • Right to rectification — request correction of inaccurate or incomplete data.
  • Right to erasure — request deletion of your personal data ("right to be forgotten").
  • Right to restriction — request that we limit processing of your data in certain circumstances.
  • Right to data portability — receive your data in a structured, commonly used, machine-readable format.
  • Right to object — object to processing based on legitimate interests.

Legal bases for processing: We process your data on the basis of (a) contract performance (delivering the Services you signed up for), (b) consent (where explicitly provided), and (c) legitimate interests (improving our Services and preventing fraud).

You have the right to lodge a complaint with your local supervisory authority (e.g., the ICO in the UK or your national DPA in the EU) if you believe we have processed your data unlawfully.

California Residents — CCPA / CPRA Rights

California residents have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to know — request disclosure of the categories and specific pieces of personal information we have collected, used, disclosed, or sold.
  • Right to delete — request deletion of your personal information.
  • Right to correct — request correction of inaccurate personal information.
  • Right to opt-out of sale or sharing — we do not sell or share your personal information for cross-context behavioral advertising.
  • Right to limit use of sensitive personal information — we use your health/nutrition data only to provide the Services.
  • Right to non-discrimination — we will not treat you differently for exercising your CCPA rights.

To exercise any CCPA rights, contact us at support@2bib.com. We will respond to verified requests within 45 days as required by law.

To submit any privacy rights request, email us at support@2bib.com with the subject line "Privacy Request." We may need to verify your identity before fulfilling your request.

7. Children's Privacy

Our Services are not directed to, and we do not knowingly collect personal information from, children under the age of 13 (or under 16 for residents of the EEA/UK, or such higher age as required by local law). You must be at least 13 years old (or the applicable minimum age in your jurisdiction) to create an account or use our Services.

If you are a parent or guardian and believe we have inadvertently collected personal information from a child below the applicable minimum age, please contact us immediately at support@2bib.com. We will promptly investigate and delete the information.

8. Security

We implement industry-standard technical and organizational safeguards to protect your personal information:

  • All data in transit is encrypted using TLS (Transport Layer Security).
  • Authentication is managed by Clerk using secure, industry-standard practices including bcrypt password hashing and multi-factor authentication support.
  • Database records are stored on Neon's encrypted, SOC 2-compliant cloud infrastructure.
  • Access to production systems and databases is restricted to authorized personnel.

While we take these precautions seriously, no method of electronic transmission or storage is completely secure. We cannot guarantee the absolute security of your data and encourage you to use a strong, unique password and to contact us immediately if you suspect unauthorized access to your account.

9. International Data Transfers

2BIB is based in the United States. If you access our Services from outside the United States, your personal data will be transferred to and processed in the United States, where data protection laws may differ from those in your home country.

For users in the EEA, UK, or Switzerland, we rely on appropriate transfer mechanisms — including Standard Contractual Clauses (SCCs) as approved by the European Commission — to ensure your personal data receives an adequate level of protection when transferred internationally.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, applicable law, or for other operational reasons. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this page.
  • Notify you via email or a prominent in-app notice where reasonably practicable.

Your continued use of our Services after the updated policy's effective date constitutes your acceptance of the revised terms. We encourage you to review this page periodically.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

2BIB — 2 Be in Balance

Email: support@2bib.com

Website: 2bib.com

For GDPR-related inquiries, include "GDPR Request" in the subject line. For CCPA-related inquiries, include "CCPA Request" in the subject line. We aim to respond to all privacy inquiries within 30 days.