Legal

Privacy Policy

Last updated: May 8, 2026

1. Introduction

MALAI (“we”, “our”, or “us”) is an AI nutrition care companion for people taking GLP-1 medications. This Privacy Policy explains how we collect, use, and protect your personal information when you use our website at itsmalai.com and our app at app.itsmalai.com.

By using MALAI, you agree to the practices described in this policy. If you do not agree, please do not use the service.

2. Information We Collect

• Account information — name and email address provided via Google Sign-In or email registration.
• Health profile data — medication name, dose, treatment phase/week, body weight, height, age, activity level, dietary preferences, and nutrition goals you enter to personalize your meal plans.
• Symptom and meal data — meals you log, side-effect symptoms, and nutrition tracking.
• Body composition data — when integrated, smart-scale, DEXA, or wearable readings.
• Usage data — pages visited, features used, and interaction patterns, collected to improve the service.
• Device information — browser type, operating system, and IP address for security and analytics.

3. How We Use Your Information

• To generate phase-aware AI meal plans tailored to your medication, dose, and current treatment week.
• To track your nutrition, body composition, and symptom patterns over time.
• To surface evidence-based protocols for managing side effects and protecting muscle.
• To check insurance eligibility for Medical Nutrition Therapy when you opt into RD coaching.
• To operate, maintain, and improve the MALAI service.
• To communicate with you about your account, service updates, and educational content (you can opt out anytime).
• To ensure the security and integrity of the platform.

We do not sell your personal information.

4. AI & Third-Party Services

MALAI uses Google’s Gemini AI to generate meal plan analysis and side-effect management suggestions. Anonymous nutrition data (meal names, macros, targets, dose, treatment phase) may be sent to Google’s API to produce these results. No personally identifiable information such as your name or email is included in these requests.

We also use:

• Firebase (Google) — authentication and data storage.
• Google Cloud Run — backend infrastructure.
• Vercel — frontend hosting.
• Google Analytics — website usage analytics, which uses cookies to measure traffic and how visitors navigate the site.

5. Data Retention

We retain your data for as long as your account is active. You may request deletion of your account and associated data at any time by contacting us (Section 8). Upon deletion, your personal information will be removed within 30 days, except where we are legally required to retain it.

6. Data Security

We implement industry-standard security practices including encrypted data transmission (HTTPS), Firebase security rules, and authenticated API access. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

7. Your Rights

You have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Request deletion of your account and data.
• Export your meal, nutrition, and symptom data in a portable format.
• Withdraw consent for AI processing of your data at any time.

8. Contact Us

For privacy-related questions or data requests, please contact us at support@itsmalai.com.