Last updated: June 15, 2026 — Draft for attorney review. Not a final, legally-vetted document.
Loggr.fit ("Loggr," "we," "our") is a personal weight and health tracking web application. This policy describes what data we collect, how we use it, and your rights regarding that data.
When you create an account and use Loggr, we store the following categories of data:
Account credentials: Your email address and a bcrypt-hashed password. We never store your password in plain text.
Weight and body composition data: Weight entries imported from Withings, MyFitnessPal, CSV uploads, or entered manually. Body composition readings (fat %, muscle mass, bone mass, water mass) when available from Withings.
GLP-1 medication data: Medication name, dose history, injection sites, and side-effect logs. This is health-sensitive information and is handled accordingly.
Weekly check-in data: Date, weight, appetite, energy, mood, side-effect ratings, weekly wins, and notes.
Timeline notes and reminders: Private annotations and in-app reminders you create.
Food diary and macro data: Food entries, portion sizes, macro targets, and cached food item records from Open Food Facts.
Progress photos: Photos you upload, stored in a private Backblaze B2 bucket. See section 5.
Settings: Height, goal weight, medication name, and medication start date.
Share card configuration: If you opt in to a public share card, the fields you choose to display and your display name.
We use your data solely to provide the Loggr service to you: rendering your dashboard, computing trends and projections, displaying your history, and enabling exports. We do not use your data to train machine learning models, build advertising profiles, or run analytics beyond basic server-level error logging.
Loggr uses the following third-party services to provide the app. These are data processors acting on our behalf, not independent data controllers for your Loggr data.
Backblaze B2: Private encrypted cloud storage for progress photos. Server-side encryption is enabled. Photos are not publicly accessible.
Withings: If you connect your Withings account, you authorize Loggr to access your scale data via OAuth. Loggr stores an access token and imports your weight history. You can disconnect Withings at any time by clearing your weight data in Settings, which revokes the stored token.
Open Food Facts: An open public database. When you look up a food by barcode, Loggr queries the Open Food Facts API. Your query (the barcode number) is sent to Open Food Facts; the result is cached in Loggr. Open Food Facts is governed by their own terms.
MyFitnessPal: We do not connect to MyFitnessPal's API. You export your own MFP data and upload or paste it into Loggr; no connection to MFP's servers is made by Loggr on your behalf.
We do not use advertising networks, analytics platforms, tracking cookies, or session replay tools.
Progress photos are stored in a private Backblaze B2 bucket with server-side encryption at rest. The app displays photos using short-lived pre-signed URLs that expire quickly. Photos are never listed publicly, are not indexed by search engines, and are not accessible to other users. We may access stored content as necessary to operate the Service, comply with legal obligations, or enforce these terms.
GLP-1 medication logs (medication name, dose dates, side effects, injection sites) are health-sensitive. This data is stored privately in your account, is not visible to other users, and is not included in public share cards unless you explicitly choose to show only the medication name in your share card settings. This data is not sold or licensed to any third party.
Public share cards are fully opt-in. If you enable one, you choose exactly which fields are visible. Only those fields — typically a pounds-lost figure and optional context — are publicly accessible via your unique share link. Your email address, photos, detailed weigh-in history, check-ins, notes, and medication logs are never included in a public share card regardless of your settings.
You can export CSV files of your weight, food diary, GLP-1, check-in, and notes data at any time from the Data page. You can delete specific data categories (weights, photos, GLP-1 data, nutrition data, activity, settings, or share card) individually from Settings. Full account deletion is also available in Settings and permanently removes all associated data, including photos from B2 storage, within a reasonable time frame.
We retain your data for as long as your account is active. If you delete your account, all associated data is scheduled for deletion. Backups may retain data for up to 30 days after deletion before being purged.
Loggr uses bcrypt password hashing, HTTPS in transit, server-side encrypted storage for photos, and session-based authentication. No security measure is perfect. We recommend using a strong, unique password for your Loggr account and not reusing it elsewhere. If you believe your account has been compromised, change your password immediately in Settings.
Loggr is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has created an account, contact us and we will delete it.
We may update this policy. Material changes will be reflected with an updated date at the top of this page. Continued use of Loggr after a policy update constitutes acceptance of the revised terms.
Privacy questions or requests can be directed to: privacy@loggr.fit