Privacy Policy

Last updated: 8 July 2026

This policy explains what personal data the plated app collects, why we collect it, how it is stored, and the rights you have over it. plated is a nutrition and macro tracking app operated by Fraser Analytics.

plated lets you record what you eat and, if you choose to connect it, view that alongside recovery and sleep data from WHOOP. Some of this is health-related information, so we treat it with particular care and only ever collect it with your explicit consent.

1. Who we are

plated is operated by Fraser Analytics ("we", "us", "our"), based in Newcastle, United Kingdom. For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, Fraser Analytics is the data controller for the personal data described in this policy.

If you have any questions about this policy or how your data is handled, you can reach us at robbie@fraseranalytics.com .

2. What data we collect

We collect only the data needed to run the app and provide its features:

Account information

Nutrition and food data

Connected health data (optional)

Technical data

3. How and why we use your data

We use your data to provide and improve the app's core functions. Under UK GDPR we rely on the following legal bases:

What we do Legal basis
Run your account and store your food logs, goals, and custom foods Performance of our contract with you (providing the app you signed up for)
Access and display your WHOOP health data Your explicit consent
Process food or label photos to estimate nutrition Your consent, given when you use the feature
Connect with other users and share or copy logs Your consent, given when you use the social features
Keep the service secure and working correctly Our legitimate interests in operating a reliable, secure app

We do not sell your personal data, and we do not use it for third-party advertising.

4. Health data and WHOOP

Nutrition information and data from WHOOP (such as recovery and sleep) can reveal information about your health. Under UK GDPR this is special category data , which is subject to stronger protections.

WHOOP is an independent company and its handling of your data is governed by its own privacy policy.

5. Who we share data with

We use a small number of trusted service providers ("processors") to run the app. They process data only on our instructions and are bound by appropriate data protection terms. They are:

Provider Purpose
Supabase Secure hosting of your account, database, and stored files (such as food photos)
Open Food Facts Looking up product and nutrition information from barcodes and searches
WHOOP Providing your recovery and sleep data, only if you connect your account
Anthropic Processing food or nutrition-label photos to estimate nutritional content, only if you use photo features

Some of these providers, or their infrastructure, may be located outside the UK. Where data is transferred internationally, we rely on appropriate safeguards recognised under UK data protection law (such as the UK International Data Transfer Agreement or an adequacy decision) to keep your data protected.

We may also disclose data where we are legally required to do so, for example in response to a valid legal request.

6. Where your data is stored

Your account data and content are stored using Supabase infrastructure hosted on Amazon Web Services in the eu-west-2 (London) region. This means your primary data is held within the United Kingdom. Limited processing may occur elsewhere where a provider listed in section 5 operates outside the UK, subject to the safeguards described above.

7. How long we keep your data

We keep your personal data for as long as your account is active. If you delete your account, we delete or anonymise your associated data within a reasonable period, except where we are required to retain certain information to meet legal obligations. You can request deletion at any time (see section 8).

8. Your rights

Under UK data protection law you have the right to:

To exercise any of these rights, email robbie@fraseranalytics.com . We will respond within the timeframes required by law (normally within one month).

If you believe we have not handled your data properly, you have the right to lodge a complaint with the UK's supervisory authority, the Information Commissioner's Office (ICO) , at ico.org.uk . We would appreciate the chance to address your concerns first.

9. Security

We take reasonable technical and organisational measures to protect your data. Access to your data is protected by authentication, and database access is governed by row-level security so that users can only reach data they are permitted to see. Connections to our services are encrypted in transit. No system can be guaranteed to be completely secure, but we work to protect your information appropriately.

10. Children

plated is not directed at children. The app is intended for users aged 13 and over. If you believe a child has provided us with personal data, please contact us and we will take appropriate steps to delete it.

11. Changes to this policy

We may update this policy from time to time to reflect changes to the app or to legal requirements. When we make material changes, we will update the "last updated" date at the top of this page and, where appropriate, notify you within the app.

12. Contact us

Fraser Analytics
Newcastle, United Kingdom
Email: robbie@fraseranalytics.com