Quick summary: We do not sell your data or use it for ads. We share the minimum needed with service providers (login, email, AI) only to run the site. You can delete your account at any time.
1. Who we are
mytayibat.com (“the site”, “we”) is an educational platform about the Tayibat therapeutic nutrition framework and optional AI meal tools. Contact: privacy@mytayibat.com.
2. Data we collect
2.1 Account data
- Full name and email (required to register).
- Password (bcrypt hash — not readable by staff).
- Profile photo (optional, often from Google sign-in).
2.2 Google OAuth
When you sign in with Google we receive only name, email, profile image, and Google ID — never your Google password.
2.3 Health profile (nutrition program users)
- Age, sex, weight, height, activity level.
- Health conditions and allergies you enter.
- Your goals (weight, digestion, etc.).
- Meal adherence history.
Important: Profile data personalises meal plans and AI answers. Necessary summaries may be sent to our AI provider (Groq — see section 6) for that purpose only. We do not sell this data.
2.4 Automatic technical data
- IP address (security and aggregate stats).
- Browser and OS type.
- Pages visited and session duration.
- Approximate region from IP.
3. How we use your data
- Create and secure your account.
- Generate personalised meal plans via AI.
- Send daily meal emails if you opt in.
- Send push notifications if you allow them.
- Improve the site with aggregated analytics.
- Respond to support requests.
4. Cookies
We use:
- Essential cookies: keep you signed in (required for the app).
- Analytics (Google Analytics): anonymous usage patterns.
You can clear or block cookies in your browser settings.
5. Push notifications (VAPID)
If you subscribe, we store only your browser push subscription keys — not personal message content. You can unsubscribe in site settings or the browser.
6. Third parties
| Service | Purpose |
|---|---|
| Google OAuth | Sign-in |
| Google Analytics | Site statistics |
| Groq AI | Meals and AI answers |
| SMTP (Hostinger) | Email delivery |
We do not sell your data for advertising.
7. Your rights
- Access your data via profile settings.
- Edit personal information anytime.
- Delete your account — email privacy@mytayibat.com.
- Opt out of email and push in account settings.
- Export your data (JSON) on request.
8. Security
- Passwords hashed with bcrypt.
- HTTPS (TLS 1.2+) for all connections.
- CSRF protection on forms.
- HttpOnly + Secure session cookies.
- Access logging for intrusion detection.
9. Children
The site is not directed at users under 18. If we learn a minor registered, we delete the account. Children’s diets require medical supervision.
10. Retention
We keep data while your account is active. After deletion, health and meal data are removed promptly; some security logs may be kept up to 90 days then destroyed.
11. Policy updates
We may update this policy. Material changes will be announced by email or on-site notice. The date at the top reflects the latest version.
12. Contact
- Email: privacy@mytayibat.com
- Form: Contact hub