Start Tracking Free

Legal

Privacy Policy

Last updated: April 2026

Find My Triggers ("we", "us", or "our") is committed to protecting your privacy. This policy explains what information we collect through our website (findmytriggers.com) and our web application ("the App"), how we use it, and your rights.

1. Information we collect

Account information

When you create an account in the App, we collect your email address. We use passwordless authentication (magic links) — we do not collect or store passwords.

Health and wellness data

When you use the App to track your food sensitivities, you may provide:

  • Food and drink entries
  • Symptom descriptions and severity
  • Bowel movement details
  • Medications and supplements
  • Daily check-ins (sleep, stress, hydration scores)
  • Menstrual cycle dates (if you enable cycle tracking)
  • Your gut health profile (conditions, allergies, medications, health goals)

This data is yours. We store it to provide you with the tracking and analysis features of the App.

Voice input

If you use the voice input feature, your audio is sent directly to our AI processing service for transcription and structuring. Audio recordings are not stored on our servers. Only the structured text result is saved.

Purchase information

App Pro upgrades are processed by Dodo Payments. If you purchase the FMT Pro product through Gumroad, Gumroad may also create an app user and activate Pro access. Separate manual Gumroad products do not activate Pro access. We receive your email address and confirmation of purchase. We do not receive or store your payment card details.

Website analytics

Our marketing website uses Google Tag Manager and Google Analytics to understand how visitors find and use our site. This may include IP address, browser type, pages visited, and referral sources. This data is used in aggregate and is not linked to your App account or health data.

The App itself does not contain any third-party analytics or tracking scripts.

2. How we use your information

  • To provide the service: Your health and wellness entries are used to generate insights, trigger analysis, and reports within your account.
  • AI processing: Your entries are processed by AI to structure natural-language input into structured data, and to generate analysis reports. See Section 3 for details.
  • To send transactional emails: We use your email to send sign-in links and important account notifications.
  • To provide customer support: If you contact us, we may reference your account information to help resolve issues.
  • To improve our service: We use aggregate, anonymised statistics (total users, entry counts, feature usage patterns) to improve the product. We do not use individual health data for this purpose.

3. AI processing and data privacy

Your entries are processed by AI models to structure your input and generate analysis. Here's exactly how that works:

  • AI processing is handled via OpenRouter, which routes requests to AI model providers (currently Google Gemini).
  • We enforce Zero Data Retention (ZDR) on all AI requests. This means AI providers do not store your prompts or responses.
  • OpenRouter does not store your prompts or responses by default. They store only metadata (token counts, latency) for billing purposes.
  • Google's Gemini API terms state that paid API data is not used to train their models.
  • Your data is sent to AI providers over encrypted connections (TLS) and is processed only to generate your results — it is not retained, shared, or used for training.

4. Data storage and security

  • Encryption at rest: Your data is stored on servers with infrastructure-level AES-256 encryption. All storage volumes are encrypted by default.
  • Encryption in transit: All connections to the App use HTTPS/TLS encryption.
  • Access controls: Access to user data is restricted to authorised administrators for the purposes of customer support, troubleshooting, and service operation.
  • No third-party data sharing: We do not sell, rent, or share your personal health data with third parties for marketing, advertising, or any purpose beyond providing the service.

What administrators can see

To operate the service and provide support, administrators may view: your email address, account status (free or paid), entry counts, activity timestamps, and system usage metrics. We do not routinely access the content of your individual diary entries.

5. Third-party services

ServicePurposeData shared
OpenRouter / Google GeminiAI processing (entry parsing, analysis)Entry text/audio, gut profile (for analysis). ZDR enforced — not retained.
BrevoTransactional emailEmail address only (for sign-in links)
Dodo PaymentsApp Pro upgrade payment processingEmail, payment details (handled by Dodo Payments)
GumroadManual product payment processing and FMT Pro purchase handlingEmail, payment details (handled by Gumroad)
Google AnalyticsWebsite analytics (marketing site only)Anonymised browsing data. Not linked to App accounts.
CloudflareContent delivery and securityStandard web request data

6. Your rights and controls

You have full control over your data:

  • Export your data: Download all your entries, check-ins, and profile as a JSON file from Settings — available to all users (free and paid).
  • Delete your data: Permanently delete all your tracking data from Settings at any time.
  • Delete your account: Permanently delete your entire account, including all data, profile, and login information from Settings. This is irreversible.
  • Correct your data: You can edit or remove individual entries within the App.
  • Withdraw consent: You can stop using the service and delete your account at any time.

If you are located in the EU/EEA, you may also have additional rights under GDPR, including the right to data portability, the right to restrict processing, and the right to lodge a complaint with a supervisory authority. To exercise any right not available through the App's self-service tools, please contact us.

7. Data retention

  • Account data: Retained while your account is active. Deleted when you delete your account.
  • Health and wellness data: Retained while your account is active. You can delete it at any time via Settings.
  • Email marketing: If you subscribe to our email list (separate from the App), your email is retained until you unsubscribe.
  • Purchase records: Retained as required by applicable tax and accounting law.

8. Cookies

The App uses a single session cookie for authentication. No tracking or advertising cookies are used in the App.

The marketing website uses cookies for Google Analytics and Google Tag Manager. You can control these through your browser settings.

9. Children's privacy

Our services are not directed at children under 16. We do not knowingly collect personal information from children.

10. Changes to this policy

We may update this policy from time to time. The date at the top of this page reflects the most recent revision. If we make significant changes that affect how your health data is handled, we will notify you via email.

11. Contact

If you have any questions about this privacy policy or how your data is handled, please get in touch.