Zeral logo
Zeral AI
Get the app
Back home

Privacy

Effective May 2026

We built Zeral so you can scan a product and get an honest read on it. To do that, the app needs to handle a small amount of data about you. This page explains exactly what — and what we will never do with it.

The short version

  • We don't ask you to create an account to use Zeral. By default, you're anonymous.
  • Scan photos are uploaded to our private storage so we can analyse them and so you can see your scan history. They are never sold, shared, or used to train models for third parties.
  • We use a small amount of analytics to understand which features work. You can opt out in the app settings.
  • You can delete your scan history at any time from inside the app. Reaching out to www.zeral.ai@gmail.com will erase your account on request.

Who we are

Zeral ("we", "us") is operated by Mangisetti Charan Sai (Visakhapatnam, India) and provides a photo-based ingredient scanner across iOS and Android. This policy covers the mobile app and this website.

Your account

When you first open the app, the device generates a random identifier and asks our server to create an anonymous user record keyed on that identifier. No email, phone, or password is required. The identifier is stored securely on the device and is what authenticates your scans and history.

If we later add email or social sign-in, attaching one to your existing anonymous record will be optional. Your scan history, onboarding answers, and preferences will carry over.

What we collect

  • Onboarding answers — the health goals, life-stage, and lifestyle preferences you choose during setup. These shape how strict your verdicts are.
  • Scan photos — the images you take with the camera or pick from your library. We upload them to a private bucket so the model can analyse them and so they can appear in your scan history.
  • Scan results — the ingredients we extracted, the verdict, the studies cited, and the goal profile that was active at the time.
  • Device tokens — if you allow notifications, we store an Expo push token to deliver them. You can revoke this from your system settings at any time.
  • Anonymous usage events — which screens you open, which buttons you tap, and which features you use. We use this to fix bugs and prioritise features.

How we use it

  • To run your scans and return verdicts.
  • To show you your scan history with the original photos.
  • To send the notifications you've opted into (daily learn card at 7:00 AM IST; weekly digest on Sundays).
  • To send broadcast announcements about meaningful product changes (rare, operator-driven).
  • To improve the product based on aggregate usage patterns.

How your photos are stored

Photos are uploaded to a private Cloudflare R2 bucket and are not publicly accessible. When the app needs to show one back to you, the server mints a short-lived signed URL (valid for one hour) scoped to that specific object. Photos are never indexed, never used for advertising, and never sold.

Photos sometimes capture incidental personal context — kitchens, bathrooms, medication labels. We treat them accordingly.

What we don't do

  • We don't sell your data.
  • We don't show third-party ads.
  • We don't use your scan photos to train models for any party other than Zeral itself.
  • We don't track you across other apps or websites.
  • We don't share any individual user's scan history with anyone except you.

Third-party processors

We use a small set of vendors to run the service. They process data only for the purposes described here.

  • Cloudflare R2 — private object storage for scan photos.
  • Neon (Postgres) — database for accounts, scans, and references to substances and studies.
  • OpenRouter — model gateway used to run the vision and reasoning steps of a scan.
  • Expo Push Service — push notification delivery (Apple APNs and Google FCM behind a single endpoint).
  • PostHog — anonymous product analytics. EU region.
  • Render — hosting for the API server.

Referral codes

Some access tiers are unlocked by a short referral code. When you redeem one, we record which code you used and the period it unlocks. We do not share this with other users.

Children

Zeral is not directed at children under 13. If you believe a child has used the app, write to www.zeral.ai@gmail.com and we'll remove the account.

Your rights

Depending on where you live, you have the right to access, correct, export, or delete your data. You can do all of these by emailing www.zeral.ai@gmail.com with the device you scanned from. We will respond within 30 days.

Changes

If we change this policy, we'll update the effective date above and — if the change is material — notify you inside the app before it takes effect.

Contact

Questions, requests, or concerns: www.zeral.ai@gmail.com.