← LeanOut AI

Legal

Privacy Policy

How we handle your account, health data, and AI interactions.

Last updated June 12, 2026

LeanOut AI ("LeanOut," "we," "us") is operated by Michael Lynn. This Privacy Policy explains what information we collect when you use leanout.app and our native mobile apps, how we use it, and the choices you have.

Information we collect

Account information

When you register, we collect your name, email address, and a hashed password. If you sign in with Google, we receive your Google profile identifier and email from Google's OAuth service.

Profile and physique data

During onboarding and in Settings, you may provide age, sex, height, weight, activity level, physique goal, dietary preferences, and calculated macro targets. This data powers your dashboard, meal plans, and coaching experience.

Health and fitness activity

You may log daily check-ins (weight, steps, hunger, energy, compliance scores, workout notes), food diary entries, workout sessions, progress photos, and gamification progress (XP, badges, streaks). On supported mobile devices, you may optionally connect Apple Health or Health Connect to import steps and weight.

AI interactions

Messages you send to the AI Coach, meal-plan generation requests, food photo and voice logging inputs, and workout plan prompts are transmitted to our AI providers for processing. Food photos submitted for recognition are analyzed in real time and are not stored on our servers after analysis.

Payment information

If you subscribe to LeanOut Pro, payment is processed by Stripe. We receive your subscription status and Stripe customer identifier. We do not store full card numbers on our servers.

Technical data

We collect standard server logs (IP address, browser or app user agent, request timestamps) for security and reliability. Session cookies keep you signed in. See our Cookie Policy for details.

How we use your information

  • Provide and personalize the coaching, logging, and progress features you use
  • Generate meal plans, workout suggestions, and AI coach responses tailored to your profile
  • Calculate macros, adaptive expenditure estimates, and gamification rewards
  • Send account emails (password reset, optional Pro reminders) when you enable them
  • Process subscriptions and enforce plan limits
  • Maintain security, prevent abuse, and improve reliability

We do not sell your personal information.

Third-party service providers

We share data with processors that help us run LeanOut, only as needed to provide the service:

  • MongoDB Atlas — database hosting (account and activity data)
  • Vercel — application hosting and file storage for progress photos
  • Anthropic — AI Coach chat (conversation content and profile context)
  • OpenAI — meal plans, food recognition, and some workout generation
  • Stripe — subscription billing (when Pro is enabled)
  • Google — optional OAuth sign-in
  • Resend — transactional email delivery
  • USDA FoodData Central / Open Food Facts — barcode and food search lookups

Each provider processes data under its own privacy terms. We select providers with appropriate security practices and limit the data sent to what is required for each feature.

Data retention

We retain your account data while your account is active. You may export your data at any time from Settings. If you delete your account (contact us), we will delete or anonymize personal data within a reasonable period, except where retention is required for legal or security purposes.

Your rights and choices

  • Access and export — download a JSON export of your data from Settings
  • Correction — update profile and log entries in the app
  • Deletion — email contact@leanout.ai to request account deletion
  • Health sync — revoke Apple Health or Health Connect permissions in your device settings at any time

Depending on where you live, you may have additional rights under GDPR, CCPA, or similar laws. Contact us to exercise them.

Security

Passwords are hashed before storage. Traffic is served over HTTPS. API routes require authentication and scope data to your user account. No method of transmission or storage is 100% secure; we work to protect your data with industry-standard practices.

Children

LeanOut is not directed at children under 13 (or 16 in the EU). We do not knowingly collect data from children. Contact us if you believe a child has provided personal information.

International transfers

Our infrastructure and providers may process data in the United States and other countries. By using LeanOut, you acknowledge that your data may be transferred to jurisdictions with different data-protection laws.

Changes

We may update this policy as features evolve. Material changes will be reflected by updating the date at the top of this page. Continued use after changes constitutes acceptance of the updated policy.

Contact

Privacy questions or requests: contact@leanout.ai

Questions? contact@leanout.ai