Privacy Policy

Last updated: July 2026

1. Who we are

MyMealMaker is a tool for qualified dietitians and dietitian-nutritionists. It is published by Lucas Souleyrasse, self-employed (secondary activity), based in Belgium.

Contact: team@mymealmaker.com

2. Processing roles

MyMealMaker processes two categories of data in distinct roles:

  • Professional data (account, subscription): MyMealMaker is the data controller
  • Patient data (entered by the professional): MyMealMaker is a data processor under Art. 28 GDPR, the professional remains the data controller for their patients' data

3. Data we collect

We collect the following data:

Account creation

  • Email address (required)
  • Password (stored hashed, never in plain text)
  • First and last name
  • Professional role (dietitian, dietitian-nutritionist, other)
  • Country

Service usage

  • Patient data entered by the professional (name, goals, preferences, dietary restrictions)
  • Generated meal plans and their history
  • Referral program: referral code, referrer-referee relationship (the referrer sees their referees' first name, last name initial, subscription status and related commissions) and commission history

Browsing data (anonymous)

  • Pages visited, visit duration, traffic source, via Umami Analytics
  • No personal data collected, no cookies set

3. Legal basis for processing

  • Performance of a contract (Art. 6.1.b GDPR), for data necessary to provide the service (account, meal plans, patient management)
  • Legitimate interest (Art. 6.1.f GDPR), for product improvement and communication about service updates

For marketing communications, you may unsubscribe at any time via the link in any email or by contacting us at team@mymealmaker.com.

4. Purposes of processing

Your data is used to:

  • Provide and operate the MyMealMaker service
  • Manage your account and authenticate you
  • Keep you informed of updates and new features
  • Improve the product (aggregated, anonymised usage analysis)

We do not sell or rent your data to any third parties.

5. Data retention

Your data is retained for 3 years from your last activity, or until account deletion. When you delete your account (via the app or upon request), all your data is permanently deleted within 30 days.

6. Data recipients

Your data may be shared with the following processors, strictly within the scope described above:

  • Scaleway (data hosting), France, EU
  • Auth0 by Okta (authentication and account management), EU servers; Auth0 processes login credentials (email, hashed password) to secure access to the service
  • Stripe (processing of payments between professionals and patients, subscriptions and referral program payouts), Stripe collects and processes payment data under its own privacy policy; MyMealMaker does not store any banking data
  • Umami Analytics (anonymous audience measurement), non-personal data only

Hosting and authentication are carried out within the European Union. Stripe may process certain data in third countries under its own safeguards (European Commission standard contractual clauses).

7. Your rights

Under the GDPR (EU Regulation 2016/679), you have the following rights:

  • Right of access, obtain a copy of your data
  • Right of rectification, correct inaccurate data
  • Right of erasure, request deletion of your data (effective deletion within 30 days, directly from the app or by email request)
  • Right to data portability, receive your data in a structured format
  • Right to object, object to a processing activity
  • Right to restriction, temporarily limit a processing activity
  • Right to withdraw consent, at any time, without affecting prior processing

To exercise any of these rights, contact us at: team@mymealmaker.com. We commit to responding within one month.

8. Right to lodge a complaint

If you believe your rights are not being respected, you have the right to lodge a complaint with the Data Protection Authority (APD/GBA), the Belgian supervisory authority:

Rue de la Presse 35, 1000 Brussels, Belgium
Website: dataprotectionauthority.be
Email: contact@apd-gba.be

9. Security

We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss or disclosure. Data is hosted on secure servers in Europe.

10. Google Calendar Integration

MyMealMaker offers an optional integration with Google Calendar. If you choose to connect your Google account, we access the following data via the Google Calendar API:

  • Reading and creating events in your Google calendars, in order to synchronise appointments with your patients
  • List of your available calendars, so you can choose which one to save appointments to

This Google data is used solely to display and create appointments within MyMealMaker. It is not stored permanently on our servers, not shared with third parties, and not used for advertising or analytics purposes.

You can revoke MyMealMaker's access to your Google account at any time from your Google account settings: myaccount.google.com/permissions.

The use of data obtained from the Google API complies with the Google API Services User Data Policy, including the Limited Use requirements.

11. Cookies

This site uses no tracking or advertising cookies. The Umami Analytics tool operates without cookies and collects no personally identifiable data. No consent is required.