NourishWithMomina

Privacy Policy

Last updated: 13 June 2026

NourishWithMomina (“we”, “our”, “the service”) is operated by Momina Shehzadi, a licensed nutritionist based in Lahore, Pakistan. This policy explains what personal data we collect, how we use it, and your rights under applicable law — including Pakistan’s Prevention of Electronic Crimes Act 2016 (PECA) and, where applicable, the EU General Data Protection Regulation (GDPR).

1. Data we collect

Account data

When you register, we collect your name, email address, and a hashed password. If you sign in with Google, we receive your name and email from Google’s OAuth service; we do not receive or store your Google password.

Assessment & health data

The onboarding assessment collects health-related information including your age, weight, height, dietary preferences, allergies, activity level, and health goals. This data is used solely to generate your personalised nutrition plan. It is never sold or shared with third parties for marketing.

Food log & progress data

Meal scans, calorie logs, and weight entries you record in the app are stored to enable your coach to monitor your progress and adjust your plan. You can delete this data at any time from your account settings.

Payment data

We do not collect or store card numbers or financial credentials. Payment is processed manually via Easypaisa, JazzCash, or Wise. You upload a payment receipt as proof of transfer; we store this image to verify your subscription and for accounting records.

WhatsApp communication

If you contact us or receive coaching updates via WhatsApp, that communication is processed by Meta Platforms, Inc. under their privacy policy. We may retain copies of coaching messages on our end for service continuity.

Usage & analytics data

We use Google Analytics (GA4) to understand how visitors use the site. This collects anonymised usage data including pages viewed, session duration, and general location (country level). No personally identifiable information is shared with Google Analytics. You can opt out via your browser’s privacy settings or a browser extension.

2. How we use your data

  • To create and manage your account
  • To generate and deliver your personalised nutrition plan
  • To process and verify subscription payments
  • To communicate coaching updates and check-ins
  • To improve the service and fix technical issues
  • To comply with legal obligations under Pakistani and international law

We do not use your data for advertising, sell it to third parties, or share it with other organisations except as described in section 3.

3. Data sharing

We share data only in these limited circumstances:

  • Service providers: Our hosting provider (Vercel) and database provider process data on our behalf under data processing agreements.
  • Legal requirements: We may disclose data when required by Pakistani law, court order, or to protect the safety of users.
  • Business transfer: If the business is sold or transferred, user data may be included as part of that transaction. We will notify users in advance.

4. Data retention

We retain account data for as long as your account is active. Health and coaching data is retained for 2 years after your last active subscription to allow for continuity if you return. You may request deletion at any time (see section 6). Payment receipts are retained for 5 years for accounting and legal compliance.

5. Security

We use HTTPS encryption for all data in transit, bcrypt hashing for passwords, and access controls that limit staff access to personal data. Our web application implements a strict Content-Security-Policy, HSTS, and other security headers. Despite these measures, no system is 100% secure; we will notify you promptly if a breach affects your data.

6. Your rights

Depending on your location, you have the right to:

  • Access a copy of the data we hold about you
  • Correct inaccurate data
  • Request deletion of your account and associated data
  • Object to or restrict processing of your data
  • Data portability (receive your data in a machine-readable format)
  • Lodge a complaint with a supervisory authority (in Pakistan: the Federal Investigation Agency’s PECA wing; in the EU: your local data protection authority)

To exercise any of these rights, message us on WhatsApp at +92 307 472 2794 or email us. We will respond within 30 days.

7. Cookies

We use session cookies for authentication (to keep you logged in) and analytics cookies via Google Analytics. We do not use advertising cookies or cross-site tracking. You can disable cookies in your browser settings; doing so will prevent you from logging into the app.

8. Children

The service is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us data, please contact us and we will delete it promptly.

9. International transfers

Your data may be processed by Vercel (infrastructure) on servers in the United States. By using the service, you consent to this transfer. We ensure appropriate safeguards are in place.

10. Changes to this policy

We may update this policy from time to time. We will post the updated policy on this page with a revised “Last updated” date. For material changes, we will notify active subscribers via the app or WhatsApp.

11. Contact

For privacy-related questions, contact Momina Shehzadi on WhatsApp at +92 307 472 2794.