Last updated: May 23, 2026

Privacy Policy

Plain-English version: we collect what's needed to make Sando work, we don't sell your data, and you can delete it at any time.

Contents
  1. Who we are
  2. What we collect
  3. Why we collect it
  4. AI-powered features
  5. Third parties
  6. Cookies & website analytics
  7. Your privacy in the social feed
  8. Your rights
  9. Retention & deletion
  10. Security
  11. Children
  12. International transfers
  13. Changes
  14. Contact us

1. Who we are

Sando is operated by Bamboo Digital inc., a Québec, Canada company. We are the controller of your personal information under Québec's Act respecting the protection of personal information in the private sector (commonly known as Law 25 / Loi 25) and Canada's PIPEDA.

Our Privacy Officer can be reached at privacy@getsando.com.

2. What we collect

You give us

We collect automatically

From third parties (only if you opt in)

3. Why we collect it

We do not sell your personal information. We do not run third-party advertising in Sando.

4. AI-powered features

Sando uses third-party AI services to power specific features. When you use these features, limited content is sent to the provider listed below. We never send your name, email address, account credentials, or health profile data.

Provider Operated by What we send Why
Google Gemini Google LLC Food entry text, food photos, and metadata To sort and structure your food log, and to recognize food in photos
Perplexity Perplexity AI, Inc. Food descriptions you submit (e.g. "two eggs and toast") To return nutrition estimates
Groq (Whisper) Groq, Inc. Voice recordings during voice logging To transcribe speech to text

Each provider acts as a data processor on Sando's behalf under their respective enterprise data processing terms. They do not use the data we send to train their AI models, and they do not sell or share it with other parties. Sando determines the purpose and means of processing and retains full control over your data.

You must give explicit in-app consent before any data is sent to these AI providers. You can revoke this consent at any time in Settings → Nutrition → AI features. If revoked, AI-powered features are disabled until you re-enable them.

Photos are not stored on our servers beyond what is needed to produce the result. Once the macros are returned, the photo is discarded unless you have explicitly saved it to your meal log.

5. Third parties we share with

We use the following processors. Each has a contractual obligation to handle your data only for the purpose we hired them for:

We may also share information if required by law, to protect rights and safety, or in connection with a business transfer (e.g. acquisition), in which case we'll notify you.

6. Cookies & website analytics

This website (getsando.com) uses cookies and similar technologies for two purposes: product analytics (Mixpanel and Google Analytics 4) and advertising measurement (the Meta Pixel, including its server-side Conversions API).

These technologies load only after you accept them in the consent banner shown on your first visit. If you decline, none of these cookies or trackers are set and no analytics or advertising data is collected. You can change your choice at any time by reopening the cookie banner.

Each provider processes the data it receives under its own privacy policy: Mixpanel, Google Analytics, and Meta. This section concerns the marketing website only; analytics inside the Sando app are covered in Section 2.

7. Your privacy in the social feed

Sando's social feed uses a two-layer privacy model. Both layers apply together, and the stricter one always wins.

Layer 1 - Account-level privacy (Instagram-style)

Layer 2 - Per-workout privacy

On top of your account-level setting, every individual workout has its own privacy setting: public, friends, or private.

What this means in practice: you can have a fully public profile and still keep specific workouts (say, a deload week or a session you're not proud of) entirely private. Conversely, a workout you mark public on a private profile is still only seen by your approved followers, because the account-level setting still gates who can see anything from you.

You choose what to share. Workouts, weight milestones, and PRs are never posted automatically.

8. Your rights

Under Law 25, PIPEDA, and (if applicable) GDPR, you have the right to:

To exercise any of these rights, email privacy@getsando.com. We respond within 30 days.

9. Retention & deletion

We keep your data for as long as your account is active. If you delete your account, we delete your personal data within 30 days, except where we are legally required to keep specific records (e.g. tax records for purchases).

You can delete your account from Settings → Account → Delete account in the app, or by emailing us.

10. Security

Data is encrypted in transit (TLS) and at rest on our infrastructure. Passwords are hashed; we never see your plain-text password. Access to production systems is restricted to a small number of engineers and is audit-logged.

No system is perfectly secure. If we ever experience a privacy incident that creates a risk of serious harm to you, we will notify you and the CAI as required by Law 25.

11. Children

Sando is not directed at children under 13 (or under 14 in Québec under Law 25's stricter consent threshold). We do not knowingly collect personal information from children. If you believe a child has created an account, contact us and we will delete it.

12. International transfers

Several of our processors (Supabase, Google, Apple, Perplexity, Mixpanel, Sentry, RevenueCat) operate infrastructure outside Québec, including in the United States and the European Union. By using Sando, you understand your data may be processed in those jurisdictions under contractual safeguards that meet the requirements of Law 25.

13. Changes to this policy

We may update this Privacy Policy from time to time. We'll change the "Last updated" date at the top, and for material changes we'll notify you in-app before they take effect.

14. Contact us

Privacy Officer
Bamboo Digital inc.
Québec, Canada
Email: privacy@getsando.com
Web: getsando.com/contact