Legal
Privacy
Last updated: May 2026
Data we collect
LeanBody runs without a server-side database, account system, or persistent user identifier. The data we collect is the minimum required to perform an analysis: your self-reported sex, height, weight, age, and four photographs. None of it is associated with an account or stored beyond the duration of the scan.
Photographs
Photographs are uploaded to ephemeral blob storage so the vision model can analyse them. The moment your results render, the blobs are deleted by the same client that uploaded them. We do not view, retain, or transmit your photographs to any third party other than the model provider for the duration of the analysis.
Results
Your numerical results — body fat percentage, lean mass, FFMI, and so on — are written to your browser's localStorage and nowhere else. There is no server-side copy. After 48 hours an expiry timestamp clears them automatically. To keep a permanent record, save the shareable plate as an image during that window.
Payments
Payments are processed by Stripe, a PCI-compliant payment processor. Card details are entered directly into Stripe's hosted elements and never touch our servers. We retain the Stripe payment intent ID for refund processing only — no card numbers, expiry dates, or CVCs are stored on our infrastructure.
Cookies and tracking
We use Vercel Analytics to record anonymised page-view counts for capacity planning. No personal identifiers, advertising IDs, or cross-site cookies are set. We do not run advertising trackers, third-party pixel trackers, or behavioural-analytics SDKs.
Your rights
Because we hold no persistent user data, there is functionally nothing to delete or export on request. If you have made a payment and wish to delete the Stripe payment record, email the address below and we will process the request within seven days.
Contact
For privacy questions, refund requests, or any concern about data handling, write to hello@leanbody.io. We aim to respond within two business days.