Public Policy Draft
This draft describes the data LisheBora expects to handle across the mobile app, website, and planned admin console. Legal and project review should happen before launch.
LisheBora may collect account details, profile information such as age, height, weight, dietary preferences, health goals, scan history, product barcodes, product images, OCR results, KNPM classifications, and recommendation activity.
We use this information to provide scan results, keep a useful scan history, personalize nutrition summaries, improve product matching, detect missing products, and support research or reporting using appropriate safeguards.
Images uploaded for scanning may be stored so users can review scan history and so administrators can investigate incomplete OCR, missing barcodes, or product reference gaps.
The planned admin console should be restricted to authorized staff. Admin users should only access data needed for support, data quality, monitoring, and approved reporting work.
The production build should use HTTPS, authenticated admin access, role-based permissions, audit logs, and export controls before any sensitive user or scan data is published or shared.
For privacy or data questions, contact the LisheBora team through APHRC support channels. This policy should be reviewed by the project owner before public launch.