Is SoyPre really independent?

Yes! We don't accept paid placements or sponsored recommendations. Our goal is to provide honest, unbiased information to help you make better food choices.

How accurate is the nutritional information?

We maintain a 98.5% accuracy rate by using AI-powered analysis combined with verified databases from official sources and user contributions.

Will my data be shared or sold?

Never. Your privacy is our priority. We don't sell or share your personal data with third parties. Your information stays yours.

When will the app be available?

We're currently in beta testing with a limited group. Sign up for early access to be notified when we launch publicly!

What makes SoyPre different from other food scanning apps?

SoyPre is 100% independent with no ads, no paid placements, and complete transparency. We use advanced AI to provide personalized recommendations based on your health needs, whether you're pregnant, managing allergies, following a vegan diet, or tracking fitness goals.

Does SoyPre work for people with food allergies?

Absolutely! SoyPre instantly detects allergens in products and highlights them clearly. You can set your specific allergies in the app, and we'll alert you immediately if a scanned product contains any ingredients you need to avoid.

SoyPre - Food Scanner & Nutrition App for Healthier Choices

Our Commitment to Security

At SoyPre, security is fundamental to everything we do. We understand that you trust us with your personal health data, and we take that responsibility seriously. Our security practices are designed to protect your information while maintaining the transparency and independence that define our mission.

Data Security

Encryption

In Transit: All data transmitted between your device and our servers is encrypted using TLS 1.3
At Rest: All stored data is encrypted using AES-256 encryption
End-to-End: Sensitive health data is encrypted on your device before transmission

Infrastructure Security

Cloud Provider: Cloudflare Workers (globally distributed edge network) and enterprise-grade database hosting in Asia
Data Centers: Multi-region infrastructure with physical security controls and redundancy
Network Security: Cloudflare's DDoS protection, Web Application Firewall (WAF), and intrusion detection
Access Control: Multi-factor authentication and principle of least privilege for all team access

Application Security

Code Reviews: All code changes undergo security-focused peer review
Dependency Scanning: Automated scanning for vulnerable dependencies
Penetration Testing: Annual third-party security audits
Secure Development: OWASP Top 10 guidelines integrated into our development process

Mobile App Security

Secure Storage: Sensitive data stored in iOS Keychain and Android Keystore
Certificate Pinning: Protection against man-in-the-middle attacks
Biometric Authentication: Optional Face ID, Touch ID, and fingerprint support
No Screenshots: Sensitive screens are protected from screenshots and screen recording
App Store Security: Apps distributed only through official Apple App Store and Google Play Store
Code Obfuscation: Protection against reverse engineering

Privacy by Design

Data Minimization: We only collect data necessary for app functionality
No Tracking: We don't use third-party analytics or advertising trackers
No Data Selling: We never sell or share your data with third parties
Local Processing: Product analysis happens on-device when possible
Anonymization: Aggregate data is fully anonymized before any research use

Compliance & Certifications

GDPR: Full compliance with EU General Data Protection Regulation
CCPA: Compliant with California Consumer Privacy Act
ISO 27001: Information security management certification (in progress)
App Store Guidelines: Compliant with Apple and Google privacy requirements

Incident Response

We have a comprehensive incident response plan in place:

24/7 Monitoring: Automated alerts for suspicious activity
Rapid Response: Dedicated security team available to respond immediately
User Notification: We will notify affected users within 72 hours of any data breach
Transparency: Public disclosure of security incidents on our security page
Post-Mortem: Detailed analysis and preventive measures after any incident

Responsible Disclosure

We appreciate the security research community's efforts to help keep SoyPre secure. If you discover a security vulnerability, please report it responsibly:

How to Report

Send details to security@soypre.com with:

Description of the vulnerability
Steps to reproduce the issue
Potential impact assessment
Your contact information (optional, for updates)

Our Commitment to Researchers

Acknowledgment: We'll respond within 48 hours
Updates: Regular status updates on the fix timeline
Credit: Public acknowledgment (if desired) after issue resolution
No Legal Action: We won't pursue legal action against good-faith security research

Safe Harbor

When conducting security research according to this policy, we consider your actions authorized and will not pursue legal action. We ask that you:

Make every effort to avoid privacy violations and data destruction
Do not exploit the vulnerability beyond what's necessary to demonstrate it
Give us reasonable time to fix the issue before public disclosure
Do not access or modify other users' data

Third-Party Services

We carefully vet all third-party services we use:

Cloud Infrastructure: Enterprise-grade providers with strong security track records
Security Audits: All vendors must demonstrate compliance with security standards
Data Processing Agreements: GDPR-compliant contracts with all data processors
Minimal Integration: We use third-party services only when essential

Important: We do not use third-party analytics, advertising networks, or tracking services.

Employee Security

Background Checks: All employees undergo security screening
Security Training: Regular security awareness training for all team members
Access Controls: Role-based access with regular audits
Device Security: Company devices with full-disk encryption and remote wipe capability
Confidentiality: All employees sign NDAs and data protection agreements

Questions?

If you have questions about our security practices, please contact our security team:

Email: security@soypre.com

Security at SoyPre