Skip to content
HealthchartHealthchartKuwait
WhatsApp

Privacy Policy

Effective 11 May 2026

This Privacy Policy explains what personal information HealthchartKW collects when you use our website, app, or order a meal subscription, why we collect it, how we protect it, and the choices you have. We are based in Kuwait and operate the brand Healthchart at healthchartkw.com.

1. Information we collect

We collect only the information we need to run a subscription meal service:

  • Account identity: your full name (in English and/or Arabic), email address or Kuwait mobile number (+965, 8 digits), and a password (if you sign up by email). Sign-in by phone uses a one-time WhatsApp code; we never see your password if you use the phone channel.
  • Profile preferences (optional): preferred language, height, weight, allergies, foods you dislike, and special-diet flags. These are used to filter meals and to avoid recommending ingredients you cannot or do not want to eat. You can edit or remove them at any time from your account profile.
  • Delivery addresses: block, street, jedha (avenue), building, floor, apartment number, and any free-text notes you provide.
  • Order activity: subscriptions you create, meals you select or swap, delivery records (date, status, failure reason if any), pauses/freezes/skips, meal ratings, and any support messages you send us.
  • Payment records: invoice number, amount in KWD, payment status, and a reference to the transaction at our payment gateway. We do not store your card number, expiry, or CVV.Those are entered directly on the payment gateway's hosted checkout and never reach our servers.
  • Technical data: a session cookie issued by our authentication provider so you stay signed in, plus the standard server logs (IP, browser type, timestamps) needed to operate the site securely.

We do not currently run advertising trackers, analytics pixels, or marketing cookies. If we add any in the future we will update this page and ask for your consent where required.

2. Why we collect it (lawful basis)

  • To perform our contract with you: deliver meals to your address, process payments, honour pause/freeze/skip requests, issue refunds, and respond to support tickets.
  • To keep you safe: filter meals against your declared allergies and dislikes so the kitchen never sends you an ingredient you have flagged.
  • To meet our legal and accounting obligations: keep payment, tax, and accounting records for the periods required under Kuwaiti law.
  • With your consent: to send you marketing messages, loyalty offers, or surveys. You can withdraw consent at any time without affecting the meal service.

3. Who can see your information

Access inside Healthchart is permission-gated. Each member of staff only sees the data their role needs:

  • Kitchen staff and chefs see what to cook each day, your allergies and dislikes, and the portion sizes for your meals: they do not see your phone, address, or payment details.
  • Delivery driverssee your name, the delivery address for today's stop, and a contact number: they do not see your email, payment, or order history beyond the current day.
  • Support and operations staff see your profile, subscription, and order history so they can resolve issues you raise.
  • Accountants see payment, refund, and aggregated profitability data.
  • The CEO grants and revokes these permissions. Sensitive changes are written to an audit log.

4. Service providers we share data with

We use the following providers to run the service. Each is bound by its own privacy terms; we share with them only what they need:

  • Database, authentication, and file storage: hosts your account, subscription, profile, address, and meal data.
  • Web hosting: serves our website and runs our serverless functions.
  • Payment gateway: a Kuwait-licensed payment gateway processes your KNET, Visa, Mastercard, or Apple Pay transaction. The gateway receives your name, the amount in KWD, an invoice reference, and the card details you enter on its hosted page. The gateway's own privacy notice applies to the card data it handles.
  • Messaging provider: sends the one-time verification codes, order updates, and (with your consent) marketing messages we deliver over WhatsApp or SMS. The provider receives your phone number and the message text.

We do not sell your personal information, and we do not share it with advertisers or data brokers.

4a. Marketing communications

With your consent, we may send you promotional content, new-menu announcements, and special-offer messages through:

  • WhatsApp: directly from our business number.
  • Instagram, Snapchat, and TikTok: through our official accounts (direct messages, story mentions, posts, and account-to-account communication).

We do not currently share your contact details with these platforms for advertising purposes, and we do not run ad-targeting pixels on our website. You can withdraw marketing consent at any time without affecting the meal service. Transactional messages (order updates, delivery confirmations, OTP codes) are sent regardless of marketing consent because they are necessary to operate your subscription.

4b. Customer stories and social-media features

We sometimes feature customer experiences on our Instagram, Snapchat, TikTok, and WhatsApp channels (for example, a meal photo, a quote, or a transformation story). We will only do this with your prior written consentfor the specific content being shared. If you later want a previously consented post taken down, contact us and we will remove it from our channels (the platforms' own caches and re-shares by other users are outside our control).

5. Where your data is stored

Healthchart is a Kuwait business serving Kuwait customers. Our database, authentication, and file storage are operated on managed cloud infrastructure located in the European Union (Ireland) region. The European Union has comprehensive data-protection laws (the GDPR), and the safeguards required by those laws: encryption in transit and at rest, contractual processing terms, restricted internal access, and breach-notification obligations: apply to your information automatically while it is stored there. If Kuwaiti data-residency rules change, we will revisit this arrangement.

Operational server logs (request timestamps, IP addresses, technical errors) are retained for a short period: typically up to 7 days: by our hosting providers and then deleted automatically.

6. Cookies

We use one functional cookie: a session token from our authentication provider so you stay signed in across page loads. It is essential to the service and cannot be turned off without signing out. We do not currently use advertising or analytics cookies.

6a. Scope of this policy and the mobile apps

This policy covers the Healthchart website and the data we collect when you use it. Native mobile apps for iOS and Android are under development; when they launch, any additional data they collect (for example, push-notification tokens for delivery reminders) will be disclosed at that time both in an updated version of this policy and in the App Store and Google Play data-collection labels.

7. How long we keep your data

  • Account profile: kept while your account is active. You can ask us to delete it at any time; we will remove or anonymise it within 30 days of your request, except for records we are legally required to keep (mostly payment and invoice records).
  • Payment, invoice, and refund records: kept for the period required by Kuwaiti tax and accounting law (currently five years).
  • Order and delivery records: kept while your account is active and for twelve months after the account is closed so we can resolve any historical dispute.
  • Marketing consent records: kept for the lifetime of your account so we always know what consent you gave (and when) before sending you anything.

8. Your rights

You can:

  • Access the personal information we hold about you: most of it is visible directly in your account profile, addresses, and order history.
  • Correct anything that is wrong. Edit it in the app, or contact us if you cannot.
  • Delete your account. Contact us and we will remove your profile and unrequired data within 30 days. We will retain only what we are required to keep (mainly payment and invoice records).
  • Withdraw consent for marketing messages at any time.
  • Complain to the Communication and Information Technology Regulatory Authority (CITRA) in Kuwait if you believe we are mishandling your data.

9. Security

We protect your data with HTTPS in transit, encryption at rest on our database, role- and row-level access controls so each staff member only sees what they should, and an audit log for sensitive admin actions. No service can promise perfect security; if a breach happens we will notify affected customers without undue delay.

10. Children and minors

Healthchart is a healthy meal subscription service, not an age-restricted product, and we do not set a hard minimum age on the service itself: the cardholder responsibility clause in our Terms covers payment authority. We do not market to children and we do not knowingly collect more information from a minor than the meal service itself requires. If you are a parent or guardian and you believe a child has created an account without your knowledge, contact us using the details in section 13 and we will remove the account and the associated information.

11. Disclosure to authorities

We may disclose personal information when we are required to do so by Kuwaiti law, a court order, or a binding request from a regulator or law-enforcement authority operating within their lawful jurisdiction. Where we are legally permitted to do so we will notify the affected customer. We disclose only what is specifically requested, and we keep a record of every such disclosure.

12. Changes to this policy

We may update this Privacy Policy as our service grows. When we make material changes we will revise the “Effective” date at the top and, where appropriate, notify you in-app or by message. Continued use of Healthchart after a change means you accept the updated policy. We do not maintain a public archive of past versions; if you need a copy of a previous version for a specific reason, contact us.

13. Contact us

For any privacy question or request, reach us on WhatsApp at +965 6682 6222, Instagram @healthchartkw, or through the contact page.