Privacy Policy

1. Introduction

Welcome to CalorieTaker ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the "App").

2. Information We Collect

2.1 Personal Information

• Account Information: Email address, name (when provided)
• Authentication Data: Google OAuth tokens (managed securely by Google)
• Subscription Data: Payment information, billing history (processed by RevenueCat/Google Play)
• Usage Data: App usage patterns, features accessed

2.2 Food and Health Data

• Meal Records: Food items, calorie counts, nutritional information
• Food Photos: Images uploaded for AI analysis. Images are stored in our Supabase Storage for historical access and data exports. Images are removed when you delete your account or as specified in our retention policy.
• Weight Tracking: Weight entries and trends (optional)
• Achievements: Progress tracking and milestone data

2.3 AI Analysis Data

• Image Processing: Food photos sent to AI services (Gemini, Claude, OpenAI, Grok) for analysis
• Analysis Results: Nutritional data returned from AI providers
• Usage Metrics: AI service usage for billing purposes

2.4 Device Information

• Device Details: Device type, operating system, app version
• Camera Access: Food photos for meal logging
• Storage Access: Local data storage for offline functionality

2.5 Automatically Collected Information

• Log Data: App crashes, performance metrics (for improvement)
• Analytics: Anonymous usage statistics

3. How We Use Your Information

3.1 Core Functionality

• Provide calorie tracking and AI-based nutritional analysis
• Store and display your food history and meal records
• Generate personalized insights and nutrition trends
• Enable offline functionality and data sync

3.2 Authentication & Security

• Verify user identity through Google Sign-In
• Secure your account and data with encryption
• Prevent unauthorized access and fraud

3.3 App Improvement

• Analyze usage patterns to improve features
• Fix bugs and optimize performance
• Develop new features based on user feedback

3.4 Communication

• Send you important account notifications
• Respond to your inquiries and support requests
• Notify you of policy changes

4. Data Sharing

We do not sell your personal information. We may share data only in these limited cases:

4.1 Service Providers

• AI Providers: Gemini, Claude, OpenAI, Grok (for food analysis)
• Payment Processors: RevenueCat, Google Play (subscription management)
• Cloud Storage: Supabase (data storage)
• Authentication: Google (account verification)

4.2 Legal Requirements

We may disclose information if required by law or if we believe in good faith that such disclosure is necessary to:

• Comply with applicable laws or court orders
• Protect our legal rights and your safety
• Prevent fraud or security breaches

5. Data Retention

We retain your data for as long as your account is active. When you delete your account:

• All meal records, photos, and personal data are permanently deleted
• Subscription information is removed from our active systems
• We comply with GDPR's "Right to Erasure"

6. Security

We employ industry-standard security measures including:

• Encrypted data transmission (HTTPS/TLS)
• Secure database storage with access controls
• Regular security audits and penetration testing
• Secure authentication with OAuth 2.0

7. Your Rights

You have the right to:

• Access: Request a copy of your data
• Delete: Delete your account and all associated data
• Correct: Update inaccurate information
• Export: Download your data in standard formats
• Opt-out: Disable analytics and non-essential tracking

8. Third-Party Services

CalorieTaker integrates with third-party services. Please review their privacy policies:

• Google (Authentication, Firebase Analytics, AdMob): Google Privacy Policy
• Meta / Facebook (AppEvents): Facebook / Meta Privacy Policy
• Supabase (Storage): Supabase Privacy Policy
• RevenueCat (Subscriptions): RevenueCat Privacy Policy

Note: Analytics and advertising providers such as Firebase, Facebook AppEvents and Google Mobile Ads may collect event-level data, device identifiers and advertising identifiers to enable analytics, conversion measurement and ad personalization. Review provider privacy pages for details and opt-out instructions.

9. Integrations & Sensitive Data

Some integrations (for example, Google Fit and AI features) require your explicit consent. When you enable these integrations we will share only the minimal data necessary to provide the feature, and you can disconnect or revoke access at any time through the App or by managing connected services in your account settings. Please review third‑party provider policies before enabling integrations.

10. GDPR & CCPA Compliance

If you are in the EU (GDPR) or California (CCPA), you have additional rights including data portability, right to know, and deletion. Contact us to exercise these rights.

10. Children's Privacy

CalorieTaker is not intended for users under 13. We do not knowingly collect information from children. If we discover we have collected data from a child, we will delete it immediately.

11. Contact Us

For privacy concerns or data requests, please contact us:

• Email: info@calorietaker.com
• Address: Via email

12. Policy Changes

We may update this Privacy Policy from time to time. We will notify you of significant changes via in-app notification or email. Your continued use of the app constitutes acceptance of the updated policy.