PRIVACY POLICY FOR KCAL AI

Effective Date: January 27, 2025
Last Updated: January 27, 2025

INTRODUCTION

KCal AI ("we," "our," or "us") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application KCal AI (the "App") and related services.

By using KCal AI, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our App.

INFORMATION WE COLLECT

Personal Information

We collect the following personal information when you use our App:

Account Information:

Name and email address (when you create an account)
Account preferences and settings
Authentication data (through Apple Sign-In, Google Sign-In, or email registration)

Profile Information:

Birth date and age
Gender
Height and weight measurements
Target weight and fitness goals
Activity level and workout frequency
Dietary preferences and restrictions
Wellness goals and health challenges

Health and Fitness Data:

Nutrition intake (calories, macronutrients, vitamins, minerals)
Meal logs and food consumption records
Water intake tracking
Weight measurements over time
Exercise activities and calories burned
Sleep patterns (if shared from Apple Health)
Heart rate data (if shared from Apple Health)
Step count and distance walked/run (if shared from Apple Health)

Apple Health Integration

With your explicit permission, KCal AI integrates with Apple Health to:

Read from Apple Health:

Body weight and height measurements
Active and basal energy burned
Heart rate data
Step count and walking/running distance
Workout and exercise data
Sleep analysis data

Write to Apple Health:

Nutritional information (calories, protein, carbohydrates, fats, fiber, sugar, sodium)
Water intake data
Body weight measurements (when you log them in our app)

Camera and Photos

Camera Access: We access your device camera to scan food barcodes and capture meal photos for AI-powered nutrition analysis
Photo Library Access: We access your photo library so you can select existing meal photos for nutrition analysis
Photo Processing: Meal photos are processed using AI technology to identify foods and estimate nutritional content

Device and Usage Information

Device Information: Device type, operating system version, unique device identifiers
App Usage Data: Features used, session duration, app crashes, performance metrics
Location Data: We do NOT collect or store location data

HOW WE USE YOUR INFORMATION

We use the collected information for the following purposes:

Core App Functionality

Provide personalized nutrition recommendations and meal planning
Track your progress toward health and fitness goals
Generate AI-powered nutrition analysis from food photos
Sync data with Apple Health (with your permission)
Maintain your account and app preferences

Personalization and Insights

Create customized meal plans based on your dietary preferences
Provide personalized nutrition insights and recommendations
Calculate and display health scores and progress metrics
Suggest recipes and foods that align with your goals

App Improvement and Analytics

Analyze app usage patterns to improve functionality
Monitor app performance and fix technical issues
Develop new features based on user needs
Conduct research to enhance nutrition tracking accuracy

Communication

Send important account notifications and updates
Provide customer support and respond to your inquiries
Send promotional content (only with your consent)

THIRD-PARTY SERVICES AND DATA SHARING

Third-Party Service Providers

We work with the following third-party services to provide our App functionality:

Supabase (Backend Services)

Purpose: Database storage, user authentication, app backend services
Data Shared: Account information, health data, usage analytics
Privacy Policy: https://supabase.com/privacy
Location: Data may be stored in servers located globally

OpenAI (Artificial Intelligence)

Purpose: AI-powered food recognition and nutrition analysis
Data Shared: Food photos, meal descriptions (no personal identifiers)
Privacy Policy: https://openai.com/privacy/
Data Processing: Photos are processed to identify foods and estimate nutrition; personal information is not included

FatSecret Platform (Nutrition Database)

Purpose: Food barcode scanning and nutrition data lookup
Data Shared: Barcode numbers and food identifiers (no personal information)
Privacy Policy: https://platform.fatsecret.com/api/Default.aspx?screen=privacy
Data Processing: Only food identification data is shared, not personal information

USDA FoodData (Nutrition Database)

Purpose: Official nutrition information for foods
Data Shared: Food search queries (no personal information)
Privacy Policy: https://www.usda.gov/privacy-policy
Data Processing: Only food lookup requests are made, no personal data is transmitted

Apple Services

Apple Sign-In: For secure account creation and authentication
Apple Health: For health data integration (requires explicit user permission)
App Store: For subscription and payment processing
Push Notifications: For app notifications and reminders
Privacy Policy: https://www.apple.com/privacy/

Google Services

Google Sign-In: For account creation and authentication
Privacy Policy: https://policies.google.com/privacy

Data Sharing Principles

No Sale of Data: We do not sell, rent, or trade your personal information to third parties
Service Providers Only: Third parties only receive data necessary to provide specific services
Security Requirements: All third-party providers must maintain appropriate security measures
Limited Purpose: Third parties may only use your data for the specific purposes outlined above

DATA SECURITY

We implement appropriate technical and organizational security measures to protect your personal information:

Security Measures

Encryption: Data is encrypted in transit and at rest using industry-standard encryption
Authentication: Secure authentication mechanisms for all data access
Access Controls: Strict access controls limiting who can access your data
Regular Updates: Security measures are regularly reviewed and updated
Device Security: Data stored locally on your device is protected by your device's security features

Data Retention

Account Data: Retained while your account is active and for a reasonable period after account deletion
Health Data: Retained as long as necessary to provide services and comply with legal requirements
Usage Analytics: Aggregated and anonymized usage data may be retained indefinitely for app improvement
Photos: Meal photos are processed for nutrition analysis and then deleted; we do not permanently store your photos

YOUR PRIVACY RIGHTS AND CHOICES

Access and Control

Data Access: You can access your personal data through the app's settings and profile sections
Data Export: You can export your data using the app's data export feature
Account Deletion: You can delete your account and associated data through the app settings
Health Data Control: You can revoke Apple Health permissions at any time through iOS Settings

Communication Preferences

Notifications: You can control notification settings in the app and device settings
Marketing Communications: You can opt out of promotional communications at any time

Apple Health Permissions

Granular Control: You can grant or revoke specific health data permissions through iOS Settings > Privacy & Security > Health
Continuous Control: You can modify health data permissions at any time without affecting other app functionality

CHILDREN'S PRIVACY

KCal AI is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

INTERNATIONAL DATA TRANSFERS

Your information may be transferred to and processed in countries other than your own. These countries may have different data protection laws. When we transfer your information internationally, we ensure appropriate safeguards are in place to protect your data.

CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. We will notify you of any changes by:

Posting the new Privacy Policy in the app
Updating the "Last Updated" date at the top of this policy
Sending you a notification if the changes are significant

Your continued use of the App after any changes constitutes your acceptance of the new Privacy Policy.

CALIFORNIA PRIVACY RIGHTS

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to Know

You have the right to request information about:

Categories of personal information we collect
Categories of sources from which we collect personal information
Business purposes for collecting personal information
Categories of third parties with whom we share personal information

Right to Delete

You have the right to request deletion of your personal information, subject to certain exceptions.

Right to Opt-Out

You have the right to opt-out of the sale of your personal information. Note: We do not sell personal information.

Non-Discrimination

We will not discriminate against you for exercising your privacy rights.

To exercise these rights, contact us using the information provided below.

GDPR RIGHTS (European Union)

If you are in the European Union, you have additional rights under the General Data Protection Regulation (GDPR):

Right of Access: Request access to your personal data
Right to Rectification: Request correction of inaccurate personal data
Right to Erasure: Request deletion of your personal data
Right to Restrict Processing: Request limitation of processing of your personal data
Right to Data Portability: Request transfer of your personal data
Right to Object: Object to processing of your personal data
Right to Withdraw Consent: Withdraw consent at any time (where processing is based on consent)

DATA BREACH NOTIFICATION

In the event of a data breach that affects your personal information, we will:

Notify affected users within 72 hours of discovering the breach
Provide clear information about what happened and what data was affected
Explain the steps we are taking to address the breach
Offer guidance on steps you can take to protect yourself

CONTACT US

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Email: privacy@kcal-ai.com
Website: https://kcal-ai.com/privacy
Mailing Address:
KCal AI Privacy Team
[Your Company Address]
[City, State, ZIP Code]
[Country]

For specific privacy requests (data access, deletion, etc.), please use the subject line "Privacy Request" in your email.

COMPLIANCE AND CERTIFICATIONS

KCal AI is committed to compliance with applicable privacy laws and regulations, including:

Apple App Store Review Guidelines
California Consumer Privacy Act (CCPA)
General Data Protection Regulation (GDPR)
Health Insurance Portability and Accountability Act (HIPAA) principles for health data protection

This Privacy Policy is designed to be transparent and comprehensive. We encourage you to review it carefully and contact us with any questions or concerns.