kCal AIkCal AI
Download on App StoreGet it on Google Play
๐Ÿ‡บ๐Ÿ‡ธ

Privacy Policy

Last updated: March 2026

1. Introduction

Welcome to kCal AI - AI Calorie Tracker ("we", "our", or "us"). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application available on iOS and Android platforms (the "App"). Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect several types of information to provide and improve our Service:

2.1 Personal Information You Provide

When you register or use the App, we may collect:

  • Account information: email address, display name, and profile photo (via Google Sign-In or Apple Sign-In)
  • Body measurements: height, weight (current and target), date of birth, gender
  • Dietary preferences, food allergies, and favorite cuisines
  • Health goals, activity level, and target timelines
  • Meal schedule preferences (breakfast, lunch, dinner times, snacking habits)

2.2 Health & Fitness Data

With your explicit permission, we access data from Apple HealthKit (iOS) or Google Health Connect (Android):

  • Daily step count
  • Sleep duration and quality data
  • Workout sessions (type, duration, calories burned)
  • Active energy burned

2.3 Usage & Device Data

We automatically collect:

  • Device information: device model, operating system version, unique device identifiers
  • Food logs, nutrition tracking data, water intake records, and weight history
  • App usage patterns, feature interactions, and crash reports (via Firebase)
  • Photos of meals captured through the camera or selected from your gallery for AI food analysis

2.4 Information We Do NOT Collect

  • We do NOT collect your precise GPS location data
  • We do NOT access your contacts or address book
  • We do NOT sell your personal information to third parties
  • We do NOT track your activity across other apps or websites

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Analyze food photos using AI (OpenAI GPT-4 Vision) to estimate nutritional content (calories, protein, carbs, fats)
  • Provide personalized nutrition recommendations, meal plans, and recipe suggestions based on your goals and preferences
  • Track and display your health progress including calorie intake, macronutrients, water consumption, weight changes, and fitness activity
  • Sync your data securely across devices when you sign in with your account
  • Send local notifications for meal reminders, water reminders, sleep/wakeup reminders, and weekly progress reports (based on your settings)
  • Improve our services, fix bugs, and develop new features through anonymized analytics
  • Respond to your support requests and communicate important updates
  • Display relevant advertisements (for non-premium users) via Google AdMob

4. AI-Powered Food Analysis

Our App uses OpenAI's GPT-4 Vision API to analyze food photos and text descriptions. When you scan a meal:

  • Your food photo is sent securely to OpenAI's servers for analysis
  • The image is processed to identify food items and estimate nutritional values
  • OpenAI does not use your images to train their models (per our API agreement)
  • Images are processed in real-time and are not permanently stored by OpenAI

For more information about how OpenAI handles data, please refer to OpenAI's Privacy Policy at openai.com/privacy.

5. Third-Party Services

We use the following third-party services, each with their own privacy policies:

  • Supabase โ€” Secure cloud database, user authentication, and file storage for meal images and user data
  • OpenAI โ€” AI-powered food recognition and nutritional analysis via GPT-4 Vision API
  • Firebase (Google) โ€” App analytics, crash reporting, and performance monitoring
  • Google AdMob โ€” Serving advertisements to non-premium users (may collect device identifiers and ad interaction data)
  • Apple HealthKit / Google Health Connect โ€” Reading health and fitness data (steps, sleep, workouts) with your explicit permission
  • Google Sign-In / Apple Sign-In โ€” Secure third-party authentication
  • Apple App Store / Google Play Store โ€” Processing in-app subscription payments

We encourage you to review the privacy policies of these third-party services.

6. Data Sharing & Disclosure

We do NOT sell your personal data. We may share your information only in the following circumstances:

  • With service providers (Supabase, OpenAI, Firebase) solely to operate and improve the App
  • When required by law, regulation, legal process, or governmental request
  • To protect the rights, safety, or property of our users or the public
  • With your explicit consent for any other purpose

7. Data Security

We implement industry-standard security measures to protect your personal information:

  • Data is encrypted in transit using TLS/SSL protocols
  • User data is stored securely on Supabase's cloud infrastructure with row-level security policies
  • Authentication is handled through secure OAuth 2.0 providers (Google, Apple)
  • Local data on your device is stored using encrypted Hive databases and SharedPreferences
  • Meal images are stored in secured Supabase Storage buckets with access controls

While we strive to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

8. Data Retention

We retain your data as follows:

  • Account data: Retained as long as your account is active
  • Food logs and nutrition data: Retained as long as your account is active for historical tracking
  • Health data (steps, sleep, workouts): Synced daily and retained for progress tracking
  • Analytics data: Retained in anonymized form for up to 24 months
  • Deleted accounts: Personal data is permanently removed within 30 days of account deletion

9. Camera & Photo Library Access

The App requests camera and photo library access solely for the purpose of food scanning:

  • Camera access is used to capture photos of meals for AI nutritional analysis
  • Photo library access allows you to select existing food photos for analysis
  • We do NOT access, browse, or upload any photos other than those you explicitly select or capture for food scanning
  • You can revoke camera or photo permissions at any time through your device Settings

10. Apple HealthKit & Google Health Connect

If you grant permission, the App reads health data to display your daily activity alongside nutrition tracking:

  • We only read health data types you explicitly authorize (steps, sleep, workouts, active energy)
  • We do not write any data to HealthKit or Health Connect
  • Health data is never shared with third parties, used for advertising, or sold
  • Health data may be synced to your secure account on Supabase for cross-device access
  • You can revoke health data permissions at any time from your device's Health settings

Our use of HealthKit and Health Connect data complies with Apple's and Google's respective developer guidelines.

11. Push Notifications

The App uses local notifications (not remote push) to send reminders you configure:

  • Meal logging reminders (breakfast, lunch, dinner)
  • Water intake reminders at intervals you set
  • Sleep and wakeup reminders
  • Weekly progress reports

You can customize or disable all notifications from the App settings or your device's notification settings.

12. Advertising

Non-premium users may see interstitial advertisements served by Google AdMob. AdMob may collect:

  • Device identifiers (IDFA on iOS, Advertising ID on Android)
  • Ad interaction data (views, clicks)
  • General device information

Premium subscribers do not see any advertisements. You can limit ad tracking through your device's privacy settings (iOS: Settings โ†’ Privacy โ†’ Tracking; Android: Settings โ†’ Privacy โ†’ Ads).

13. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right to Access โ€” Request a copy of the personal data we hold about you
  • Right to Rectification โ€” Request correction of inaccurate or incomplete data
  • Right to Deletion โ€” Request deletion of your account and all associated data via the App settings or by contacting us
  • Right to Data Portability โ€” Request a copy of your data in a machine-readable format
  • Right to Restrict Processing โ€” Request limitation of how we process your data
  • Right to Object โ€” Object to processing based on legitimate interests
  • Right to Withdraw Consent โ€” Withdraw consent at any time for data processing based on consent
  • Right to Opt-Out โ€” Opt out of marketing communications and personalized ads

To exercise any of these rights, please contact us at the email address listed below. We will respond to your request within 30 days.

14. Children's Privacy

The App is not intended for children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will take steps to delete such information.

15. International Data Transfers

Your data may be transferred to and processed in countries other than your own (including the United States where our service providers such as Supabase and OpenAI operate). By using the App, you consent to the transfer of your information to these countries. We ensure that appropriate safeguards are in place to protect your data in compliance with applicable data protection laws.

16. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected, used, shared, or sold
  • Right to request deletion of your personal information
  • Right to opt-out of the sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your CCPA rights

17. European Users (GDPR)

If you are in the European Economic Area (EEA), UK, or Switzerland, we process your data based on the following legal bases:

  • Consent โ€” For processing health data, accessing HealthKit/Health Connect, and camera usage
  • Contract Performance โ€” To provide the App's core features you have signed up for
  • Legitimate Interests โ€” For analytics, security, and App improvement
  • Legal Obligation โ€” To comply with applicable laws and regulations

You have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Last Updated" date at the top of this policy and, where appropriate, through an in-app notification. Your continued use of the App after changes constitutes acceptance of the updated Privacy Policy.

19. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at mulganteng@icloud.com