Privacy Policy

Last updated: 29 April 2026

This Privacy Policy describes how Calorie AI ("we", "us", "our") collects, uses, and protects your information when you use our iOS application (the "App"). We take your privacy seriously and only collect what is necessary to make the App work.

1. Information We Collect

1.1 Account Information

When you sign in, we receive a unique identifier and email address from your authentication provider:

• Sign in with Apple — Apple ID identifier and (optionally) name and email
• Sign in with Google — Google account ID, email, and name

We use Firebase Authentication (a Google service) to verify these credentials.

1.2 Nutrition Profile

To calculate your personalized calorie and macronutrient targets, you voluntarily provide:

• Gender, age, height, weight, and target weight
• Lifestyle (sedentary / active / etc.) and weekly workout frequency
• Optional dietary preferences when generating a diet plan

1.3 Food and Activity Data

• Food photos you take for scanning are uploaded to our servers for AI analysis and stored locally on your device for your personal log.
• Logged meals — name, calories, macronutrients, ingredients, timestamp.
• Water intake entries you log manually.
• Weight history entries you log manually.
• Diet plans and chat history — meal plans you generate and any chat messages exchanged with our AI to refine them.

1.4 Apple Health Data

If you grant permission, the App reads (read-only) the following data from Apple Health:

• Step count
• Active energy burned

This data is read on-device and used to display your daily activity alongside your nutrition. We do not upload your raw Apple Health data to our servers. The Privacy Manifest also declares the NSHealthUpdateUsageDescription string because the HealthKit framework is linked, but the App does not currently write to Apple Health.

1.5 Subscription Information

If you purchase a subscription, our subscription processor RevenueCat records the purchase event, your anonymous user ID, the product purchased, and renewal status. Apple processes the actual payment — we never see your card or Apple ID password.

1.6 Diagnostics and Analytics

We use Firebase Crashlytics and Firebase Analytics (Google) to detect crashes and understand which features are used. These tools collect device type, OS version, app version, anonymized event data, and crash stack traces. They do not collect your name, email, or food data.

2. How We Use Information

• To authenticate you and protect your account
• To calculate your personalized calorie and macro targets
• To analyze food photos and look up nutrition data
• To generate and refine your diet plans
• To enforce subscription entitlements and scan limits
• To diagnose crashes and improve the App's stability
• To respond to support requests

We do not sell your personal data, and we do not use it for advertising.

3. Third-Party Processors

We share specific data with the following service providers, each acting on our behalf under their own privacy policies:

• Firebase (Google) — authentication, crash reporting, analytics. Firebase privacy
• RevenueCat — subscription management. RevenueCat privacy
• OpenAI and/or Google Gemini — food image analysis (we send your meal photo for identification; the providers do not retain it for model training under our enterprise agreements). OpenAI privacy
• USDA FoodData Central — anonymous nutrition database lookups. No personal data is shared.
• Apple — App Store payments, Sign in with Apple, HealthKit. Apple privacy

4. Data Retention

We retain your account data and food log for as long as your account is active. If you delete your account (see Section 6), all associated data — profile, food log, diet plans, weight history, scan quota — is permanently deleted from our database. Backups containing your data are rotated out within 30 days.

Anonymous analytics events (Firebase) are retained per Google's default retention settings (typically 14 months).

5. Data Storage and Transfers

Your data is stored on servers operated by our hosting provider. By using the App, you consent to your data being processed in the country where our servers are located. We use encrypted connections (HTTPS/TLS) for all network transfers.

6. Your Rights

You have the right to:

• Access — request a copy of the data we hold about you
• Correct — update inaccurate data via the App's profile settings
• Delete — permanently delete your account and all associated data, in-app via Settings → Delete Account, or by emailing us
• Withdraw consent — disable Apple Health access in iOS Settings → Privacy → Health at any time
• Object / restrict processing — for users in the EU/UK under GDPR

For account deletion instructions and details, see our Support page.

7. Children's Privacy

The App is not directed at children under 13 (or under 16 in the EU/UK). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

8. Security

We use industry-standard measures to protect your data, including TLS encryption in transit, hashed authentication tokens, and access-controlled databases. No system is 100% secure, but we work hard to keep yours as safe as possible.

9. Changes to This Policy

We may update this policy as the App evolves. We will update the "Last updated" date at the top and, for material changes, notify you in-app or by email. Continued use of the App after changes means you accept the updated policy.

10. Contact

Questions about your privacy? Reach us at dishagajera8@gmail.com.