Privacy Policy

Last updated: January 2025

Our Commitment to Your Privacy

At Calro, we understand that your health data is deeply personal and sensitive. This Privacy Policy explains how we collect, use, protect, and handle your information when you use our nutrition tracking application and related services.

Key Promise: We never sell your personal health data to third parties, and we use industry-leading encryption to protect your information.

Information We Collect

Personal Information

  • Account information (email address, username, password)
  • Profile data (age, gender, height, weight, activity level)
  • Contact information for customer support
  • Payment information (processed securely by third-party payment processors)

Health & Nutrition Data

  • Food intake logs and nutritional information
  • Supplement tracking and dosage information
  • Photos of food (processed locally and optionally uploaded for AI analysis)
  • Nutrition goals and preferences
  • Recipe and meal data

Technical Information

  • Device information (device type, operating system version)
  • App usage analytics (features used, session duration)
  • Crash reports and error logs (anonymized)
  • IP address and general location (for service optimization)

How We Use Your Information

Core App Functionality

  • Provide nutrition tracking and analysis features
  • Calculate nutritional insights and recommendations
  • Sync your data across devices
  • Enable AI-powered food recognition and portion estimation

Service Improvement

  • Improve AI model accuracy through anonymized training data
  • Analyze app usage patterns to enhance user experience
  • Develop new features based on user needs
  • Provide customer support and troubleshooting

Legal and Security

  • Comply with legal obligations and regulations
  • Protect against fraud, abuse, and security threats
  • Enforce our Terms of Service

Data Sharing and Disclosure

We do NOT sell your personal health data to advertisers, data brokers, or other third parties.

Limited Sharing Scenarios

  • Service Providers: Trusted third-party services (cloud hosting, analytics) under strict confidentiality agreements
  • Legal Requirements: When required by law, court order, or to protect rights and safety
  • Business Transfers: In the event of a merger or acquisition (with continued privacy protections)
  • With Your Consent: When you explicitly choose to share data (e.g., with healthcare providers)

Data Security

🔒 Encryption

End-to-end encryption for sensitive health data

💾 Local Storage

Critical data stored securely on your device

🛡️ Access Controls

Strict employee access limitations

🔍 Regular Audits

Ongoing security assessments and updates

Your Rights and Choices

Data Access and Control

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data
  • Export: Download your data in a portable format
  • Opt-out: Disable certain data processing activities

Marketing Communications

  • Unsubscribe from marketing emails at any time
  • Control push notification preferences in app settings
  • Opt out of analytics tracking (may limit some features)

International Data Transfers

Calro is based in the United States. If you are accessing our services from outside the US, please be aware that your information may be transferred to, stored, and processed in the US where our servers are located. We implement appropriate safeguards to protect your data in accordance with this Privacy Policy and applicable laws.

Data Retention

  • Active Accounts: Data retained while your account is active
  • Deleted Accounts: Most data deleted within 30 days
  • Backup Systems: Encrypted backups retained for up to 90 days
  • Legal Requirements: Some data may be retained longer as required by law
  • Anonymized Data: De-identified data may be retained for research and improvement

Children's Privacy

Calro is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

Third-Party Services

Our app may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to those services. We encourage you to read the privacy policies of any third-party services you use.

Key Third-Party Services

  • Firebase (Google) - App hosting and analytics
  • Payment processors - Subscription billing
  • Cloud providers - Data storage and processing
  • Analytics services - App performance monitoring

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes by email or through the app. Your continued use of Calro after such notification constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Email: privacy@calro.app
Subject Line: Privacy Policy Question
Response Time: Within 30 days

Regional Privacy Rights

California Residents (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA), including:

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (we don't sell)
  • Right to non-discrimination for exercising CCPA rights

European Residents (GDPR)

European residents have rights under the General Data Protection Regulation (GDPR), including:

  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to data portability
  • Right to object to processing