Privacy Policy
1. Introduction & Data Controller
This Privacy Policy describes how Montane LLC ("we," "us," or "our") collects, uses, stores, and protects your personal information when you use Calofit ("the App"). We are committed to transparency about our data practices.
Data Controller: Montane LLC, Florida, United States.
Support: help@calofit.app
Privacy & Legal: contact@calofit.app
Legal basis summary: Contract performance (core features), consent (AI processing, HealthKit, notifications), legitimate interest (community foods quality).
2. Data We Collect
2a. Information You Provide Directly
Unless otherwise noted, all data below is stored locally on your device and synced securely to our cloud servers for backup and multi-device access.
- Profile — Name, age, height, weight, goal weight, biological sex, activity level, goals, meal timing, unit system, referral source.
- Food entries — Name, calories, protein/carbs/fat, portion size, meal type, barcode, source, quality metrics (sugar, saturated fat, sodium, fiber, NutriScore, NOVA group, CQS score), FDA nutrients (trans fat, cholesterol, added sugars, potassium, calcium, iron, vitamin D), user description.
- Exercise entries — Name, calories burned, duration, intensity, category, subtype.
- Hydration entries — Amount (ml), timestamp.
- Weight entries — Weight (kg), date.
- Step entries — Step count, date.
- Saved foods — Full nutrition data, brand, servings, usage count.
- Saved activities — Name, calories/min, duration, category, usage count.
- Meditation entries — Duration, target, date.
- Fasting entries — Start/end time, target, protocol, status, date.
- Community food contributions — Food name, nutrition, portion, barcode, source, language, cuisine. Stored in shared database visible to other users.
- Check-in entries — Date marker. Stored on device only (not synced).
- Food error reports — Food name, barcode, source, reported macros, reason.
- Profile photo — JPEG image. Stored in secure cloud storage.
- Food photos — JPEG image. Stored in secure cloud storage.
2b. Information From Third Parties
| Source | Data | Purpose |
|---|---|---|
| Apple Sign-In | Name (optional), email (optional, may be private relay) | Authentication |
| Google Sign-In | Name, email, profile picture URL | Authentication |
| Apple HealthKit | Step count, body mass | Activity & weight tracking. Read-only — we never write to HealthKit. |
| OpenFoodFacts | Product name, brand, barcode, nutrition data, NutriScore, NOVA group, additives | Food database lookup (public API, no user data sent beyond barcode/search query) |
2c. Information Processed by AI (Third-Party)
Calofit uses third-party AI services for food recognition and nutrition estimation. All data below is processed in real time and not retained by the AI provider:
- Food photos (JPEG) — for nutrition recognition
- Nutrition label photos (JPEG) — for label data extraction
- Food name and portion text — for macro recalculation
- Exercise description and user weight (kg) — for calorie estimation
- Aggregated nutrition/activity summary — for weekly/monthly insights
Apple Compliance (5.1.2(i))
Personal data is shared with third-party AI services for food and exercise recognition. Users consent to this at first use of scanning features. AI requests are rate-limited per user to prevent abuse.
2d. Information Generated Automatically
| Data | Purpose | Storage |
|---|---|---|
| Daily logs (date groupings) | Organize daily entries | Device + Cloud |
| In-app notifications | Reminders, goal alerts | Device only (NOT synced, 30-day TTL) |
| Food quality score (CQS) | Calculated from nutrition data | Device + Cloud |
| Wellness score | Aggregated from all tracking data | Calculated on-the-fly, not persisted |
| Cached nutrition estimates | AI lookup cache for instant re-use | Device only (NOT synced) |
| Monthly food analysis | AI-generated quality insights cache | Device only (NOT synced) |
| Partner referral data | Referral code, referral count, earnings | Cloud |
2e. Device Preferences (UserDefaults)
| Key | Purpose |
|---|---|
| appLanguage | UI language (en/es) |
| healthKitRequested | Whether HealthKit permission was asked |
| notifyMealReminder | Meal notification preference |
| notifyWaterReminder | Water notification preference |
| notifyExerciseReminder | Exercise notification preference |
| notifyWeightReminder | Weight notification preference |
| notifyWeeklyInsights | Insights notification preference |
| notifyFastingReminder | Fasting notification preference |
These preferences are not sensitive, are cleared on app uninstall, and are never transmitted to our servers.
3. Data We Do NOT Collect
We want to be explicit about what we do not collect:
- NO advertising identifier (IDFA)
- NO device identifiers or hardware IDs
- NO location data (GPS, WiFi, Bluetooth)
- NO contacts, calendar, or reminders
- NO microphone or audio
- NO clipboard/pasteboard
- NO third-party analytics (no Firebase Analytics, Mixpanel, Amplitude, etc.)
- NO crash reporting services (no Sentry, Crashlytics, Bugsnag)
- NO ad networks or data brokers
- NO cross-app tracking
NSPrivacyTracking = false
4. How We Use Your Data
| Purpose | Legal Basis (GDPR) |
|---|---|
| Provide core nutrition/wellness tracking | Performance of contract |
| AI food recognition & estimation | Consent (opt-in at first scan) |
| Sync data across devices | Performance of contract |
| Send local notification reminders | Consent (configurable in settings) |
| Process subscription payments | Performance of contract |
| Generate insights and analytics | Performance of contract |
| Community food database | Legitimate interest (improve food data) |
| Partner referral tracking | Performance of contract |
5. Apple HealthKit Data
Apple Requirement (5.1.3)
The following HealthKit disclosures are required by Apple's App Store Review Guidelines and represent binding commitments regarding the use of health data.
- We read step count and body mass from Apple Health with your explicit permission.
- We never write data back to HealthKit.
- HealthKit data is used solely to display your activity and weight progress within the app.
- HealthKit data is NOT used for advertising, marketing, or data mining — by us or any third party.
- HealthKit data is NOT shared with third parties, including our AI processing services.
- HealthKit data is NOT stored in iCloud.
- You can revoke HealthKit access at any time in Settings > Privacy & Security > Health > Calofit.
6. Third-Party Services
- Cloud infrastructure provider
- Data shared: Profile, nutrition, activity, weight, photos
- Purpose: Cloud infrastructure, authentication, and file storage
- Third-party AI providers
- Data shared: Food/label photos, exercise descriptions
- Purpose: AI-powered food and exercise recognition
- Privacy: Provider policies available upon request at contact@calofit.app
- Subscription management service
- Data shared: User ID, purchase transactions, entitlements
- Purpose: Subscription management
- OpenFoodFacts
- Data shared: Barcode numbers, search queries
- Purpose: Food product database
- Privacy: openfoodfacts.org/terms-of-use
- Apple
- Data shared: Sign-In identity token, HealthKit data
- Purpose: Authentication, health data
- Privacy: apple.com/privacy
- Google
- Data shared: OAuth token
- Purpose: Authentication
- Privacy: policies.google.com/privacy
All third-party services provide equal or greater protection of user data as stated in this policy (Apple 5.1.1(i)). A detailed list of sub-processors is available upon request at contact@calofit.app.
7. Data Storage & Security
- Offline-first: Data stored locally on your device first.
- Cloud sync: Secure cloud servers for backup and multi-device access.
- Access control: Every database query restricted to your own data.
- Encryption: Industry-standard encryption in transit and at rest.
- No iCloud storage: We do not use iCloud for any user data.
Your data is stored locally on your device and synced securely to our cloud servers using end-to-end encryption. We use Row Level Security to ensure only you can access your data.
8. Data Retention
8.1 User-Controlled Data
Retained until deleted by you or upon account deletion:
- Profile and all tracking data (food, exercise, hydration, weight, steps, meditation, fasting)
- Photos (avatar, food) — removed from cloud storage
8.2 Device-Only Data
Stored only on your device and cleared on app uninstall:
- Check-in entries, cached nutrition estimates, monthly food analysis cache, UserDefaults preferences
8.3 Third-Party and Shared Data
- Community food contributions — retained indefinitely (shared resource); de-identified after account deletion.
- Subscription records — per our subscription service provider's retention policy.
- AI-processed data — not retained; processed and discarded immediately.
- Server logs — 30 days maximum, auto-purged.
8.4 Post-Deletion
All user data is purged within 30 days of an account deletion request, except where legally required (e.g., tax records).
9. Your Rights
All Users
- Access your data (in-app or email request)
- Delete your account and all data (in-app, one-tap flow)
- Withdraw consent for AI processing (use manual entry instead)
- Revoke HealthKit access (system Settings)
- Opt out of notifications (in-app settings)
- Export data (email request to contact@calofit.app)
GDPR (EU/EEA Users) — Additional Rights
- Right to rectification (correct inaccurate data)
- Right to restriction of processing
- Right to data portability (receive data in machine-readable format)
- Right to object to processing based on legitimate interest
- Right to lodge complaint with supervisory authority
- Right not to be subject to automated decision-making (AI results are suggestions, not autonomous decisions)
- Privacy & Legal: contact@calofit.app — dedicated contact for GDPR requests
CCPA (California Residents) — Additional Rights
- Right to know what personal information is collected and disclosed
- Right to delete personal information
- Right to opt-out of sale/sharing of personal information
- Right to non-discrimination for exercising privacy rights
- We do NOT sell personal information.
- We do NOT share personal information for cross-context behavioral advertising.
To exercise any right: email contact@calofit.app. Response within 30 days (45 for complex requests).
10. International Data Transfers
- User data is stored on secure servers in the United States.
- For EU/EEA users: transfers are protected by Standard Contractual Clauses (SCCs) as approved by the European Commission.
- We have conducted appropriate safeguard assessments for all international transfers.
- Our cloud infrastructure provider is SOC 2 Type II compliant.
11. Children's Privacy
- Calofit is designed for users aged 13 and older.
- We do not knowingly collect data from children under 13.
- If we discover data from a child under 13, we will delete it immediately.
- Parents/guardians can contact contact@calofit.app to request review or deletion of a minor's data.
12. Data Breach Notification
- In the event of a data breach, we will notify affected users without unreasonable delay and within 72 hours (GDPR) / 30 days (California law).
- Notification via email and in-app notice.
- Notification will include: nature of breach, data types affected, steps to protect yourself, our contact info.
- We will notify relevant authorities as required by applicable law.
13. Do Not Track
- We honor Global Privacy Control (GPC) signals.
- We do not engage in cross-site tracking.
- Our app does not use App Tracking Transparency (ATT) because we do not track users.
14. Changes to This Policy
- Material changes notified via email and/or in-app notification at least 30 days before taking effect.
- Continued use after effective date constitutes acceptance.
- Previous versions available upon request.
15. Contact
- Support: help@calofit.app
- Privacy & Legal: contact@calofit.app
- Entity: Montane LLC, Florida, United States