Last updated: [Apr 28, 2025]
Thank you for using Calogram (“Company,” “we,” “us”). This Privacy Policy explains how we collect, use, disclose, and protect your information when you access the Calogram mobile application, website (calogram.ai), and related services (“Service”). Capitalized terms not defined here have the meanings given in our Terms & Conditions.
By accessing or using the Service you agree to this Policy. If you do not agree, please do not use Calogram.
1 Information We Collect
Data Category | Collected Items | Purpose(s) | Required? |
Health Data | weight, calorie logs, macro targets | • App Functionality (AI tracking) • Analytics • Product Personalization | No |
Fitness Data | steps, workouts, activity minutes | Same as above | No |
Photos | food images you voluntarily upload | • App Functionality (AI food recognition via OpenAI) | No |
Identifiers | User ID | • Account management | Yes |
Device ID / IDFA / AAID | • Security, fraud detection | Yes | |
Purchase History | subscription receipts, plan type | • Analytics, billing support | Yes |
Usage Data | feature taps, screens viewed, interaction times | • Analytics • Personalization | Yes |
Diagnostics | crash logs, performance metrics | • Analytics (bug fixing) | Yes |
We do not collect precise GPS, genetic data, or contact lists.
2 How We Use Your Information
1.
Core Functionality – macro calculations, goal tracking, subscription management.
2.
Personalization – adapt calorie budgets, deliver contextual tips.
3.
AI Food Analysis – when you snap a meal photo, the image is sent to OpenAI’s image-analysis API (our sub-processor) to estimate calories and nutrients. Images are transmitted over TLS, used solely for this function, and are not stored by OpenAI beyond the processing window according to their retention policy.
4.
Analytics & Improvements – aggregated usage and diagnostic data to improve stability and features.
5.
Legal Compliance – fulfill tax, accounting, and regulatory duties.
Medical Disclaimer
not medical advice
3 Legal Bases (EEA/UK)
We rely on Contract, Legitimate Interests, Consent, and Legal Obligation as described in the previous version. You may withdraw consent at any time via in-app settings or privacy@calogram.app.
4 Storage & Security
•
Cloud Location. All data are stored on encrypted Amazon Web Services (“AWS”) servers in the United States (us-east-1 and us-west-2 regions).
•
Encryption. TLS 1.2+ in transit and AES-256 at rest.
•
Access Control. Restricted to personnel who need it to operate the Service.
5 Sharing & Disclosure
We do not sell personal data. We share only with:
Recipient | Purpose |
AWS | secure cloud hosting and database storage inside the U.S. |
OpenAI | on-device photo → encrypted upload → calorie inference → response; no long-term storage by OpenAI. |
Payment processors / analytics vendors | subscription billing, aggregated metrics |
Legal authorities | only when required by law |
6 Retention & Deletion
Data Type | Retention Rule |
Health / Fitness / Photos | until user deletes entry, deletes account, or 24 months of inactivity |
Subscription records | 7 years (tax & audit) |
Usage & diagnostics | 24 months then anonymized |
Deletion request: in-app or email → erasure within 30 days (unless legally required otherwise).
7 International Transfers
By using the Service, you consent to transfer and processing in the United States. For EEA/UK users, we rely on Standard Contractual Clauses or an adequacy decision.
8 Your Privacy Rights
Region | Rights |
EU / UK | access, rectification, erasure, restriction, portability, objection |
Brazil, Canada, etc. | similar rights under LGPD, PIPEDA, etc. |
California (see Section 9) | CCPA/CPRA rights |
Exercise rights via help@unboxers.team.
9 California Privacy Addendum (CCPA/CPRA)
1.
Categories Collected – Identifiers, health information, internet activity, purchase data, diagnostics.
2.
Purposes – “business purposes” under CCPA: providing the Service, analytics, security, debugging, and short-term transient use.
3.
Selling / Sharing – We do not sell or share personal information for cross-context behavioral advertising.
4.
Sensitive Personal Information – Health & Fitness data are processed solely to provide requested features (§7027(l)(1) exemption).
5.
User Rights – California residents may know, delete, correct, or limit use of sensitive data. Submit requests in-app or via help@unboxers.team. We will verify identity before fulfilling.
6.
Do Not Track / Global Privacy Control – Calogram honors browser GPC signals where technically feasible.
10 Children’s Privacy
Calogram is not directed to children under 18; we knowingly collect no such data. We will delete any inadvertently collected data from a minor.
11 Changes
Material changes → 30-day notice via email or in-app. Continued use = acceptance.
12 Contact
Calogram Inc.
[Street Address]
[City, State ZIP, USA]
Email: help@unboxers.team