Privacy Policy

1. Introduction

Calo. ("we", "our", "us") is developed by Mini Labs. This Privacy Policy explains how we collect, use, and protect your information when you use the Calo. iOS application ("the App"). By using Calo., you agree to this Privacy Policy.

2. Information We Collect

Information you provide

Name and personal goals (entered during onboarding)
Body stats: age, height, weight, target weight
Food preferences, dietary restrictions, and allergies
Food logs, meal entries, and nutrition data
Progress photos (stored locally on your device only)
Weight entries and habit tracking data

Information from your devices

Health and fitness data from Apple HealthKit (steps, heart rate, HRV, sleep, workouts, VO2 max, calories burned)
Biometric data from connected devices (Garmin, Whoop, Oura Ring) via Apple HealthKit
Device identifier (used to manage your subscription)

Information from third-party services

Whoop recovery, sleep, and strain data (only if you connect your Whoop account)
Purchase and subscription status via RevenueCat

3. How We Use Your Information

We use your information to:

Provide personalized nutrition tracking and AI-powered food analysis
Generate adaptive daily calorie and macro targets based on your biometric data
Power the AI Coach with personalized, data-driven recommendations
Generate weekly meal plans tailored to your preferences
Track your progress toward your health goals
Send smart push notifications to help you stay on track
Process and manage your subscription

4. AI Processing

Calo. uses Google Gemini AI to analyze food photos and text descriptions. When you scan food, your food photo or text description is sent to Google's Gemini API. Google processes this data to identify food items and estimate nutrition. We do not store your food photos on our servers — they are processed and discarded. Google's privacy policy applies: policies.google.com/privacy.

Nutrition data is verified against the USDA FoodData Central database, a public government resource.

5. Apple HealthKit

Calo. reads health data from Apple HealthKit to provide biometric-adaptive nutrition recommendations. This includes heart rate variability, sleep data, resting heart rate, steps, active calories, workouts, and VO2 max.

HealthKit commitments. We follow Apple's HealthKit guidelines strictly:

HealthKit data is never used for advertising
HealthKit data is never shared with third parties except as required to provide the service
HealthKit data is never sold
You can revoke HealthKit access at any time in iPhone Settings → Privacy & Security → Health → Calo.

6. Whoop Integration

If you choose to connect your Whoop account, we access your recovery score, strain, sleep performance, and HRV via the Whoop API. This data is used solely to personalize your nutrition recommendations. Your Whoop credentials are never stored by Calo. You can disconnect Whoop at any time in Calo. Settings → Connected Devices. Whoop's privacy policy applies: whoop.com/privacy.

7. Data Storage

All your food logs, goals, preferences, and personal data are stored locally on your device using Apple's SwiftData framework. Progress photos are stored locally only and never uploaded. We do not operate our own servers or databases for user data.

8. Third-Party Services

Google Gemini AI — Food photo analysis — policies.google.com/privacy
USDA FoodData Central — Nutrition data — usda.gov/privacy-policy
RevenueCat — Subscription management — revenuecat.com/privacy
Whoop API — Biometric data — whoop.com/privacy
Sentry — Crash reporting — sentry.io/privacy

9. Data We Do Not Collect

We do not sell your personal data, use your data for advertising, share health data with advertisers, store food photos after analysis, access your location, or track you across other apps.

10. Children's Privacy

Calo. is not intended for children under 13. We do not knowingly collect personal information from children under 13.

11. Your Rights

You have the right to access all data (it's on your device), delete your data (delete the app), revoke HealthKit permissions in iPhone Settings, disconnect Whoop in Calo. Settings, and cancel your subscription in App Store Settings.

12. Data Security

All data is stored locally using Apple's secure frameworks. API keys are stored in iOS Keychain. All network communications use HTTPS/TLS encryption.

13. Changes to This Policy

We may update this Privacy Policy. We will notify you of significant changes through the app.

14. Contact Us

Email: support@caloapp.co
Developer: Mini Labs
Location: Dubai, UAE