CalTrack — Privacy policy

Effective date: 13 June 2026 · Last updated: 13 June 2026

This policy explains what data CalTrack ("we", "our", "the app") collects, why we collect it, who we share it with, and the controls you have. CalTrack is a nutrition and expenditure tracker for iOS and Android.

Contact for any privacy question or request: codercoy128@gmail.com.

1. Data we collect
2. Apple HealthKit and Android Health Connect
3. How we use your data
4. Legal basis (EEA / UK)
5. Who we share data with
6. Retention
7. Your rights and controls
8. Deleting your account
9. Security
10. International transfers
11. Children
12. Changes to this policy
13. Contact

1. Data we collect

1.1 Account information

Email address and password when you create an account with email/password, or
Apple Sign-In or Google identity if you choose those providers. We receive the email address and a stable user identifier from the provider; we do not receive your provider account password.

Authentication is handled by Supabase Auth (see §5). Sessions are stored encrypted on your device using the operating system's secure storage (Keychain on iOS, Keystore on Android).

1.2 Profile and preferences

Date of birth, sex assigned at birth, height, current weight, activity level, weight goal.
Timezone (synced from your device).
App preferences: language, energy unit (kcal/kJ), theme, reminder settings.

We use these inputs to compute your basal metabolic rate, recommended daily allowances for nutrients, and adaptive expenditure (TDEE). No coverage of sensitive categories beyond what you enter for the nutrition calculations.

1.3 Activity and log data

Food logs (food item, portion, timestamp, meal slot).
Weight logs (weight value, date).
Supplement logs (supplement, dose, timestamp).
User-created custom foods and recipes.
Favorites and meal-slot configuration.

1.4 User-submitted product photos

If you contribute a barcode submission (nutrition label, ingredients list, or product photo), those images are uploaded to a Supabase Storage bucket so other reviewers can verify them. Submission photos are deleted from storage once a submission is finalized.

1.5 Diagnostics and crash reports

We use Sentry to collect crash reports and unhandled errors. When you are signed in, error events are tagged with your Supabase user ID and the email address on your account so we can correlate problems to your sessions. We do not capture screen contents or food/weight values in error reports.

1.6 What we do not collect

We do not run third-party advertising SDKs or share data with ad networks.
We do not use product analytics SDKs (no PostHog, Amplitude, Mixpanel, etc.).
We do not access your contacts, calendar, microphone, or precise location.
We do not sell your data.

2. Apple HealthKit and Android Health Connect

With your explicit permission, CalTrack reads your body weight from Apple HealthKit (iOS) or Android Health Connect (Android), and on iOS may also write weight entries you log inside CalTrack back to HealthKit so your scale, Apple Health, and CalTrack stay consistent.

The following commitments are specific to Apple HealthKit and apply to all data we receive from it:

Data received from HealthKit is used solely to provide the in-app features you see: trending your weight, computing adaptive expenditure (TDEE), and keeping your weight history in sync with what you log inside CalTrack.
We will not use HealthKit data for advertising or any similar services.
We will not disclose HealthKit data to third parties for advertising or data-mining purposes.
We will not sell HealthKit data to anyone.
HealthKit weight readings are stored on our backend only as part of your weight log, scoped to your account.
You can revoke HealthKit access at any time in iOS Settings → Privacy & Security → Health → CalTrack.

On Android, equivalent controls live in Health Connect → App permissions → CalTrack. We request the minimum permissions needed: read and write Weight.

3. How we use your data

Provide the calorie and nutrient tracking, expenditure, and goal features.
Compute personalized RDAs, ULs, and target calories from your profile.
Authenticate you and keep your session secure.
Sync your data across your devices (when signed in).
Diagnose crashes and fix bugs (via Sentry).
Detect and prevent abuse of community features (barcode submissions, peer review).
Comply with legal obligations.

We do not use your data to train machine-learning models.

4. Legal basis (EEA / UK)

If you are in the European Economic Area or the UK, we rely on:

Contract (Art. 6(1)(b) GDPR): to provide the service you signed up for.
Consent (Art. 6(1)(a), Art. 9(2)(a) GDPR): for HealthKit / Health Connect data, which is special-category health data. You give consent through the operating-system permission prompt and can withdraw it at any time.
Legitimate interests (Art. 6(1)(f) GDPR): for crash reporting and abuse prevention, where the impact on you is minimal and necessary to keep the service running.
Legal obligations (Art. 6(1)(c) GDPR): when we have to respond to lawful requests.

We do not sell or rent your data. We share it only with the subprocessors below, each of which provides infrastructure CalTrack runs on. All access is authenticated and limited to what each provider needs to perform its function.

Provider	Role	Region
Supabase (Supabase Inc.)	Authentication, Postgres database, Storage for barcode submission photos.	EU (Frankfurt, `eu-central-1`)
Fly.io (Fly.io, Inc.)	Hosting of the CalTrack API.	EU
Sentry (Functional Software, Inc.)	Crash and error reporting.	EU (configurable)
Cloudflare R2 (Cloudflare, Inc.)	Encrypted weekly database backups.	EU
Cloudflare Pages (Cloudflare, Inc.)	Hosting of this privacy / terms site.	Global edge
Apple (Apple Inc.)	Sign in with Apple, App Store, TestFlight, push delivery, HealthKit.	Per Apple's policies
Google (Google LLC)	Google Sign-In, Google Play, Health Connect.	Per Google's policies

External nutrition data sources (USDA FoodData Central and Open Food Facts) are queried only from our server, and only with the food name or barcode you searched. We do not send your account identity to these services.

6. Retention

Account and log data is kept while your account is active. When you delete your account, all rows tied to your user ID are removed from our primary database within a few minutes (see §8).
Encrypted weekly backups on Cloudflare R2 are retained for up to 90 days, after which they are rotated out. Deletion requests do not rewrite historical backups, but those backups are not used to restore deleted-by-user data, are encrypted at rest, and roll off automatically.
Sentry events are retained for up to 90 days per Sentry's default policy.
Barcode submission photos are deleted from Supabase Storage as soon as a submission is finalized (approved or rejected).

7. Your rights and controls

Wherever you live, you can exercise the following through in-app controls or by emailing us:

Access — request a copy of the data we hold about you.
Rectification — edit your profile fields directly in the app (Settings → Profile). For anything you can't edit yourself, email us.
Erasure — delete your account in Settings → Account → Delete account, or email us to do it for you.
Portability — request an export of your logs.
Withdraw HealthKit / Health Connect consent at any time in the OS settings; CalTrack will stop reading new data immediately.
Lodge a complaint with your local data-protection authority if you are in the EEA or UK.

If you are in California, you additionally have the right to know, delete, and not be discriminated against for exercising your rights under the CCPA. We do not sell or share personal information for cross-context behavioral advertising.

8. Deleting your account

Open Settings → Account → Delete account. After you confirm, the app calls our backend, which deletes your authentication record and cascades the deletion to all rows we store about you (profile, food logs, weight logs, supplement logs, favorites, custom foods, recipes, expenditure snapshots). Encrypted weekly backups age out automatically per §6.

If you signed in with Apple or Google, this deletes the data we hold; it does not affect your Apple or Google account itself.

9. Security

All network traffic between the app and our servers is encrypted with TLS 1.2+.
Your Supabase session is stored on-device in the OS keychain and never written to plain disk.
The CalTrack API enforces row-level scoping: every database query the API issues is constrained to your user_id.
Direct database access from public clients is disabled (Supabase Data API off, anon role stripped of all table privileges).
Backups are encrypted at rest in Cloudflare R2.

No system is perfectly secure. If you believe you have found a vulnerability, please email codercoy128@gmail.com so we can investigate.

10. International transfers

Our primary database and API run in the European Union. If you use CalTrack outside the EU, the data you submit is transferred to and stored in the EU. Some subprocessors (Apple, Google, Cloudflare, Sentry) may process operational data across multiple regions per their own policies; where transfers leave the EEA, they rely on Standard Contractual Clauses or equivalent safeguards.

11. Children

CalTrack is not directed to children under 13 (or under 16 in the EEA / UK). We do not knowingly collect data from children below those ages. If you believe a child has provided us data, email us and we will delete it.

12. Changes to this policy

If we make a material change, we will update the "Last updated" date at the top and, where the change affects how we handle data you already gave us, surface a notice in the app before the change takes effect.

13. Contact

Email: codercoy128@gmail.com

Operator: Adham (sole developer of CalTrack). A registered business address will be added here once the legal entity is incorporated. Until then, email is the canonical contact channel.