Privacy Policy

Last updated: April 15, 2026

Kick Cal (“we”, “us”, or “our”) respects your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our mobile application and related services (collectively, the “Services”). By using the Services, you agree to this policy.

1. Information we collect

We may collect the following categories of information:

• Account and profile data: such as name, email address, or authentication identifiers provided by sign-in providers (e.g., Apple, Google) when you create or access an account.
• Health and wellness data you choose to log: including food entries, nutrition estimates, weight, habits, caffeine or alcohol logs, and similar inputs you submit within the app.
• Device and technical data: such as device type, operating system version, app version, diagnostic logs, and crash reports — used to maintain reliability and security.
• Usage data: aggregated or de-identified analytics about how features are used, where we implement such analytics.
• HealthKit / Apple Health data (optional): if you grant permission, we may read or write categories you authorize (for example, activity or heart rate) to enrich your dashboard and insights.
• Photos and camera: if you use camera-based features, images may be processed to provide nutrition estimates. Processing may occur on-device and/or on secure servers, depending on feature design.

2. How we use information

We use information to:

• Provide, maintain, and improve the Services (including AI-assisted features and personalization).
• Authenticate users, sync data across devices where applicable, and provide customer support.
• Send transactional or service-related messages (e.g., account or security notices).
• Monitor abuse, fraud, and security incidents; comply with legal obligations.
• Generate analytics and product insights in aggregated or de-identified form where possible.

We do not use your health data for advertising or sell your personal health data as a “data broker.”

3. Legal bases (EEA/UK users)

Where the GDPR or UK GDPR applies, we rely on appropriate legal bases such as: performance of a contract, legitimate interests (e.g., securing and improving the Services, fraud prevention), consent where required (e.g., certain marketing or optional analytics), and compliance with legal obligations.

4. Sharing of information

We may share information with:

• Service providers who assist us with hosting, analytics, customer support, email delivery, or AI processing — under contractual confidentiality and data protection terms.
• Apple and other platform providers as required to operate the app, process in-app purchases, and comply with platform rules.
• Legal and safety: when required by law, regulation, legal process, or to protect the rights, safety, and security of users, us, or others.
• Business transfers: in connection with a merger, acquisition, or sale of assets, subject to appropriate safeguards.

We do not sell your personal information for monetary consideration as defined under applicable U.S. state privacy laws where such definitions apply.

5. Data retention

We retain information for as long as necessary to provide the Services, comply with law, resolve disputes, and enforce our agreements. You may be able to delete certain data within the app or by contacting us. Some data may persist in backups for a limited period.

6. Security

We implement administrative, technical, and organizational measures designed to protect information. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

7. International transfers

If you access the Services from outside the country where we operate servers, your information may be transferred to and processed in countries that may have different data protection laws. Where required, we use appropriate safeguards (such as standard contractual clauses).

8. Your rights and choices

Depending on your location, you may have rights to:

• Access, correct, or delete certain personal information.
• Object to or restrict certain processing, or withdraw consent where processing is consent-based.
• Request a copy of your data in a portable format, where applicable.
• Opt out of certain analytics or marketing communications (we do not send marketing solely based on sensitive health inferences without consent where required).

To exercise rights, contact support@kickcal.app. You may also lodge a complaint with a supervisory authority in your jurisdiction.

9. Children

The Services are not directed to children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected such information, contact us and we will take steps to delete it.

10. California residents (summary)

California residents may have additional rights under the CCPA/CPRA, including rights to know, delete, and correct personal information, and to opt out of certain “sharing” for cross-context behavioral advertising where applicable. We describe categories of data in Sections 1–2. To submit a request, email support@kickcal.app.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised policy with a new “Last updated” date and, where appropriate, provide additional notice (e.g., in-app). Continued use of the Services after changes constitutes acceptance of the updated policy.

12. Contact

For privacy questions: support@kickcal.app