Introduction
Welcome to 0xCal ("we," "our," or "us"). We are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application 0xCal (the "App").
Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy.
Information We Collect
1. Health and Fitness Data
With your explicit permission, we access the following data from Apple HealthKit:
- Body measurements: Weight, height
- Activity data: Step count, active energy burned, workout sessions
- Personal characteristics: Date of birth, biological sex
This data is used to:
- Calculate your personalized daily calorie targets
- Track your fitness progress
- Provide accurate nutritional recommendations
2. Food and Nutrition Data
When you log food entries, we collect:
- Food descriptions: Text descriptions of meals you enter
- Photos: Images of food you capture for AI analysis
- Nutritional information: Calories, carbohydrates, fats, and protein values
- Conversation history: Chat messages exchanged with our AI assistant
This data is:
- Processed by our AI service to provide nutritional estimates
- Stored locally on your device in a secure database
- Used to display your daily calorie intake and nutritional breakdown
3. User Profile Data
We collect information you provide during onboarding:
- Age
- Sex
- Height
- Activity level
- Dietary goals and preferences
This data is stored locally on your device to personalize your calorie recommendations.
4. Device Information
We collect limited device information:
- Device identifier: A unique identifier used solely for rate limiting API requests
- Device type and OS version: For compatibility and debugging purposes
5. Analytics Data
We use PostHog for analytics to understand how users interact with the App. We collect:
- Usage events: App sessions, feature interactions, navigation patterns
- Subscription events: Paywall views, purchase completions (no payment details)
- Performance metrics: Error rates, app stability data
Analytics data is anonymized and does not include personal health information.
6. Subscription Data
If you subscribe to 0xCal Unlimited, subscription management is handled by RevenueCat. They may collect:
- Purchase history
- Subscription status
- Transaction identifiers
We do not have access to your payment information (credit card numbers, billing addresses). All payment processing is handled securely by Apple through the App Store.
How We Use Your Information
We use the collected information to:
- Provide core functionality: Calculate calorie targets, analyze food, track progress
- Personalize your experience: Tailor recommendations based on your goals
- Process AI requests: Send food descriptions and images to our AI service for nutritional analysis
- Improve the App: Analyze usage patterns to enhance features and fix bugs
- Manage subscriptions: Verify subscription status and provide premium features
- Send notifications: Remind you to log meals (if enabled)
Data Storage and Security
Local Storage
Most of your data is stored locally on your device:
- User profile and preferences
- Food entry history
- Health data from HealthKit
- Weight tracking history
Cloud Processing
The following data is transmitted to our servers:
- Food analysis requests: Descriptions and images sent to
0xcal-backend.vercel.appfor AI processing - Device ID: For rate limiting purposes only
All data transmission uses HTTPS encryption.
Data Retention
- Local data: Remains on your device until you delete the app or clear app data
- Server logs: API request logs are retained for 30 days for debugging purposes
- Analytics data: Retained according to PostHog's data retention policies
Third-Party Services
We use the following third-party services:
| Service | Purpose | Privacy Policy |
|---|---|---|
| Apple HealthKit | Health data integration | Apple Privacy |
| PostHog | Analytics | PostHog Privacy |
| RevenueCat | Subscription management | RevenueCat Privacy |
| Sentry | Error tracking | Sentry Privacy |
| OpenAI/Anthropic | AI food analysis | OpenAI Privacy |
| Vercel | Backend hosting | Vercel Privacy |
Your Rights and Choices
Data Access and Control
You have the right to:
- Access your data: View all data stored locally in the App
- Delete your data: Remove your account and all associated data by deleting the App
- Revoke permissions: Disable HealthKit access at any time in iOS Settings
- Opt out of analytics: Contact us to opt out of analytics tracking
HealthKit Data
You can manage HealthKit permissions at any time:
- Go to iOS Settings > Health > Data Access & Devices
- Select 0xCal
- Toggle permissions on or off
Push Notifications
You can disable push notifications:
- Go to iOS Settings > Notifications
- Select 0xCal
- Disable notifications
Children's Privacy
0xCal is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.
International Data Transfers
Our servers are located in the European Union (via Vercel and PostHog EU). If you are accessing the App from outside the EU, your data may be transferred to and processed in the EU.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by:
- Posting the new Privacy Policy in the App
- Updating the "Last Updated" date
We encourage you to review this Privacy Policy periodically.
California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information we collect
- Right to delete your personal information
- Right to opt-out of the sale of personal information (we do not sell your data)
- Right to non-discrimination for exercising your privacy rights
GDPR Rights (EU Users)
If you are located in the European Economic Area, you have additional rights under GDPR:
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Right to withdraw consent
Contact Us
If you have questions about this Privacy Policy or our privacy practices, please contact us:
Email: support@0xcal.app
Developer: Bartek Pichalski
Summary
| What We Collect | How It's Used | Where It's Stored |
|---|---|---|
| Health data (HealthKit) | Calorie calculations | Your device only |
| Food entries & photos | AI nutritional analysis | Your device + API processing |
| User profile | Personalization | Your device only |
| Device ID | Rate limiting | Our servers |
| Analytics events | App improvement | PostHog (EU) |
| Subscription status | Premium features | RevenueCat |
- Sell your personal data
- Share health data with advertisers
- Store your health data on our servers
- Access your payment information