Privacy Policy

Calibr8 Nutrition is the data controller responsible for your personal information. We provide evidence-based nutrition coaching through our web application.

Contact: support@calibr8nutrition.com

Account Information: Email address, name, and authentication credentials when you create an account.

Profile Data: Age, gender, height, and activity level to calculate your nutritional needs.

Health & Body Data: Weight, body fat percentage, and body measurements you choose to log. This is classified as special category data under GDPR and requires your explicit consent.

Nutrition Logs: Food intake, meal timing, and calorie/macro tracking data you record.

Usage Data: How you interact with the app, feature usage patterns, and device information for service improvement.

We do not collect data from third parties. All personal data comes directly from you.

Certain data you provide (weight, body fat, body measurements, and health-related dietary preferences) is classified as "special category data" under GDPR Article 9.

We only process this health-related data with your explicit consent, which you provide during account creation.

You can withdraw consent for health data processing at any time by deleting your account or contacting us.

This data is used solely to provide personalized nutrition recommendations and track your progress.

Service Delivery: Calculate personalized calorie and macro targets, generate meal recommendations, and track your progress toward goals.

Account Management: Authenticate your identity, manage your subscription, and communicate important service updates.

Service Improvement: Analyze anonymized, aggregated usage patterns to improve features and user experience.

Support: Respond to your questions and provide customer assistance.

We do not use your data for automated decision-making that produces legal or similarly significant effects.

Consent (GDPR Article 6(1)(a)): For processing your health data, body measurements, and sending optional marketing communications.

Contract Performance (GDPR Article 6(1)(b)): For providing the nutrition coaching service you signed up for.

Legitimate Interests (GDPR Article 6(1)(f)): For service improvement, security monitoring, and fraud prevention, where these interests do not override your rights.

For special category health data, we rely on explicit consent under GDPR Article 9(2)(a).

We never sell your personal data. Period.

Service Providers: We share limited data with trusted providers who help us operate the service: Supabase (database hosting, EU region), Vercel (web hosting), Polar (payment processing), and Sentry (error monitoring).

All service providers are bound by data processing agreements and can only use your data to provide services to us.

Legal Requirements: We may disclose data if required by law, court order, or to protect our legal rights.

Your data is primarily stored in the European Union (Supabase EU region).

Some service providers may process data in the United States. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

By using our service, you acknowledge these transfers necessary to provide the service.

Active Accounts: We retain your data for as long as your account remains active and you use our services.

Deleted Accounts: When you delete your account, we remove your personal data within 30 days. Some anonymized, aggregated data may be retained for analytics.

Legal Requirements: We may retain certain data longer if required by law (e.g., financial records for tax purposes).

Backups: Data in backups is deleted according to our backup rotation schedule, typically within 90 days.

Access: Request a copy of the personal data we hold about you.

Rectification: Correct any inaccurate or incomplete data.

Erasure: Request deletion of your data ("right to be forgotten").

Data Portability: Receive your data in a structured, machine-readable format.

Withdraw Consent: Revoke consent for health data processing at any time.

Object: Object to processing based on legitimate interests.

Restriction: Request limited processing in certain circumstances.

To exercise these rights, contact us at support@calibr8nutrition.com. We will respond within 30 days.

You also have the right to lodge a complaint with your local data protection authority.

For privacy inquiries, data requests, or concerns:

Email: support@calibr8nutrition.com

We aim to respond to all requests within 30 days.