Privacy Policy

1. Who We Are

Logd Calorie Tracker ("Logd", "we", "us", or "our") is an iOS app developed by Deviify. Our app helps you track calories, log meals, and monitor your weight — simply and without noise.

If you have any questions about this Privacy Policy, contact us at: omid@deviify.com

2. Data We Collect

We collect only what is necessary to provide you with a personalised calorie tracking experience.

Account Information

When you sign in with Apple, we receive your name and email address from Apple and store them in our authentication backend (Supabase). This is the only personal data stored on our servers.

Profile & Body Metrics (stored locally & synced via iCloud)

• Biological sex, age, height, current weight, target weight
• Activity level and weight goal preference
• Daily calorie goal

This data is stored on your device and synced across your own devices via iCloud. It is not accessible to us.

Food & Weight Logs (stored locally & synced via iCloud)

• Food entries (name, calories, macros, meal type, timestamp, source)
• Text you type for AI calorie estimation
• Meal photos you take for AI calorie estimation
• Speech you record for voice logging
• Barcodes scanned for food lookup
• Weight entries (value and timestamp)
• Saved meals and favourite foods

All food and weight logs are stored in a local database on your device, synced via Apple CloudKit to your personal iCloud account. We cannot access this data.

Health Data (via Apple HealthKit)

With your permission, we read biological sex, date of birth, height, and body weight from Apple Health to pre-fill your profile during onboarding. The app does not write any data back to Apple Health. HealthKit data is never shared with third parties or sent to our servers.

3. How We Use Your Data

• To calculate your personalised calorie goal using the Mifflin-St Jeor BMR formula, entirely on your device.
• To power AI calorie estimation — the text you type or the meal photo you take is sent to our secure backend, which relays it to OpenAI to estimate calories and macros. This data is used solely to process your request and is not used to train models.
• To transcribe voice logging — speech is converted to text entirely on your device using an on-device model. Your audio never leaves your iPhone and is never sent to us or any third party.
• To look up food barcodes via the Open Food Facts public database.
• To authenticate your account via Supabase and Apple Sign-In.
• To verify your subscription via Apple's App Store (StoreKit).
• To check the app version so we can notify you of required updates.

4. Data Sharing & Third Parties

We do not sell, rent, or share your personal data with advertisers or data brokers. Period.

The limited third-party services we use:

• OpenAI — the AI model used to estimate calories and macros from your text and meal photos, accessed through our own secure backend. Your input is processed solely to fulfil your request and is not used for model training. OpenAI Privacy Policy
• Supabase — authentication and user account management. Only your name and email are stored. Supabase Privacy Policy
• Open Food Facts — a public, open-source food database used for barcode lookups. No personal data is sent. Open Food Facts Privacy Policy
• Apple CloudKit / iCloud — syncs your food logs and settings across your devices. Governed by Apple's privacy policy.
• Apple HealthKit & App Store — read health data on your device and manage your subscription. Governed by Apple's privacy policy.

Voice transcription runs on-device and involves no third party. We have no analytics SDKs, no ad networks, no crash reporting tools, and no third-party trackers integrated into the app.

5. Legal Bases for Processing (EEA & UK)

If you are in the European Economic Area or the United Kingdom, we process your personal data on the following legal bases under the GDPR:

• Performance of a contract (Art. 6(1)(b)) — to provide the app, your account, and the features you use.
• Legitimate interests (Art. 6(1)(f)) — to keep the service secure and working and to send the optional reminders you enable.
• Consent (Art. 6(1)(a)) — where we ask for it; you can withdraw it at any time.

Your meals, weight, and body metrics are health-related data — a special category under Art. 9 GDPR. We process them only on the basis of your explicit consent, given when you create your account and accept this policy, and solely to provide the calorie-tracking features you request. You can withdraw this consent at any time by deleting your account.

6. International Data Transfers

We and some of our providers are located outside the EEA. In particular, the food text and photos you submit for estimation are processed by OpenAI in the United States, and Apple services may process data in the United States. When data leaves the EEA, we rely on appropriate safeguards such as the EU Standard Contractual Clauses and, where applicable, the EU–US Data Privacy Framework.

7. Data Retention & Deletion

Your food logs and health data exist on your device and in your iCloud. You can delete individual entries at any time within the app. Deleting the app removes all local data.

Our backend does not store your meals, photos, or calorie estimates — each request is processed and immediately discarded. For security and debugging, our servers keep short-lived diagnostic logs that may include your account identifier and a brief snippet of a request (for example, the first few words of a food description); these expire automatically. Temporary rate-limiting counters tied to your account are also held briefly and then expire.

To delete your account and all associated authentication data (name and email) from our servers, contact us at omid@deviify.com and we will process your request within 30 days.

8. Children's Privacy

Logd Calorie Tracker is not intended for children. We do not knowingly collect personal information from children under 13, or under 16 in the European Economic Area where a higher age of digital consent applies. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

9. Security

We take security seriously. All communication with our servers is encrypted via HTTPS. Apple Sign-In uses industry-standard OAuth 2.0 with nonce-based verification. The app holds no third-party API keys — AI requests are relayed through our backend. Your local data is protected by iOS platform encryption.

10. Your Rights

Wherever you live, you can contact us to exercise your privacy rights. If you are in the EEA or the UK, the GDPR gives you the right to:

• Access your personal data (Art. 15)
• Correct inaccurate data (Art. 16)
• Erase your data (Art. 17)
• Restrict or object to processing (Art. 18 and 21)
• Receive your data in a structured, portable format (Art. 20)
• Withdraw any consent you have given (Art. 7(3))

You can exercise most of these directly in the app — edit or delete entries, and delete your account at any time. For anything else, contact us at omid@deviify.com and we will respond within 30 days. You also have the right to lodge a complaint with your local data-protection supervisory authority.

11. California Privacy Rights

We do not sell or share your personal information, and we never have. If you are a California resident, you have the right to know what personal information we collect, to request its deletion, and not to be treated differently for exercising these rights. To make a request, contact us at omid@deviify.com.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the "Last updated" date at the top of this page. Continued use of the app after changes constitutes acceptance of the updated policy.

13. Contact

The data controller for Logd Calorie Tracker is Deviify, based in Berlin, Germany. Questions, concerns, or to exercise your rights? Reach us at omid@deviify.com. You also have the right to lodge a complaint with a data-protection supervisory authority — in Germany, the Berlin Commissioner for Data Protection and Freedom of Information (Berliner Beauftragte für Datenschutz und Informationsfreiheit).