Privacy Policy

We process account details, device metadata, session records, and security logs to operate and protect the service.

Nutrition features may process meal logs, uploaded food photos, goals, and interaction signals to deliver app functionality.

Payment card data is not stored by Calvion; in-app purchases are handled by App Store and Google Play infrastructure.

Data is used to provide core functionality, secure accounts, prevent abuse, and resolve technical incidents.

Aggregated or de-identified analytics may be used to improve product quality and model performance.

Marketing communications are sent only where legally permitted or consented, and preference controls remain available.

We may share limited data with contracted providers for hosting, analytics, crash monitoring, notifications, and support operations.

Where required by law or to protect rights and safety, disclosures may be made to public authorities.

Third-party links and services have independent privacy practices, and users should review their policies directly.

Data is retained only for as long as needed for service delivery and legal obligations.

When you request account deletion through the app, all personal data is immediately and permanently deleted from our systems — including the database, file storage, and authentication records.

Purchase receipts managed by App Store or Google Play are retained by those platforms under their own terms; Calvion does not retain billing data.

Meal logs, optional food photos, goals, and similar inputs may reveal dietary preferences or lifestyle patterns. We process this data to operate wellness and self-tracking features; it is not intended to constitute a regulated medical record on our systems.

Your daily calorie and macro targets are calculated using the scientifically validated Mifflin-St Jeor equation (WHO/FDA standards), based solely on the height, weight, age, gender, activity level, and goal you provide during setup. No additional profiling is derived beyond these inputs.

Health condition information such as GLP-1 use or PCOS is used transiently on your device only to fine-tune macro targets — it is never stored on our servers or shared with any third party.

You are responsible for the accuracy of what you submit. If you export or share insights outside the app, you should review the privacy practices of any recipient.

Depending on applicable law, you may exercise access, correction, deletion, or portability rights for this data through the channels described in the following section.

Depending on applicable law, you may request access, correction, portability, objection, restriction, or deletion of personal data.

Privacy and data requests (access, correction, portability, deletion, objection, restriction) can be submitted via email at legal@caymaztech.com and are handled after identity verification.

We may update this policy from time to time; material changes are reflected with a revised date and may be notified in-app or by email.

Data Controller: Caymaz TechHealth Yazılım Tic. Ltd. Şti. — MERSİS: 0203091510500001 — Istanbul, Türkiye.

For privacy requests, data access, correction, deletion, or portability: legal@caymaztech.com

Sub-processors: Hetzner Online GmbH (Germany — hosting), Fal Labs / fal.ai (USA — AI inference), Cloudflare R2 (Global — object storage), Firebase / Google LLC (USA — authentication and push notifications), Adapty Inc. (USA — subscription entitlement management). Payments are handled entirely by App Store and Google Play — Calvion does not store payment card data.

International transfers to fal.ai (USA) and Firebase (USA) are made under Standard Contractual Clauses (SCC). By using AI-powered features you explicitly consent to meal images being processed by fal.ai for inference only; images are not retained by fal.ai beyond the request.

This policy is governed by GDPR (EU 2016/679), KVKK (Law No. 6698), and other applicable data protection laws. For Turkey-specific rights under KVKK Art. 11, please see our Data Processing Notice or contact legal@caymaztech.com.

California residents have the right to know what personal information we collect, to delete it, to correct it, to opt out of its sale or sharing, and to receive non-discriminatory service.

Calvion does not sell personal information to third parties for monetary consideration. We may share data with contracted service providers under agreements that restrict use solely to providing services to us.

To exercise your California rights — including opt-out of sharing, access, correction, or deletion — use the Data Request form linked below.

If a personal data breach is likely to pose a risk to your rights, we notify affected users without undue delay.

Where required by law, we notify supervisory authorities within 72 hours of becoming aware of the breach (GDPR Art. 33; KVKK).

For U.S. users, we follow applicable federal and state breach notification rules, including the FTC Health Breach Notification Rule where applicable (typically within 60 calendar days of discovery).