Calibri Privacy Policy
Last updated: 01.01.2024
This Privacy Notice aims to notify you, as a user of the Calibri app and/or the associated website located at https://calibri.foodinscope.com/ (hereinafter referred to as the "App" and the "Website" respectively, collectively referred to as "we/us" or the "Product"), regarding the handling of your personal data concerning the usage of the Product.
When we mention "personal data" or "personal information," we are addressing information pertaining to you.
This encompasses more than just direct identifiers like your name.
Essentially, anything that pertains to you, including the data inputted about your dietary habits, fitness engagement, purpose for utilizing the Product, and even your manner of using the Product itself, is considered your own and is subject to your legal rights.
In simpler terms, we may also use "your data" or "your information" to convey the same meaning.
This notice aims to furnish you with all pertinent details necessary for making an informed decision regarding the use of the Product.
Additionally, it serves to apprise you of your rights and how you can assert them. Please don't hesitate to reach out to us if you have any questions or concerns.
Please be aware that the Product is designed for users who have reached the minimum legal age. Hence, we anticipate that you will refrain from using the Product unless you are at least 16 years old or older.
This Notice has been drafted in English. In the event that a translated version of the Notice contradicts the English version, the English version shall take precedence.
The entity responsible for processing concerning the Product is Foodinscope Limited, located at Hipokrata iela 13, LV-1079, Riga, Latvia.
If you have any general inquiries regarding this Privacy Notice, the handling of your data by us, or if you wish to exercise your data protection rights, please utilize the following contact options interchangeably:
- For inquiries related to your use of the App: contact@foodinscope.com.
- For inquiries related to your use of the Website: contact@foodinscope.com or engage in direct support chat at https://calibri.foodinscope.com/.
Kindly note that in certain instances, for your security and when there are reasonable concerns regarding the authenticity of a request, we may require authentication before proceeding with your inquiry.
You have the right to exercise the following data-related rights as described below. You can assert them directly via the App, to the extent possible, or via the contact options.
Please be aware that these rights are founded on European laws, specifically the General Data Protection Regulation (GDPR). Depending on your country of residence, these rights may be subject to different interpretations. If you wish to assert your country-specific rights, please inform us, and we will assess your case on an individual basis.
You have the right to request confirmation of whether we process your data and, if so, to obtain information about the extent of such processing and a copy of the data stored by us concerning you.
You have the right to request the correction of any inaccurate or outdated personal data concerning you and the completion of any incomplete data. We endeavor to facilitate your ability to correct or add data through the Product's settings where possible. For instance, you can log in to your user profile and correct, amend, or delete information about yourself. Additionally, we will notify third parties to whom we have transferred your data in the event of rectification of your data.
You have the right to request the deletion of your personal data stored by us. However, please note that the right to erasure is not absolute and will only be fulfilled by us if specific legal requirements are met. You may request data erasure under the following circumstances:
Additionally, your right to erasure is subject to restrictions. For instance, we are not obligated or permitted to delete data that we are required to retain due to statutory retention periods. Similarly, data that we require for the establishment, exercise, or defense of legal claims is exempt from your right to erasure.
If we have transferred personal data to third parties, we will either commence the deletion of your data from such third parties or inform them about the erasure, as required by applicable law.
To simplify matters and avoid unnecessary legal terminology, we will interpret all user requests asking us to "delete my data" as requests for the erasure of data under Article 17 of the GDPR.
You have the right to request, under certain conditions, the restriction of processing, which involves marking stored personal data to limit its future use. The requirements for restricting processing are as follows:
You have the right to receive the data you provided to us in a commonly used and machine-readable format, allowing you to transfer that data to another controller without our interference, in accordance with applicable laws and regulations.
Where feasible, we will enable you to export data for further use directly via the App. Additionally, you may request our assistance in moving your data where technically feasible. Please note that this option pertains only to data processed based on the performance of our contract with you or based on your consent. For more information about the contract and consent, please refer to Section 5 below.
You can lodge a complaint with the data protection authority at any time if you believe that your data has been processed unlawfully. Here is the contact information for the Latvian supervisory data protection authority:
Data State Inspectorate
Address: Elijas iela 17, Riga, LV-1050, Latvia
Telephone: +371 67223131
Fax: +371 67223131
Email: pasts@dvi.gov.lv
You have the right to object to the processing of your personal data, either in whole or in part, at any time and in any form, if our processing is based on a legitimate interest (balancing of interests). To process your objection, we kindly request that you specify your particular situation, explaining why you believe your rights and freedoms are at risk (refer to Article 21 of the GDPR for more details).
Please note that the right to object is not absolute, and we will cease processing your data only if we cannot demonstrate compelling legitimate grounds for processing.
If the processing you object to pertains to direct marketing purposes, we will halt any processing upon receiving your objection. An example of how you can exercise an objection to marketing communications is by clicking the "unsubscribe" button in emails.
If you provide consent to the processing of your personal data, you can withdraw it at any time. However, please note that consent withdrawal does not have a retroactive effect. This means that any processing that occurred before the withdrawal shall not be affected.
In this Section, you can find a description of your privacy rights as a California resident, which are established under California laws, such as the California Consumer Privacy Act (the “CCPA”).
Please note that in this Section 3.1, we describe California-specific rights that substantially differ from those established under the GDPR. These rights are in addition to those established under the GDPR described above in Section 3 for California residents.
You may assert these rights directly via the Product (to the extent possible) or via the contact options.
Your right to request data access and data portability is generally described above in Section 3 under the titles "Right to access" and "Right to rectification," respectively. However, the scopes of these rights differ slightly under the CCPA.
Under the CCPA, you have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months only. Once we receive and confirm your verifiable consumer request, we will disclose to you:
If we sold or disclosed your personal information for a business purpose, we will disclose such facts separately.
Please note that you may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
California consumers are entitled to non-discrimination regarding the exercise of their rights under the CCPA. Specifically, we are prohibited from:
Your right to request erasure is generally described above in Section 3 under the name "Right to erasure (Right to be forgotten)."
Despite the alignment between the right to request data deletion under the CCPA and the right to erasure under the GDPR, it's imperative to recognize that under the CCPA, we retain the discretion to deny your deletion request if retaining your information is necessary for specific purposes. Below, we provide a condensed version of these exceptions for your reference. For comprehensive insights, please consult the complete CCPA text or supplementary clarifications from the California Attorney General.
Under the CCPA, we reserve the right to retain your personal information if necessary for various purposes, including but not limited to:
We do not sell the personal data we collect, as defined in the CCPA, and we will not sell it without providing you with the right to opt out. However, please note that we may share users' personal information for our business purposes as described in Section 7 "Personal Data Transfers."
Under California's "Shine the Light" law (Civil Code Section § 1798.83), users have the right to request information about the disclosure of their personal information to third parties for direct marketing purposes.
In this Section, you will find a description of your privacy rights as a data subject located in Brazil, which are established under the Brazilian General Data Protection Law (LGPD).
Please note that in this Section 3.2, we describe Brazil-specific rights that substantially differ from those established under the GDPR. These rights are in addition to those established under the GDPR described above in Section 3 for data subjects located in Brazil.
You may assert these rights directly via the Product, to the extent possible, or via the contact options provided.
You have the right to request the anonymization, blockage, or erasure of your personal data stored by us. However, please note that this right is not absolute and will only be fulfilled by us if specific legal requirements are met. You may request anonymization, blockage, or erasure only if your personal data is unnecessary, excessive, or has been unlawfully processed.
You possess the entitlement to acquire details regarding the entities with whom we have disclosed your personal information.
At any time, you have the option to file a complaint with the Brazilian National Data Protection Authority (ANPD) if you believe that your data has been unlawfully processed.
Your user journey may vary depending on whether you choose to use the App or the Website, or both. Similarly, the scope and specifics of data processing will vary:
DATA CATEGORY | WEBSITE DATA COLLECTION | APP DATA COLLECTION |
General Information | Upon commencing the use of the Website, or during the course of Website use, we collect the following personal data:
| Upon initiating the use of the App, or during the course of App usage, we collect the following personal data:
If you accessed the App from the Website, we may utilize the information already collected on the Website for the App. |
Payment Data | To make a purchase on the Website, you'll need to input your payment details, such as bank card information or credentials for payment services like PayPal. Depending on the service provider handling your payment, we may or may not have access to this information. Payment gateways such as PayPal and Stripe operate independently. We receive limited details from them, including the transaction date, time, amount, payment method type, transaction ID, and the last four digits of the bank card, which we use to identify and record your subscription status. Our all-in-one payment provider manages your payment data, including bank card details, IP address, email, and name, on our behalf. However, it only shares limited transaction details with us, such as the date, time, and amount, ensuring that our employees and contractors cannot access your payment credentials. | not applicable |
The in-app information about wellness and fitness | not applicable | We might capture the inputs you make within the app, such as your meal choices, hydration status, and current weight. |
The onboarding information about wellness and fitness | In order to customize your Product experience according to your preferences, we may request that you provide answers to certain inquiries regarding your fitness and wellness background. These fitness and wellness onboarding details might encompass factors such as your height and weight, desired weight and body composition goals, target areas for improvement, current fitness status, sleep patterns, well-being indicators, and more. Failure to furnish us with fitness and wellness onboarding information will result in our inability to craft a personalized fitness and nutrition regimen tailored to your specific needs. | |
Customer Support and Other Communication Details
| When engaging with us for customer support or any other purpose, you may share various details related to your product usage, additional contact information, payment specifics, identification documents, or other pertinent information that could assist in addressing your inquiry. Additionally, we collect feedback on your experience with customer support. | |
User Choices | We gather:
| We gather:
|
Feedback Data | Should you communicate any feedback to us, we will collect and process it. | Through our app, you have the option to provide feedback, rate our application, or engage in deeper discussions. We'll gather and analyze the data you submit to enhance our product. Additionally, we'll collect and process any feedback you communicate to us through other channels. |
DATA CATEGORY | WEBSITE DATA COLLECTION | APP DATA COLLECTION |
Usage Data | We gather data concerning your activity on our website, including the frequency of use, areas and features you access, visit, or utilize, as well as your engagement with specific features. | We gather data on your activity within our app, including:
|
Device-Related Data | When you install, access, or utilize the website, we gather device-related data, including:
This information also encompasses approximate location data. | When you install, access, or utilize the app, we gather device-related data, including:
This information also encompasses approximate location data. Additionally, we may scan your device to identify applications that the app can connect with, such as fitness tracker apps. |
Subscription Status | not applicable | Through information exchange with your application store, we comprehend and record your subscription status. |
Logging and Diagnostic Data | We gather troubleshooting, bug, and crash reporting data from you to aid in identifying issues with the product. Additionally, we collect and maintain logs to access historical data for both internal and external investigations. | |
DATA CATEGORY | WEBSITE DATA COLLECTION | APP DATA COLLECTION |
Fitness Tracker Information, Fitness Band | not applicable | You have the option to authorize us to access third-party services like Apple HealthKit or Google Fit, allowing us to import personal health and activity data into the app. The specific imported data depends on the service you grant us access to, typically including sports activities, weight, calories burned, heart rate, number of steps/distance traveled, etc. By opting to import this data, you are subject to the privacy policies and practices of Google Fit or Apple HealthKit, in addition to this Privacy Notice. |
Advertising Network Data | Advertising networks furnish us with insights on the channels (such as social networks) and specific ad campaigns that contributed to your engagement with the product. | |
On the website, we employ cookies and similar tracking technologies for diverse purposes. For further details on cookies and similar technologies, please consult Section 6.
Certain features may involve storing and processing data locally on your device, and we do not have access to that information. This could apply to the Calibri app's food recognition feature [subject to availability].
All data processing must adhere to lawful bases outlined under applicable law, which include:
The purposes of our data processing, along with the corresponding data categories used for each lawful basis, are outlined below. Please note that the purposes and legal bases for data processing are the same for both the App and the Website.
WHY AND HOW WE PROCESS YOUR INFORMATION | DATA USED |
To guarantee the proper functioning of the Product, including maintaining your profile, facilitating easy access, and delivering the functionality as described in the Product descriptions and accompanying materials. For instance, we utilize your data to tailor fitness and nutrition plans to your needs. | Fitness and Wellness Onboarding Information Fitness and Wellness In-App Information |
For billing purposes, managing accounts, and enabling access to features. | Payment Data/Subscription Status |
Please be aware that providing the aforementioned information is essential for us to offer our Product to you (fulfilling our contract with you).
Without the listed information, we will be unable to provide the Product.
Furthermore, if you request data erasure or restrict our access to such data, we will be unable to continue providing the Product.
We use Fitness Band or Fitness Tracker Data to exchange information with different fitness bands and/or trackers as per your request.
Please keep in mind that you have the option to withhold or revoke your consent at any time if you alter your decision.
You can accomplish this either through the App settings or by reaching out to us.
However, please note that withholding or revoking consent will also prevent us from providing you with features that rely on your consent.
WHY AND HOW WE PROCESS YOUR INFORMATION | SUBSTANTIATION OF LEGITIMATE INTEREST | DATA USED |
To analyze the performance of our Product, enhance it, and provide an improved user experience based on the analysis of your interactions with the Product. For instance:
| Our objective is to gauge the usage of our Product and tally the individuals who engage with it. These actions are geared towards enhancing Product development and facilitating the provision of precise and dependable internal reporting. | Log and Troubleshooting Information Payment Data (the fact of purchase)/Subscription Status |
To evaluate the efficacy of our advertising campaigns by discerning which advertisements prompted your engagement with the Product and whether you ultimately utilized or purchased it, along with some of its features. | Our aim is to comprehend individuals who might be interested in our Product and to present our Product to new potentially interested audiences, as well as remind previous users about it. | General Information (in a limited scope) Payment Data (the fact of purchase)/Subscription Status |
To engage with you through different channels, such as:
You have the option to opt out of any promotional communications at any time, as detailed in your privacy rights section. | We believe that offering potentially relevant information alongside the Product functionality will enhance the user experience. | |
To offer customer support and process requests for the customer support team. This involves tasks such as:
| We are committed to assisting our users with any inquiries or requests they may have. | Customer Support and Other Communications Information |
To protect ourselves from potential legal claims, litigation, or other disputes, including those related to violations of the Terms of Use, Privacy Notice, Subscription Policy, and/or Refund Policy. To uphold the safety, security, and integrity of the Product. To furnish information to the authorities upon request. | We are motivated to respond to complaints and prevent and address fraud, unauthorized use of the Product, violations of our Terms of Use and/or other policies, or other harmful or illegal activities. We are also driven to seek legal advice and protect ourselves, including our rights, personnel, property, or products, as well as our users or others. This includes participation in investigations, regulatory inquiries, litigation, or other disputes. | Log and Troubleshooting Information |
To identify disruptions and maintain Product security, which includes detecting and tracking unauthorized access attempts and access to our servers. | We are motivated to eliminate disruptions, maintain system security, and detect and track unauthorized access and access attempts. | Log and Troubleshooting Information |
WHY AND HOW WE PROCESS YOUR INFORMATION | DATA USED |
According to relevant tax and accounting laws, we may be required to report your payments and conduct any necessary statutory reports or withdrawals. Additionally, in order to comply with applicable laws, we may need to authenticate you by collecting your identification information. Furthermore, in accordance with applicable law, we are required to ascertain whether you consent to the processing of your data, push notifications, marketing communications, and similar activities. We may also be obliged to provide information to authorities upon request. |
We do not utilize your data to make decisions solely based on automated processing that would have legal or similarly significant consequences.
Cookies ("Cookies" or "Cookie") are small text files that are stored on your device while you browse our Website. They assist us in remembering or recognizing some of your actions or choices during Website use for various purposes. At times, they aid us in tracking your activity across websites and devices to evaluate the effectiveness of our advertisements.
We also utilize similar technologies ("Similar Technologies"), which are technically distinct but serve the same purpose of remembering or recognizing your actions during App or Website use. These include:
We can set two main types of Cookies and Similar Technologies:
We suggest referring to Section 7 of this Privacy Notice to comprehend our collaborations regarding the use of Cookies and Similar Technologies.
We utilize Cookies and Similar Technologies for various purposes, including:
The Cookies and Similar Technologies we employ typically belong to one of the following categories, with each category description helping us understand why these technologies are necessary.
These Cookies and Similar Technologies are essential for the Website's functionality and cannot be disabled in our systems.
They are activated in response to actions you take, primarily to remember your choices, such as cookie preferences, onboarding completion status and values, and login data.
Blocking strictly necessary Cookies may result in certain parts of the Website not functioning properly.
These Cookies enable us to count visits and track traffic sources, allowing us to measure and enhance the performance of our Website. They provide insights into which pages are the most and least popular and help us understand how users navigate through the Website.
Preference Cookies are employed to remember your preferences and recognize you upon your return to our Product.
If you do not permit these Cookies, some or all of the services listed below may not function properly.
We and our service providers, including advertising networks, utilize Cookies and Similar Technologies to deliver targeted advertisements for our Product to you on other sites you visit, and to measure your interaction with those ads.
These Cookies and Similar Technologies may be utilized by advertising networks to create a profile of your interests and display relevant ads to you on other sites.
Most browsers offer options to manage how Cookies are set and used while you're browsing, including the ability to clear Cookies and browsing data.
Typically, you can find such options in the browser's 'Help', 'Preferences', or 'Options' menus.
Additionally, your browser may have settings to manage Cookies on a site-by-site basis and provide an incognito mode.
If you wish to modify your previously provided Cookie-related choices, please click the links below to apply the changes immediately:
Many mobile devices and applications enable you to manage the settings for other technologies, such as unique identifiers used to identify a browser, app, or device. For instance, you can manage the Advertising ID on Android devices or Apple's Advertising Identifier in your device's settings. Additionally, app-specific identifiers can usually be managed within the app's settings.
You can visit the following sites to opt out of personalized advertising in general, including regarding our Website:
You can also opt out of advertising provided by particular networks both in the App and on the Website:
Please be aware that if you opt out of personalized advertising, you will still see advertisements; however, they will not be tailored to your interests. Additionally, deleting browser Cookies may erase the Cookie preferences you've previously set, so you may need to opt out again in the future.
Lastly, you can adjust your preferences and opt out of personalized advertisements on your mobile devices (smartphones, tablets) by:
Updating your mobile device settings:
You can also download the Digital Advertising Alliance's AppChoices app and configure it to opt out of specific advertising solutions.
"Do Not Track" is a preference you can set in your web browser to inform the websites you visit that you do not want them to collect information about you. However, the Website does not currently respond to a "Do Not Track" or similar signal.
As previously stated, this Privacy Notice is intended to outline data usage related to the Product. Below, we detail with whom we share your personal data from the Product, encompassing both the Website and the App.
Several functions of the Product rely on services from third parties, known as 'processors'. These processors operate based on and in accordance with our instructions and are prohibited from using your data for their own purposes.
The primary service providers with whom the Product shares your data include:
We utilize Google Cloud Platform, a hosting and backend service offered by Google, for hosting personal data and facilitating the operation and distribution of our Product to its users.
Appsflyer assists us in understanding how users discover our Product, such as which advertiser delivered an ad that led you to our Product. Additionally, Appsflyer provides us with various analytics tools that enable us to research, analyze, and enhance your use of the Product.
We utilize Amplitude for analytics and customer support functions, particularly to comprehend how customers utilize our App. For analytics purposes, Amplitude furnishes us with various tools to research and analyze your use of the Service, aiding us in determining which features to prioritize. Regarding customer support, Amplitude assists us in responding to your technical support requests. For instance, it enables us to track your interaction with our App to identify specific technical issues.
Google Analytics / Google Analytics for Firebase are product analytics tools provided by Google, which help us to analyze the Service data and understand our users to optimize the Service performance.
We utilize the services of third-party advertising platforms, such as Instagram, Facebook, and Snapchat, to display targeted campaigns and messages to users within their platforms based on user behavior.
In simple terms, we provide information about you that allows advertising platforms to locate you in their database and indicate that you performed a desirable action, such as making a purchase.
This enables an advertising network to identify individuals interested in our Product and display advertisements for the Product to users who are most likely to be interested.
Please note that most advertising networks act as separate controllers or co-controllers of your data, in full or in part.
This means that such controllers decide whether to use the transferred data for their own purposes, such as providing you with advertisements from other providers similar to our Product.
You can learn more about the data processing practices of these companies in their respective privacy policies:
We do not share any health and wellness information with advertising networks.
If you wish to opt out of personalized advertising, please explore the options described in Section 6 above.
We may utilize and disclose personal data to enforce our Terms of Use, safeguard our rights, privacy, safety, or property, as well as those of our affiliates, you, or others.
Additionally, we may respond to requests from courts, law enforcement agencies, regulatory bodies, and other public and government authorities, or in other instances as mandated by applicable law.
Please be aware that in the course of conducting business, we may transfer your personal data outside of EU/EEA countries.
If you are located outside of EU/EEA countries, your personal data may be transferred to other jurisdictions.
For instance, some of our service providers are located in the United States of America.
We will implement measures as mandated by applicable law to ensure that data transfers are adequately protected. When a recipient is situated in one of the jurisdictions listed on the official website of the European Commission (here), the appropriate safeguard is the corresponding adequacy decision of the Commission.
In cases where no such adequacy decision is available, we rely on the Standard Contractual Clauses, along with a comprehensive analysis of the law of the destination country, to safeguard your data and your rights.
Furthermore, the Website may share your data as described below.
We collaborate with several payment service providers to facilitate payments via our Website. Specifically, we work with:
Additionally, beyond what has been outlined for both the Website and the App, the App itself shares data as follows.
Firebase Crashlytics is a Google Firebase service utilized to monitor application performance. It enables us to identify the causes and severity of crashes within the Product.
Firebase Remote Config enables us to implement changes to the behavior and appearance of the App dynamically, without the need for a new release.
With your consent, we may access and collect data from Apple's HealthKit and Motion & Fitness frameworks.
These frameworks serve as central storage locations for health and fitness data on iPhone or Apple Watch devices and provide motion and environment-related reports from the onboard hardware of iOS devices, respectively.
You have the option to prevent Apple from accessing your data at any time, thereby preventing it from being shared, by adjusting your mobile device settings. For more information about HealthKit, you can visit: https://developer.apple.com/documentation/healthkit
If you opt-in, we may access your personal information, such as the general quantity of steps taken throughout the day or during workouts per minute.
Additionally, we may share your personal information, such as your activity and workout details (calories burned, start time/date and duration of workout, distance, system used for distance measurement), with FitBit.
Please note that FitBit manages your data in accordance with their Privacy Policy, which you can access via the following link: https://www.fitbit.com/global/us/legal/privacy-policy.
We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Notice, unless further retention is required by applicable law.
You can request to terminate your account and delete your data at any time. We treat such requests as termination of your contract with us and revocation of your consent(s). We will accommodate such requests and cease any data processing under respective legal bases.
Please note that certain data may be retained even after your deletion request if processing is based on our legitimate interest. For example, we may retain purchase information to protect our rights in a legal action.
However, such retention is not indefinite and is limited to the data's usefulness and our legitimate goals. You may object to our legitimate interests as described in the Your Privacy Rights and How to Exercise Them section. If you wish to object, please specify this in your message to us.
Additionally, we may retain data if deletion is not technically possible, such as when your personal information is stored in backup archives.
In such cases, we will securely store your personal information and isolate it from further processing until deletion is feasible.
Similarly, if we are obligated to retain your data under applicable law (e.g., accounting and tax laws), we will ensure through technical and organizational measures that such data is not used for conflicting purposes, such as advertising to you.
We reserve the right to modify this Privacy Notice periodically by posting the changes directly on this webpage.
It is important to review this Privacy Notice regularly.
In the event of significant changes, we will endeavor to alert you, for example, through a pop-up notification or email.
By continuing to use our Product, you acknowledge that you have read and understood the most recent version of the Privacy Notice.