SpeakCal Privacy Policy

Last updated: 2026-05-05 Effective date: 2026-05-05

This Privacy Policy describes how SpeakCal ("we", "us", or "our") collects, uses, and shares information when you use the SpeakCal mobile application ("the App").

We've written this in plain language so you can actually read it. If anything is unclear, email us at [email protected].

TL;DR

• The App works without an account. If you don't sign in, we don't know who you are.
• If you sign in with Apple, we receive a Sign in with Apple identifier and (if you allow it the first time) your name and email. Apple's "Hide My Email" relay is supported.
• Your meals, symptoms, and health data are stored on your device by default. We do not transmit this data to our servers unless you opt into cloud backup.
• We use Apple HealthKit to write meals as nutrition entries. HealthKit data stays on your device and we never read or transmit your health history.
• We use third-party services (RevenueCat, Anthropic, USDA, Open Food Facts, optionally FatSecret, Apple) to deliver the App. Each is described below.
• We do not sell your data. Ever.
• We do not show ads. The App is free or premium-subscription-funded.
• You can request full deletion of any data we hold by emailing [email protected].

1. Information we collect

1.1 Anonymous usage data (default — no account required)

When you use the App without signing in, we generate an anonymous app user identifier locally on your device. This identifier is:

• Tied to your installation (resets if you uninstall and reinstall)
• Stored in your device's secure keychain
• Used solely to track your subscription status with RevenueCat (our subscription provider)

We do not associate this identifier with any personal information.

1.2 Sign in with Apple (optional)

If you choose to sign in with Apple, we receive from Apple:

• Apple-issued user identifier (a stable string per Apple ID per app — we cannot use it to identify you outside SpeakCal)
• Display name (only on your first sign-in; Apple does not return it again)
• Email address (only on first sign-in; may be a real email or Apple's "Hide My Email" relay address)

We store these locally in your device's secure keychain and use them to:

• Persist your subscription across devices (so if you switch phones, your premium subscription follows you)
• Display your name in the App's Settings screen

We do not send your Apple-issued identifier, name, or email to any third party except as required to maintain your subscription with RevenueCat (see Section 3.1).

1.3 Voice transcripts

When you tap the mic and describe a meal, your speech is transcribed using Apple's on-device Speech framework. This transcription happens entirely on your device — your voice does not leave the device.

The text transcript is then sent to our backend (Supabase Edge Functions) which forwards it to Anthropic's Claude API to extract food entities. The transcript is processed in memory and is not stored long-term by us or by Anthropic.

1.4 Meals, symptoms, and notes

All meals you log, symptoms you record, and notes you add are stored locally on your device by default in an encrypted SQLite database (drift / Apple File Protection).

If you opt into cloud backup (a future feature, not yet active), this data would be synced to your private record in our Supabase database, accessible only to you via your authenticated session.

1.5 Apple HealthKit data

If you grant the App HealthKit permission, the App will:

• Write meals you log to HealthKit as Dietary Energy / Macronutrient samples
• Read previously written entries to keep the App in sync

HealthKit data is stored by Apple on your device and synced via your iCloud account if enabled. We do not transmit HealthKit data to our servers and do not have access to it.

1.6 Diagnostics and analytics

We use TelemetryDeck for anonymous, privacy-respecting analytics. The data we collect through TelemetryDeck:

• Does not include any personally identifiable information
• Is hashed before being sent
• Tells us aggregate things like "X users tapped the mic" without revealing who you are
• Can be disabled in Settings → Privacy

We do not use Google Analytics, Facebook SDK, or any tracking SDKs that build advertising profiles.

2. How we use your information

We use the limited information described above to:

1. Provide the App's core features — log meals, calculate nutrition, sync with HealthKit
2. Manage your subscription — verify premium status, restore purchases, transfer subscription to new devices
3. Improve reliability — anonymous diagnostics tell us if features are working
4. Respond to your support requests — if you email us we can reply

We do not use your information to:

• Build advertising profiles
• Sell to data brokers
• Train AI models on your private data
• Share with marketing partners

3. Third-party services

These services are essential for the App to work. Each receives only the minimum data necessary.

3.1 RevenueCat (subscription management)

• What they receive: Your anonymous user ID OR your Apple Sign In identifier (if you signed in)
• Purpose: Manage your premium subscription, validate Apple receipts, restore purchases
• Data retention: RevenueCat retains your subscription history for as long as needed to provide the service
• Privacy policy: https://www.revenuecat.com/privacy

3.2 Anthropic (AI food extraction)

• What they receive: Your meal description text (e.g., "I had a burrito for lunch")
• Purpose: Extract structured food entities from natural language
• Data retention: Anthropic states they do not retain API request data for training. See https://www.anthropic.com/legal/privacy
• No PII: We do not send your name, identifier, or any personal information

3.3 USDA FoodData Central (nutrition database)

• What they receive: Food name queries (e.g., "chicken breast")
• Purpose: Look up calorie and macronutrient data
• No PII: US Government public API, no user identification

3.4 Open Food Facts (food database)

• What they receive: Food name queries and barcodes
• Purpose: Fall back source for branded items USDA may miss
• No PII: Open data project, no user identification
• Privacy policy: https://world.openfoodfacts.org/privacy

3.5 FatSecret (food and restaurant database — when activated)

• What they receive: Food name queries
• Purpose: Provide branded item and restaurant menu nutrition coverage
• No PII: No user identification sent
• Privacy policy: https://platform.fatsecret.com/api/Default.aspx?screen=privacy

3.6 Apple (Sign in with Apple, App Store, HealthKit)

• Purpose: Authentication, in-app purchases, health data integration
• Privacy policy: https://www.apple.com/legal/privacy/

3.7 Supabase (backend infrastructure)

• Purpose: Hosts our Edge Functions and (future) database
• Data retention: Same as our own data retention policy
• Privacy policy: https://supabase.com/privacy

3.8 TelemetryDeck (anonymous analytics)

• What they receive: Hashed event names, no user identifiers, no IP addresses retained
• Purpose: Aggregate usage statistics
• Privacy policy: https://telemetrydeck.com/privacy

4. Data retention and deletion

Local data

• Lives on your device. Uninstalling the App removes all local data.
• You can reset all local data from Settings → Privacy & Data.

Server data (if you signed in)

• Subscription records: retained by RevenueCat for as long as your subscription is active, plus standard accounting retention afterwards
• Cloud-synced meals (when cloud sync ships): retained until you delete them or delete your account

Account deletion

Email [email protected] with the subject "Delete my account" from the email you used for Sign in with Apple, and we will:

1. Delete your record on our servers within 30 days
2. Mark your RevenueCat record for deletion
3. Confirm by reply when complete

You can also delete from inside the App: Settings → Danger Zone → Delete Account.

Account-deletion grace period

After you request deletion, we hold your data for 30 days in case you change your mind. After 30 days, deletion is irreversible.

5. Children

The App is intended for users 13 years of age and older.

We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at [email protected] and we will delete it immediately.

The App is not directed at, marketed to, or designed for children under 13.

6. Eating disorder safety

SpeakCal is not a medical device, treatment tool, or substitute for professional care. If our onboarding flow detects that you may have a history of eating disorders, we surface a screen with the National Eating Disorders Association (NEDA) helpline and resources before you proceed.

We do not transmit, store, or share any disclosure you make on that screen with any third party. Your answer is stored locally on your device only.

If you are struggling, please call or text 988 (US) or visit https://www.nationaleatingdisorders.org.

7. International users

SpeakCal is operated from the United States. If you use the App from outside the US, your data may be processed in the US.

EU/UK (GDPR)

You have the right to access, correct, delete, or export your data. To exercise these rights, email [email protected].

California (CCPA)

California residents have the right to know what personal information we collect, request deletion, and opt out of sale of personal information. We do not sell personal information.

8. Changes to this policy

We may update this policy from time to time. When we do, we will:

1. Update the "Last updated" date at the top
2. Post a notice in the App's release notes
3. For material changes, send a notification (if you have notifications enabled)

Continued use of the App after a policy change means you accept the updated terms.

9. Contact us

Questions, concerns, or requests:

• Email: [email protected]
• Subject lines we recognize quickly:
  • "Delete my account"
  • "Privacy question"
  • "GDPR request"
  • "CCPA request"

We aim to respond within 5 business days.

This policy is plain-language by design. If you'd like a formal counsel-level legal document, please contact us — but most users find this easier to read.