Last Updated: July 11, 2026
Calk (“we,” “us,” or “our”) makes a calorie and nutrition app (the “App”) and operates the Calk website at calk.me (the “Website”). The App and the Website handle data differently, so this policy describes them separately: Part 1 covers the App, Part 2 covers the Website, and Part 3 covers what applies to both.
The short version: your food logs, weights, and targets stay on your device — we don’t collect them on our servers. The App sends us anonymous product-usage analytics (which screens work — never what you eat or weigh), and you can turn that off in Settings. The Website uses basic visitor analytics and, if you sign up for early access, the email you submit.
Part 1 — The Calk App#
1.1 What stays on your device#
Your food logs, weights, nutrition targets, and the insights and reports derived from them are stored, encrypted, on your device. They are not uploaded to our servers, and no category of App data below includes them.
Health data (only if you allow it). If you connect Apple Health or Health Connect, the App reads weight, activity, and body metrics to set your starting calorie target. It requests only those specific permissions, uses the data on your device, and never writes back to your health store.
1.2 What the App sends us#
Account information. When you create an account with Sign in with Apple or Google, we receive your name and email address from that provider. The account secures access to Calk’s structured food catalog and subscription features.
Device-integrity signals. To prevent fraud and abuse, the App verifies it is a genuine, unmodified install using Apple App Attest (iOS) or Google Play Integrity (Android). These signals confirm the app and device, not who you are.
Product analytics. The App uses Google Analytics for Firebase to send anonymous usage events: onboarding steps completed, that an account was created, that a meal was logged or a weight was entered (as bare events — never the food, the amounts, or the values), whether the nutrition report was unlocked and opened, subscription screen views, and whether a food search found results. These events carry no name, no email, no user ID we could look you up by, no food names or meal contents, no weight or health values. The Firebase SDK uses a random app-instance identifier to group events from the same install; advertising identifiers (IDFA/AAID) and the iOS vendor identifier are not collected, and ad-personalization signals are off.
Failed food searches. One analytics event carries free text: if you search for a food, get no results, and leave the search, the App may send the phrase you typed (shortened to 80 characters) so we can add the foods people actually look for. The App checks this text first and drops the event entirely if the phrase looks like an email address or phone number. If product analytics is off, this is never sent.
The App does not collect your precise location, contacts, photos, or any identifier for advertising tracking.
1.3 How we use App data#
- Account information: to create and secure your account, prevent abuse, and operate subscriptions through the app stores.
- Product analytics: to improve onboarding, find missing foods, and check that core features actually work — nothing else. It is never joined with your identity or your on-device food and weight data.
- We do not use any App data to target advertising, and we do not sell, rent, or trade your personal data.
1.4 Where App data lives, and for how long#
Your food, weight, and target data stays on your device, in an encrypted database. Account identity and integrity checks are handled by Apple and Google/Firebase, which process only what’s needed to sign you in and verify the app. Product analytics is processed by Google Analytics for Firebase (Google LLC) on Google’s servers and retained there for up to 14 months. Subscription billing is handled by the App Store and Google Play; we never see your card.
1.5 Your choices in the App#
- Analytics off. Settings → Product analytics. Turning it off stops all analytics events immediately, at both the App and SDK level. The App works identically either way. For users in the EEA/UK: we process this minimal usage data on the basis of our legitimate interest in improving the App, and this switch is your objection mechanism — no justification needed.
- Export. Take your data with you as a report (PDF) from within the App.
- Delete. Settings → Delete account removes your account and erases your on-device food and weight history and nutrition targets. You can also request deletion at support@calk.me. For security, some anonymized logs may be retained for up to 30 days before permanent deletion. Once complete, the data cannot be recovered.
Part 2 — The Calk Website#
2.1 What the Website collects#
Visitor analytics. We use Google Analytics to understand how the Website is used: pages viewed, referring sites or campaigns, approximate region, device and browser type, and engagement signals such as time on page. Website analytics never includes anything from the App. Google Analytics does not load or send measurement data unless you allow analytics. If you allow it, Google Analytics may set first-party analytics cookies. If you decline or later withdraw consent, analytics remains disabled and those cookies are removed. Advertising use and personalization are disabled in either case.
Early-access signup. If you submit your email address, we collect that address and the Website language shown at signup. The form is sent through a Firebase Cloud Function and stored in Firebase/Firestore so we can contact you about early access or launch updates.
Local preferences. The interactive Website demo may save small preferences (such as the demo meal you built) in your browser. They stay in your browser and are not uploaded.
2.2 How we use Website data#
Analytics tells us which pages are useful and where visitors come from. Analytics event-level data is retained according to the Google Analytics property settings for no longer than 14 months. Early-access emails are used only to contact people who asked to hear from us. Nothing is sold, rented, or used for ad targeting.
2.3 Your choices on the Website#
Use Analytics settings in the Website footer to allow or decline analytics at any time. Ask us to remove your early-access email anytime at support@calk.me.
Part 3 — For both the App and the Website#
3.1 Security#
On-device App data is stored in an encrypted database. We limit access to account data and apply standard safeguards against unauthorized access. No method is perfectly secure, but collecting little is our first line of defense.
3.2 Children#
The App and Website are not directed to children under 13, and we do not knowingly collect their data.
3.3 Changes to this policy#
We may update this policy; material changes will be posted here with a new “Last Updated” date.
3.4 Contact#
Questions? Email support@calk.me or visit calk.me.
