Privacy Policy

Last updated: March 6, 2026

1. Introduction

KidneyPal ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.

Please read this Privacy Policy carefully. By using KidneyPal, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide

  • Account Information: When you create an account, we collect your name, email address, and authentication credentials (or tokens from third-party sign-in providers like Google or Apple).
  • Health Profile: Information you provide about your kidney health status, CKD stage, dietary restrictions, and health conditions to personalize your experience.
  • Meal Photos: Photos you take or upload to analyze for nutrient content.
  • Dietary Tracking Data: Information about your meals, nutrient intake, and food preferences.
  • Feedback and Communications: Any feedback, questions, or communications you send to us.

2.2 Apple Health (HealthKit) Data

With your explicit permission, KidneyPal may read and write data to Apple Health (HealthKit) on iOS devices, including:

  • Weight: We read weight entries from Apple Health to display in your weight history, and write weight entries you log in KidneyPal back to Apple Health.
  • Water / Hydration: We read water intake from Apple Health to include in your fluid tracking, and write fluid entries you log in KidneyPal back to Apple Health.
  • Dietary Nutrients: We write nutrient data (sodium, potassium, phosphorus, protein, calories, carbohydrates, fat) from your logged meals to Apple Health.

HealthKit data is never shared with third parties, used for advertising, or sold. HealthKit data is only used within the app to provide you with an integrated view of your kidney health metrics. HealthKit data is not stored on our servers — it is read from and written to Apple Health locally on your device. You can revoke HealthKit access at any time through your device's Settings > Health > Data Access & Devices.

2.3 Information Collected Automatically

  • Device Information: Device type, operating system, unique device identifiers, and mobile network information.
  • Usage Data: How you interact with the App, features you use, and time spent on various screens.
  • Analytics Data: Crash reports, performance data, and other diagnostic information.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the App's functionality
  • Analyze meal photos and provide nutrient estimates
  • Personalize your experience based on your health profile
  • Generate insights about your dietary patterns
  • Send you notifications and reminders (with your consent)
  • Respond to your inquiries and provide customer support
  • Detect and prevent fraud, abuse, and security issues
  • Comply with legal obligations

Important: All nutrient estimates, food analyses, safety scores, and other information generated by the App are AI-powered approximations provided for informational purposes only. They may be inaccurate or incomplete and should not be relied upon as a substitute for professional medical or dietary advice. Please refer to our Terms of Service for full details on the limitations of the App's information.

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

4.1 Service Providers

Provider Purpose Data Shared
Google Firebase Authentication, database, storage, analytics Account info, meal data, usage analytics
Google Gemini AI Meal photo analysis Meal photos (processed, not stored)
RevenueCat Subscription management User ID, subscription status
Apple/Google Payment processing, app distribution Transaction data (handled by stores)
Apple HealthKit On-device health data sync (iOS only) Weight, water, nutrients (local only, never sent to our servers)

4.2 Legal Requirements

We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

5. Data Retention

We retain your data for as long as your account is active or as needed to provide you services. You can request deletion of your account and associated data at any time through the App's settings or by contacting us.

  • Account Data: Retained until account deletion
  • Meal Photos: Retained until you delete them or your account
  • Analytics Data: Aggregated and anonymized after 26 months

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Encryption of data at rest in our databases
  • Secure authentication and access controls
  • Regular security assessments and updates

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

7. Your Rights and Choices

7.1 Access and Portability

You can access your data through the App. You may request a copy of your personal data by contacting us.

7.2 Correction

You can update your profile information directly in the App at any time.

7.3 Deletion

You can delete your account and all associated data through the App's settings. This action is irreversible.

7.4 Marketing Communications

You can opt out of marketing communications by adjusting your notification settings or clicking "unsubscribe" in emails.

7.5 Push Notifications

You can disable push notifications through your device settings or within the App.

8. Children's Privacy

KidneyPal is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have different data protection laws. By using the App, you consent to such transfers.

10. California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information we collect about you
  • Request deletion of your personal information
  • Opt out of the sale of your personal information (we do not sell your data)
  • Non-discrimination for exercising your privacy rights

To exercise these rights, contact us at privacy@kidneypal.app.

11. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have additional rights under GDPR, including:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

To exercise these rights, contact us at privacy@kidneypal.app.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy in the App and updating the "Last Updated" date. Your continued use of the App after such changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: