1. Introduction
KidneyPal ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.
Please read this Privacy Policy carefully. By using KidneyPal, you consent to the data practices described in this policy.
2. Information We Collect
2.1 Information You Provide
- Account Information: When you create an account, we collect your name, email address, and authentication credentials (or tokens from third-party sign-in providers like Google or Apple).
- Health Profile: Information you provide about your kidney health status, CKD stage, dietary restrictions, and health conditions to personalize your experience.
- Meal Photos: Photos you take or upload to analyze for nutrient content.
- Dietary Tracking Data: Information about your meals, nutrient intake, and food preferences.
- Feedback and Communications: Any feedback, questions, or communications you send to us.
2.2 Information Collected Automatically
- Device Information: Device type, operating system, unique device identifiers, and mobile network information.
- Usage Data: How you interact with the App, features you use, and time spent on various screens.
- Analytics Data: Crash reports, performance data, and other diagnostic information.
3. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the App's functionality
- Analyze meal photos and provide nutrient estimates
- Personalize your experience based on your health profile
- Generate insights about your dietary patterns
- Send you notifications and reminders (with your consent)
- Respond to your inquiries and provide customer support
- Detect and prevent fraud, abuse, and security issues
- Comply with legal obligations
4. Data Sharing and Disclosure
We do not sell your personal information. We may share your information with:
4.1 Service Providers
| Provider | Purpose | Data Shared |
|---|---|---|
| Google Firebase | Authentication, database, storage, analytics | Account info, meal data, usage analytics |
| Google Gemini AI | Meal photo analysis | Meal photos (processed, not stored) |
| RevenueCat | Subscription management | User ID, subscription status |
| Apple/Google | Payment processing, app distribution | Transaction data (handled by stores) |
4.2 Legal Requirements
We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
5. Data Retention
We retain your data for as long as your account is active or as needed to provide you services. You can request deletion of your account and associated data at any time through the App's settings or by contacting us.
- Account Data: Retained until account deletion
- Meal Photos: Retained until you delete them or your account
- Analytics Data: Aggregated and anonymized after 26 months
6. Data Security
We implement appropriate technical and organizational measures to protect your personal information, including:
- Encryption of data in transit (HTTPS/TLS)
- Encryption of data at rest in our databases
- Secure authentication and access controls
- Regular security assessments and updates
However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.
7. Your Rights and Choices
7.1 Access and Portability
You can access your data through the App. You may request a copy of your personal data by contacting us.
7.2 Correction
You can update your profile information directly in the App at any time.
7.3 Deletion
You can delete your account and all associated data through the App's settings. This action is irreversible.
7.4 Marketing Communications
You can opt out of marketing communications by adjusting your notification settings or clicking "unsubscribe" in emails.
7.5 Push Notifications
You can disable push notifications through your device settings or within the App.
8. Children's Privacy
KidneyPal is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.
9. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have different data protection laws. By using the App, you consent to such transfers.
10. California Privacy Rights (CCPA)
If you are a California resident, you have the right to:
- Know what personal information we collect about you
- Request deletion of your personal information
- Opt out of the sale of your personal information (we do not sell your data)
- Non-discrimination for exercising your privacy rights
To exercise these rights, contact us at privacy@kidneypal.app.
11. European Privacy Rights (GDPR)
If you are in the European Economic Area (EEA), you have additional rights under GDPR, including:
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Right to withdraw consent
To exercise these rights, contact us at privacy@kidneypal.app.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy in the App and updating the "Last Updated" date. Your continued use of the App after such changes constitutes acceptance of the updated policy.
13. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
- Email: privacy@kidneypal.app
- Support: support@kidneypal.app