Last updated: October 9, 2025
1. Introduction
This Privacy Policy describes how the “Calorias” App, an Android application that uses artificial intelligence for nutritional analysis, collects, uses, and shares information derived from your usage.
Please note that the “Calorias” App is an online-only service and does not work offline to detect nutritional values, as it relies on real-time processing of text and images via Google Cloud AI.
WamDev does not store personally identifiable information (PII) such as names or emails on its servers. However, for the proper functioning of the App and for advertising purposes, third-party services may collect data considered personal under GDPR, such as device identifiers, IP addresses, and app usage data.
2. What Information We Collect
A. Information We Do Not Store on Our Servers
- Images and Food Data: Photos and texts (food names and weights) are securely sent to the Google Gemini API solely for processing and obtaining nutritional values. These data are not stored on WamDev servers. Avoid including people or personal information in your photos.
- Personally Identifiable Information: The App does not require creating an account or entering personal information such as name, email, or password.
- Personal Diary Content: Information saved in your personal diary is stored exclusively on your device.
B. Information Collected Automatically and from Third Parties
The App uses third-party services for essential functionality, security, performance, and advertising. These services may process data according to their own privacy policies.
| External Service | Function | Potentially Processed Data | Link to Privacy Policy |
|---|---|---|---|
| Cloudflare Worker | Security proxy and performance optimization | Traffic data (IP address, device/browser info, network requests) for security and performance. Not used for advertising. | Cloudflare Privacy Policy |
| Firebase App Check | App integrity and security verification | Device-related data (e.g., app ID) to generate integrity tokens and verify requests. | Firebase Privacy Policy |
| Google Gemini API | AI processing of photos and texts for nutritional analysis | Food photos and texts sent to Google servers for processing. Governed by Google’s Privacy Policy. Data may be used by Google for AI model training per their policy. | Google Privacy Policy |
| Google ML Kit / ZXing | Barcode scanning (local on device) | Images from the camera are processed locally to extract barcodes. No data is sent to Google servers from this feature. | Google ML Kit / ZXing |
| Google AdMob | Advertising delivery | Device identifiers, app usage data, location (if enabled) to show relevant ads and measure performance. | Google Privacy Policy (AdMob) |
| Google Analytics | App usage analysis and performance monitoring | App usage patterns, screen views, feature usage, device information, and anonymized user behavioral data. | Google Privacy Policy (including Analytics) |
C. Backup of Diary Data
You can save diary backups locally or on a cloud service of your choice (e.g., Google Drive). The App does not access or send these files automatically.
3. Legal Basis for Processing (GDPR)
- Performance of a Contract: Processing photos, texts, and barcodes is necessary to provide nutritional analysis and product lookup.
- Legitimate Interest: Cloudflare Worker and Firebase App Check ensure App security and prevent abuse.
- Consent: Device identifiers and usage data may be collected for personalized advertising through AdMob.
4. Data Sharing and International Transfers
We share data with third parties (listed above) for essential services, security, and advertising, and with legal authorities if required.
Data may be processed outside the EEA (e.g., USA). Standard Contractual Clauses (SCCs) or other mechanisms are adopted to ensure adequate protection.
5. Data Security
Technical and organizational measures are in place (e.g., Cloudflare, Firebase App Check). However, no method of transmission or storage is 100% secure.
6. Permissions
| Permission Requested | Accessible/Collected Data | Purpose of Use |
|---|---|---|
| Camera Access | Images taken by the user | Take photos of foods for diary or scan barcodes for product lookup. Images used only for analysis. |
| Access to Media Files (Images/Photos) | Images/photos stored in device Gallery | Select and upload existing food images for analysis |
| Internet Access (Network) | Device network connection; data sent/received | Send images/texts to Google/external servers for processing and retrieve nutritional values. Required for general app functionality. |
| Access to Storage/Memory (Backup Only) | Data saved on device | Save/restore diary backup files on device or chosen cloud |
7. Data Controller
WamDev is the data controller for the processing of personal data carried out via the Calorias App. Users may contact WamDev for information regarding data processing or clarification on exercising privacy rights.
Email: info@caloriasai.com
8. Your Privacy Rights
Depending on your location:
- GDPR (EEA residents): Access, rectification, erasure, restriction, portability, objection.
- CCPA/CPRA (California residents): Know, opt-out, and non-discrimination rights. App does not sell personal data.
As the App does not collect PII directly, most rights are exercised via third-party providers (e.g., AdMob, Google). WamDev can provide information on how to exercise these rights but does not have direct access to modify data stored by third parties.
9. Advertising and Consent (GDPR & CCPA/CPRA)
The Calorias App uses Google AdMob to display advertisements. When you open the app for the first time, you can choose whether to allow personalized ads or non-personalized ads.
- If you accept personalized ads: Google may process your device identifiers, app usage data, and approximate location to provide relevant ads. This processing is based on your explicit consent (Art. 6(1)(a) GDPR) and may be considered “sharing” of personal information under the CCPA/CPRA.
- If you choose non-personalized ads: Ads are shown based only on general context (app content or device type), and no data are “sold” or “shared” as defined by CCPA/CPRA.
You can change your preference at any time in the App settings. California residents can also exercise their right to opt out of “sharing” by choosing non-personalized ads, which has the same effect as a “Do Not Sell or Share My Personal Information” request.
10. Your Rights Under CCPA/CPRA (California Residents)
If you are a California resident, you have the following rights:
- Right to Know: Information about the categories of personal data collected and the purposes of collection.
- Right to Delete: Request deletion of personal data collected by the App (through third-party providers).
- Right to Correct: Correct inaccurate information via the tools provided by the respective third-party providers.
- Right to Opt-Out of Sale or Sharing: WamDev does not sell personal information. Personalized advertising may involve “sharing”; users can opt out by choosing non-personalized ads.
- Right to Non-Discrimination: Users are not treated differently for exercising privacy rights.
11. Children’s Privacy
The App is not for users under 13. As WamDev does not store personal data on its servers, it cannot identify or delete data of minors. Parents can manage data collected by third-party services using the tools provided by those services.
12. Changes to this Policy
We may update this Policy occasionally. Changes will be posted on this page with a new update date.