Privacy Policy

Rumbo Tech Labs, based in Mexico, is the data controller responsible for the processing of personal data collected through the CalorIA Scan application ("the App").

To exercise your data subject rights (access, rectification, deletion, objection, portability), contact us at: privacy@caloriascan.com

Name and email address provided when signing in with Google or Apple.

Weight, height, age, and sex that you voluntarily enter to calculate your personalized calorie goal.

Photos you take inside the App for the sole purpose of analyzing nutritional content. Images are sent to an external AI service (OpenAI) and are not permanently stored on our servers.

Records of scanned foods, calorie and macronutrient values, and daily goals.

Technical information about how you use the App (screens visited, errors) to improve the service. Does not include personally identifiable data.

• Authenticate your identity and maintain your session.
• Analyze food images using AI to estimate calories and macronutrients.
• Store your nutritional history and personalized goals.
• Sync your data across devices.
• Process payments and manage your subscription.

• Send you notifications about your progress or reminders (only if you enable permissions).
• Improve the accuracy of our AI models in an aggregated and anonymized way.

Database and authentication platform (servers in the U.S.). Your data is stored encrypted. See: supabase.com/privacy

Food photos are sent to the OpenAI API for AI-powered nutritional analysis. OpenAI does not use API data to train its models by default. See: openai.com/policies/privacy-policy

We use Google Sign-In for authentication. See: policies.google.com/privacy

Subscription and in-app purchase management platform. Processes purchase information from Google Play and the App Store. See: revenuecat.com/privacy

We use Sign in with Apple for iPhone/iPad users. See: apple.com/legal/privacy

The website (not the App) uses Google Ads (gtag.js, ID AW-18120210375) to measure ad campaign conversions and display personalized ads on Google platforms. These cookies only activate if you grant consent via the cookie banner. See section 12 for details. Reference: policies.google.com/privacy

No data sales. We do not sell, rent, or share your personal data with third parties for advertising or marketing purposes beyond the Google Ads conversion measurement described above.

Your data may be transferred to and stored on servers located outside Mexico (in the U.S.) by the providers mentioned in section 4. Such providers hold appropriate security certifications (ISO 27001, SOC 2). For users in the EEA, transfers are governed by Standard Contractual Clauses (SCCs) approved by the European Commission.

Your data is retained while your account is active. When you delete your account from inside the App (Profile → Delete my account), all your personal data is permanently erased within a maximum of 30 days.

Food images processed by AI are not stored after the analysis is complete.

Under LFPDPPP (Mexico) and GDPR (EU), you have the following rights:

Know what personal data we hold about you.

Request correction of inaccurate or incomplete data (you can also do this directly in Profile → My profile).

Request deletion of your data. You can do this directly from the App (Profile → Delete my account).

Object to the processing of your data for secondary purposes.

Receive your data in a structured, commonly used, machine-readable format.

Withdraw your consent at any time, including consent given via the cookie banner (see section 12).

To exercise these rights, send an email to privacy@caloriascan.com with the subject "Data subject rights". We will respond within 20 business days (LFPDPPP) or 30 days (GDPR).

Required to scan food. Only activates when you open the scan screen.

Optional. Lets you select images from your gallery to analyze.

Optional. Requested only if you enable daily logging reminders.

You can revoke any permission at any time from Settings → Apps on your device.

We implement technical and organizational measures to protect your data, including:

• Encryption in transit (HTTPS/TLS 1.3).
• Encryption at rest in our database.
• Role-based access control via Supabase.
• Secure credential storage on the device.

CalorIA Scan is intended for users aged 13 and older. We do not knowingly collect data from children under 13. If you become aware that a minor has registered an account, contact us at privacy@caloriascan.com so we can delete it.

Calorie and macronutrient values generated by CalorIA Scan are approximate estimates produced by artificial intelligence. They do not constitute medical or dietary advice. Consult a healthcare professional for important dietary decisions.

This section applies only to this website (caloriascan.com), not to the mobile app. The App does not use advertising tracking cookies.

Only Google Ads cookies (gtag.js, ID AW-18120210375), used to measure ad campaign conversions and, where applicable, to display personalized ads across Google platforms (Search, YouTube, Display).

By default, no advertising cookie is activated until you explicitly grant consent through the cookie banner shown on your first visit. This complies with Google Consent Mode v2 and with the GDPR's prior-consent requirement.

• Accept all: Google Ads cookies are activated.
• Necessary only: no tracking cookies are activated (this site does not require technical cookies).
• Reject all: no tracking cookies are activated.

You can change your choice at any time by clicking Change cookie preferences, or by clearing this site's data (localStorage) from your browser settings. The banner will then reappear.

If you grant consent, Google may receive your IP address, cookie identifiers, and browsing data on this site. Google acts as an independent data controller for this data. See: policies.google.com/privacy and policies.google.com/technologies/ads

• Mexico (LFPDPPP): informed consent via the banner.
• European Union / EEA (GDPR Art. 6.1.a): explicit prior consent (default-deny).

We may update this Privacy Policy from time to time. We will notify you within the App about significant changes. The last updated date appears at the top of this document. Continued use of the App after changes constitutes your acceptance.