Privacy Policy
Last updated: May 2026
Who we are
Pokacal is a voice calorie tracker made by Valentina Fedosova, based in the Netherlands.
Questions? Email us: privacy@pokacal.com
Data controller: Valentina Fedosova (Amsterdam, Netherlands)
Contact: privacy@pokacal.com
What we collect and why
We collect as little as possible. Here is everything — no exceptions.
To create your account
- Email address — so you can log in
- Password (encrypted, we never see it) — stored securely by Supabase
Guest mode (no email)
If you use Pokacal without signing up, we create a technical anonymous account in Supabase Auth. It has no email and no password — it exists only to securely authenticate your requests to our API proxy.
This guest account may still have: character and language, your daily calorie target (if you set it), and your daily calorie totals (one number per day for sync/streaks).
To personalise the app
- Name (optional) — stored only on your device (encrypted) so the dinosaur can address you personally. We do not keep your name in our database.
- Daily calorie target — we store only this one number (kilocalories per day). It is calculated entirely on your device using the Mifflin–St Jeor formula from your age, weight, height, biological sex, activity level, and goal (lose / maintain / gain). Those inputs stay on your device (encrypted) and are not uploaded to our servers.
- Favourite foods — stored only on your device (encrypted) to help estimate portions when you mention them. We do not store this list in our database.
Your food history
- Detailed food entries (what you said, detected foods, assistant response, timestamps) — stored only on your device (encrypted).
- Daily calorie totals — stored in your account as one number per day (sync, streaks, badges).
What we do NOT collect
- Your location
- Your contacts
- Your photos
- Data from other apps
- Advertising identifiers
- Anything we don't actually need
Your voice
We do not store your voice recordings.
When you speak, audio is temporarily stored on your device, sent to OpenAI Whisper for transcription, and deleted after processing in normal operation. Audio is proxied through our server for secure routing, but not stored by us.
In rare error cases (for example, if reading the temporary file fails), a temporary audio file may remain in your device’s temporary folder until the operating system clears it.
Who sees your data
We use a small number of trusted services. We do not sell your data. We do not share it with advertisers.
| Service | What it does | What it sees |
|---|---|---|
| Supabase | Database and login | Email (for login), daily calorie target, daily calorie totals, language, character, streak |
| OpenAI Whisper | Speech → text | Audio during processing (not stored) |
| Anthropic Claude | Food analysis | Transcribed text (and optional personalization data if enabled) |
| Render | Secure API routing | Processes requests, does not store user content |
| Apple / Google | Sign-in | Email only |
| Cloudflare Pages | Hosts the website | None |
Legal basis (GDPR)
- Contract (Art. 6(1)(b)) — to provide the app features you request.
- Consent (Art. 6(1)(a)) — for optional personalization and where required for health-related context.
- Legitimate interests (Art. 6(1)(f)) — to secure and operate the service (abuse prevention).
Food and nutrition information may be considered health-related. We keep detailed food history on-device and avoid storing it on our servers.
International transfers
Some providers may process data outside the EEA (including in the US). When that happens, we rely on safeguards such as Standard Contractual Clauses (SCCs) and provider measures.
How long we keep your data
- Detailed food history (on your device) — until you delete it manually
- Daily calorie totals (server) — until you delete your account
- Account data (email, profile) — until account deletion
- Voice audio — never stored; deleted from your device right after transcription
- Server logs — minimal security/operational logs are kept for a limited time (typically up to 30 days), then deleted/rotated. Our hosting provider (Render) retains application stdout/stderr logs by default for a shorter period (typically ~7 days). Logs are intended to contain only non-content metadata (status codes, timestamps). For abuse prevention and debugging we may log hashed identifiers such as a cryptographic hash (SHA-256) and message length — not the message text itself, and never audio bytes. Hashes may be salted to reduce linkability.
Your rights (GDPR)
You're in control of your data. You can:
- See it — request a copy of everything we hold about you (email privacy@pokacal.com)
- Export it — use Export my data in Settings to generate a JSON file of your local data and share/save it
- Delete it — Delete account in Settings deletes your account data from our database, clears local data, and deletes your Supabase Auth account
- Fix it — update language, character, and on-device “about you” in app Settings; email us for anything else
You can withdraw AI processing consent anytime in Settings → Privacy (this disables voice/AI features until you enable them again).
We delete all data under our control. Third-party AI providers may process data transiently according to their policies.
You may also withdraw consent, object, or request restriction in some cases. If you are in the Netherlands, the supervisory authority is the Autoriteit Persoonsgegevens.
Children
Pokacal is not intended for children (under 16 in the EU/EEA; under 13 elsewhere).
Updates to this policy
If something important changes, we'll let you know in the app. The date at the top of this page always shows the latest version.
Data stored only on your device
Age, weight, height, biological sex, activity level, and your goal (lose / maintain / gain) are used only to calculate your daily calorie target. Those values are kept on your phone or computer in the operating system’s encrypted secure storage (not in our cloud database). Your name and favourite foods list are also stored only on the device. We do not receive those inputs on our servers — we only store the single resulting number (your daily calorie target) when you use a synced account, plus other non-sensitive fields: language, character, and streak (counters and dates — not body metrics).
Say hello
privacy@pokacal.com
Valentina Fedosova — Amsterdam, Netherlands