Privacy Policy for Ketone

Effective: November 21, 2025|

Last Updated: November 22, 2025

Welcome to Ketone. This Privacy Policy explains how Omar Leal ("we," "us," or "our") collects, uses, shares, and protects your personal information when you use the Ketone mobile application (the "App"). We are committed to protecting your privacy and ensuring transparency about how your data is handled. By using Ketone, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Information You Provide Directly

When you create an account and use Ketone, we collect:

Account Information:

Email address
Username
Full name
Password (encrypted)

Health & Profile Data:

Date of birth and age
Gender
Height and weight (initial, current, and target)
Activity level
Health goals (weight loss, maintenance, muscle gain)
Dietary restrictions and preferences
Fasting protocol preferences
Unit system preference (Metric/Imperial)
Bio and avatar image

Usage Data:

Fasting sessions and timings
Meal logs and calorie intake
Water consumption tracking
Exercise data from HIIT and Tabata timers
Conversation history with AI Coach
Progress photos and notes

1.2 Information Collected Automatically

Device Information:

Device type and model
Operating system version
Unique device identifiers
App version

Health Data Integration (HealthKit):

We integrate with Apple HealthKit (iOS only) to display your activity data (steps, workouts, and calories burned) within the app context.
Strict HealthKit Limitation: We strictly and explicitly state that we do not use information gained through the use of the HealthKit framework for advertising, marketing, or similar services.
We do not disclose any HealthKit data to third parties for advertising or data mining purposes.
This data is processed locally or on our secure servers solely to provide you with health insights and visualize your progress.

1.3 Subscription Information

Subscription status and plan type
Purchase platform (iOS, Android, Web)
Transaction IDs (via RevenueCat)
Subscription start, renewal, and cancellation dates

1.4 Analytics and Performance Data

We use analytics services to understand app performance:

App crashes and errors
Feature usage statistics
Session duration and frequency
General usage patterns (anonymized when possible)

2. How We Use Your Information

2.1 Provide Core Services

Create and manage your account
Track your fasting, nutrition, and fitness progress
Generate personalized meal plans based on your data
Provide AI-powered coaching and insights
Sync activity data from HealthKit
Calculate calorie needs and recommendations
Generate intelligent progress reports

2.2 Improve and Personalize Experience

Customize app features to your preferences
Generate personalized AI recommendations
Analyze usage patterns to improve features
Provide gamification levels and achievements

2.3 Manage Subscriptions

Process and manage your subscription
Send renewal reminders and receipts
Handle subscription changes and cancellations

2.4 Communication

Send important updates about the app
Provide customer support
Share weekly content and tips (opt-in)
Respond to your inquiries

2.5 Legal and Security

Comply with legal obligations
Prevent fraud and abuse
Enforce our Terms of Use
Protect the security of our services

3. How We Share Your Information

We respect your privacy and limit data sharing to the following:

3.1 Service Providers

We share data with trusted third-party service providers required for the app's operation:

RevenueCat:

Subscription management and processing
Purchase validation
Only receives necessary transaction data

Cloud Infrastructure (Supabase):

Secure data storage and authentication
Database hosting with encryption at rest and in transit

AI Services (Google Gemini API):

To provide the AI Coach feature, we utilize the Google Gemini API.
When you interact with the AI Coach, we send relevant context (e.g., your active fasting metrics, query text) to generate a helpful response.
We do not send personally identifiable information (PII) such as your email, password, or full name to Google.
Data processed via the API is subject to Google's Generative AI data policies, ensuring high standards of security and privacy.

Analytics Providers:

Anonymized usage data for app improvement
Crash reporting and performance monitoring

3.2 Legal Requirements

We may disclose your information if required by law, legal process, or government request, or to:

Comply with legal obligations
Protect our rights and property
Prevent fraud or security issues
Protect user safety

3.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change and choices you may have.

3.4 What We DON'T Share

We do not sell your personal information to third parties.
We do not share your health data with advertisers.
We do not use your data for targeted advertising.
We do not share your information with other users without your consent.

4. Data Security

We implement industry-standard security measures:

Encryption

All data transmitted between your device and our servers is encrypted using TLS/SSL.

Secure Storage

Your data is stored on secure servers with encryption at rest.

Authentication

Password-based authentication with secure hashing.

Access Controls

Limited employee access to personal data.

Regular Audits

Security assessments and updates.

However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5. Your Rights and Choices

5.1 Access and Control

You have the right to:

Access:

View all personal data we have about you.

Update:

Modify your profile information within the app.

Delete:

You have the right to delete your account directly within the App settings. Upon confirming this action, your account is immediately deactivated, and all associated personal data and history are permanently deleted from our servers and databases. This action is irreversible.

Export:

Receive a copy of your data in a portable format.

5.2 HealthKit Data

You can revoke HealthKit permissions at any time through iOS Settings.
Disabling HealthKit will prevent automatic activity syncing.
Previously synced data will remain unless manually deleted.

5.3 Marketing Communications

You can opt out of promotional emails at any time.
Transactional emails (receipts, security alerts) cannot be disabled.
Manage preferences in app settings.

5.4 Cookie and Tracking Preferences

You can disable analytics in app settings.
This may limit some personalization features.

6. Data Retention

Active Accounts

We retain your data while your account is active.

Deleted Accounts

Data is permanently deleted immediately upon account deletion request.

Backups

Data in database backups is automatically cycled and deleted within 90 days.

Legal Requirements

Some transactional data may be retained longer strictly for tax/legal compliance purposes.

Anonymized Data

Usage statistics may be retained indefinitely in anonymized form.

7. Children's Privacy

Ketone is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately, and we will delete such information.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place for such transfers.

9. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

Right to Know

What personal information we collect and how it's used.

Right to Delete

Request deletion of your personal information.

Right to Opt-Out

Opt-out of sale of personal information (we do not sell data).

Non-Discrimination

We won't discriminate against you for exercising your rights.

To exercise these rights, contact us at omarenriquelealr@gmail.com.

10. European Privacy Rights (GDPR)

If you are in the European Economic Area, you have rights under GDPR:

Right of Access
Right to Rectification
Right to Erasure (Right to be Forgotten)
Right to Restriction
Right to Data Portability
Right to Object
Right to Withdraw Consent

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

Posting the new policy in the app.
Updating the "Last Updated" date.
Sending an email notification (for material changes).

Your continued use of Ketone after changes constitutes acceptance of the updated policy.

12. Third-Party Links and Services

Ketone may contain links to third-party websites or services. We are not responsible for their privacy practices. We encourage you to review their privacy policies.

Summary of Key Points

✓We collect health and profile data you provide.

✓We use Google Gemini API to generate personalized recommendations (no PII sent).

✓We integrate with HealthKit (informational use only, no advertising).

✓We use RevenueCat for subscription management.

✓We do NOT sell your data or use it for advertising.

✓You can access, modify, or permanently delete your data instantly in the app.

✓Data is encrypted and securely stored.

✓App is for users 18+ only.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data:

Developer: Omar Leal

Email: omarenriquelealr@gmail.com

Address: Carrera 49, Calle 67, Medellín, Antioquia, Colombia

Response Time: We aim to respond to all inquiries within 48 hours

By using Ketone, you acknowledge that you have read and understood this Privacy Policy.