Privacy Policy

Effective Date: July 28, 2025

1. Introduction

This Privacy Policy explains how the KiloTrack mobile application, developed by Anvilapp, collects, uses, processes, and protects the personal information of its users.

We respect your privacy and are committed to complying with applicable data protection laws, including the California Consumer Privacy Act (CCPA), the Children's Online Privacy Protection Act (COPPA), the General Data Protection Regulation (GDPR) where applicable, and other relevant regulations.

This policy applies to data collected through the use of the KiloTrack mobile application, available for Android and/or iOS devices.

Please read this document carefully. By using the app, you confirm that you have read and understood this Privacy Policy.

• Developer: Anvilapp
• Contact email: support@anvilapp.org
• Effective date: July 28, 2025
• Age restrictions: This app is intended for use by individuals aged 13 and older (in accordance with COPPA).

2. Definitions

The following terms are used in this Privacy Policy:

"Application" refers to the KiloTrack mobile app developed by Anvilapp, designed for tracking weight, food intake, water consumption, calories, and related metrics.

"User" refers to an individual using the Application on their device.

"Personal Data" means any information related to an identified or identifiable User, including but not limited to email address, age, physical characteristics, device identifiers, etc.

"Device" means any electronic device through which the User accesses the Application (e.g., smartphone or tablet).

"Cookies" and "SDKs" refer to technologies that allow automatic collection of technical and behavioral data when using the Application.

"Data Processing" includes any operation performed on Personal Data, such as collection, storage, use, transfer, anonymization, deletion, etc.

"Third-Party Services" means external services integrated into the Application and provided by third parties (e.g., Google Analytics, Sentry, AdMob) that may receive data as part of their functionality.

3. What Data We Collect

KiloTrack may collect the following categories of data depending on how you interact with the app and the permissions you grant:

3.1. Data You Provide Manually

While using the app, you may voluntarily enter and save the following information:

• Date of birth, gender, height, and weight;
• Personal goals (e.g., target weight);
• Logs of meals, water intake, and physical activity;
• Any other notes or metrics you choose to add.

This data is stored locally on your device and is not shared with the developer or any third parties unless explicitly stated otherwise.

3.2. Device Technical Data

To ensure the app functions properly, the following technical data is collected automatically:

• Device type and model;
• Operating system and version;
• System language;
• Country (based on device region settings);
• Unique device identifiers (such as IDFA or GAID for advertising purposes).

3.3. Analytics Data (Google Analytics for Firebase)

We collect anonymized data about how the app is used, including:

• Frequency and duration of sessions;
• User interactions (e.g., button taps, adding entries);
• Screens viewed within the app;
• App versions and crash reports;
• Approximate location (city-level only).

This information is used solely in aggregated form to improve the app’s stability, performance, and user experience.

3.4. Diagnostic and Crash Data (Sentry)

In the event of a crash or error, the app automatically sends a report to the Sentry monitoring system. This report may include:

• Stack traces;
• Technical details about the device;
• App version;
• Brief contextual information relevant to the crash.

These diagnostic reports are used exclusively to identify and fix technical issues.

3.5. Advertising Data (Google AdMob)

If you use the free version of the app with ads, the following data may be collected:

• Your device’s advertising identifier (GAID for Android / IDFA for iOS);
• Interaction data with ad banners (e.g., impressions, clicks);
• Ad preferences, if you have consented to personalized advertising.

This data is collected in accordance with Google’s policies and only with your consent, including through the applicable consent mechanism for users in the EU and UK.

4. Purposes and Legal Bases for Data Processing

We process your personal data only to the extent necessary for the operation and improvement of the App, in accordance with the principles of transparency, data minimization, and lawfulness. Depending on the category of data and its use, the legal basis for processing may vary.

4.1. Providing Core App Functionality

Purpose:

• To display and store user data (e.g., weight, calories, water intake);
• To perform calculations, send reminders, and visualize progress.

Legal basis:

• Performance of a contract (i.e., the End User License Agreement or Terms of Use).

4.2. App Usage Analytics (Google Analytics)

Purpose:

• To analyze user behavior for improving the app’s user experience and interface;
• To identify popular features, bugs, and drop-off points.

Legal basis:

• Your consent (where required, e.g., in the EU/UK);
• Legitimate interests of the developer (where consent is not legally required).

4.3. Crash and Error Monitoring (Sentry)

Purpose:

• To diagnose technical issues;
• To fix bugs and ensure the stability and security of the app.

Legal basis:

• Legitimate interest — maintaining the functionality, reliability, and security of the app.

4.4. Displaying Advertisements (Google AdMob)

Purpose:

• To display banner and interstitial advertisements;
• To tailor ads based on your preferences (if you have given consent).

Legal basis:

• Your consent (for personalized advertising);
• Legitimate interest (for showing non-personalized ads, where permitted by applicable law).

4.5. Processing Payment Information (if subscription is used)

Purpose:

• To provide access to premium features (e.g., ad-free version);
• To process payments through the App Store or Google Play.

Legal basis:

• Performance of a contract;
• Compliance with legal obligations (e.g., tax and accounting requirements).

5. Third-Party Services

To provide core functionality, analytics, diagnostics, and monetization, the KiloTrack app integrates the following third-party services. Each service processes data in accordance with its own privacy policy and only to the extent necessary for its purpose.

5.1. Google Analytics for Firebase

Used to collect anonymized statistical data about how users interact with the app. This helps us understand which features are most popular and how we can improve the user experience.

• Types of data: usage events, session duration, screen transitions, device information;
• Data transfer: may involve sending data to Google servers (including outside the EU);
• Privacy Policy: https://policies.google.com/privacy

5.2. Sentry (Functional Software, Inc.)

Used to monitor and analyze errors within the app. This enables us to fix bugs efficiently and maintain app stability.

• Types of data: error stack traces, device information, and usage context at the time of a crash;
• Processing and storage: data may be stored on servers in the U.S. or EU, depending on configuration;
• Privacy Policy: https://sentry.io/privacy/

5.3. Google AdMob

Used to display banner and interstitial advertisements in the free version of the app.

• Types of data: advertising identifiers (GAID/IDFA), ad interactions, IP address, system language;
• Personalization: shown only with user consent (especially for users in the EU/EEA);
• Privacy Policy: https://policies.google.com/technologies/ads

⚠️ Important: None of these services have access to the personal data you enter manually in the app (such as weight, meals, or activity logs). They only process technical and aggregated data required for analytics, diagnostics, or ad delivery.

6. Data Retention and Deletion

We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

6.1. Retention of User-Entered Data

• Data that you manually enter (e.g., weight, meals, water intake) is stored locally on your device.
• Backups may be created through an export function (if available). These files are stored only on your device or in a storage location you choose (e.g., cloud storage).
• We do not collect, access, or store copies of this data on our servers.

6.2. Retention of Technical and Analytics Data

• Google Analytics for Firebase retains anonymized usage data for up to 14 months, depending on analytics configuration.
• Sentry retains error logs and technical reports typically for up to 90 days, unless longer retention is required to resolve a specific issue.
• Google AdMob may retain advertising-related data in accordance with its own retention policy, which may vary by region and ad type.

6.3. User-Initiated Data Deletion

You can delete your data in the following ways:

• Via the in-app data deletion feature – this will remove all records stored locally on your device.
• By uninstalling the app – this will delete all locally stored data unless you have exported or backed it up externally.

To reset analytics or advertising identifiers:

• On Android: Settings > Google > Ads > Reset advertising ID
• On iOS: Settings > Privacy & Security > Tracking

If you wish to withdraw consent for analytics or personalized ads, you can do so via the app’s settings (if available) or through your device’s system settings.

7. Data Security

We implement reasonable technical and organizational measures to protect your personal data from loss, unauthorized access, alteration, or disclosure.

7.1. Technical Safeguards

Data encryption:

• User-entered data (e.g., weight, meals) is stored locally on your device and may be encrypted using native system-level security mechanisms:
• On Android: Android Keystore
• On iOS: iOS Keychain and built-in memory protection

Secure data transmission:

• All communication with external services (e.g., Google Analytics, Sentry, AdMob) is conducted over secure, encrypted connections (HTTPS/TLS).

7.2. Access Minimization

• Access to data is strictly limited to personnel or systems that require it to operate the service (e.g., for diagnosing issues).
• Third parties do not have direct access to the personal data you enter (such as calories or weight), since this data remains solely on your device.

7.3. Protection of Advertising and Analytics Data

• Advertising identifiers (such as GAID or IDFA) are processed strictly within the limits of agreements with Google and based on your privacy settings.
• We comply with user data protection requirements as defined by the Google Play and App Store policies.

8. Consent and Preference Management

We respect your right to control how your data is used. In certain jurisdictions (particularly within the European Union, EEA, and the United Kingdom), we are required to obtain your explicit consent before collecting or processing specific categories of data, especially for advertising and analytics purposes.

8.1. Obtaining Consent

On your first launch of the app, you may be asked to provide consent for:

• Personalized advertising (via Google AdMob);
• Usage analytics (via Google Analytics).
• You can choose “Allow” or “Decline” for each type of data.

The app will remain functional even if you decline these optional data uses.

8.2. Managing Consent

You can update your consent preferences at any time:

• Within the app (Settings > Privacy), if available:
  • Disable usage analytics;
  • Disable personalized ads;
• Via your device’s operating system:
  • Android: Settings > Google > Ads > Opt out of Ads Personalization or Reset advertising ID
  • iOS: Settings > Privacy & Security > Tracking > Disable “Allow Apps to Request to Track”

8.3. Withdrawal of Consent

• Withdrawing consent does not affect the lawfulness of data processing based on consent before its withdrawal.
• If you withdraw your consent for advertising or analytics, no further data will be collected in those categories. However, any previously collected data may continue to be stored in an anonymized or aggregated form, in accordance with the respective service’s privacy policy.

9. User Rights

Depending on your location and applicable data protection laws (including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and similar regulations), you may have certain rights regarding your personal data.

9.1. Right of Access

You have the right to request information about the personal data we process about you and to obtain a copy of that data.

9.2. Right to Rectification

If any of your personal data is inaccurate or outdated, you have the right to request that it be corrected or updated.

9.3. Right to Erasure (“Right to Be Forgotten”)

You have the right to request the complete deletion of your personal data in certain circumstances, including:

• The data is no longer necessary for the purposes for which it was collected;
• You have withdrawn your consent (where consent was the legal basis for processing);
• The data is being processed unlawfully.

9.4. Right to Restrict Processing

You may request that we temporarily suspend the processing of your data — for example, if you contest its accuracy or object to its lawful basis.

9.5. Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format, and to transmit that data to another service provider where technically feasible.

9.6. Right to Object

You may object to the processing of your data where the legal basis is our legitimate interest — including for profiling — or if your data is being used for direct marketing purposes.

9.7. Right to Withdraw Consent

If you have previously given consent for the processing of certain types of data, you may withdraw that consent at any time. This will not affect your ability to continue using the app.

9.8. Right to Lodge a Complaint

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection authority.

To exercise any of the rights listed above, you may contact us at: support@anvilapp.org — We will respond within 30 days of receiving your request.

10. Children

KiloTrack is not intended for use by children under the age of 16.

10.1. Age Restriction

We do not knowingly collect or process personal data from users under the age of 16. Use of the app by individuals below this age is permitted only with the consent and supervision of a parent or legal guardian.

If you are a parent or guardian and you become aware that your child has provided us with personal data without your consent, please contact us atsupport@anvilapp.org — we will promptly delete the information in question.

10.2. Legal Basis

This age restriction complies with:

• The GDPR-K (General Data Protection Regulation for Children) in the European Union;
• The Children’s Online Privacy Protection Act (COPPA) in the United States;
• General best practices for ensuring a safe digital environment for minors.

11. International Data Transfers

Some data collected through the App may be transferred to and processed in countries outside your country of residence, including jurisdictions that may not offer the same level of data protection as your own (e.g., the European Union).

11.1. Use of Third-Party Services

The app relies on third-party service providers that may process data on servers located in other countries, including:

• Google Analytics for Firebase and AdMob — Google’s infrastructure may include servers in the United States and other regions;
• Sentry — diagnostic data and error logs may be processed on servers in the U.S. (or the EU, if regional hosting is configured).

11.2. Safeguards in Place

We ensure appropriate protection for international data transfers through:

• The use of Standard Contractual Clauses (SCCs) as approved by the European Commission;
• Compliance with voluntary international frameworks such as the EU-U.S. Data Privacy Framework (where applicable);
• Encryption of data during transmission and storage, in accordance with industry security standards.

12. Cookies, SDKs, and Identifiers

Unlike websites that use traditional cookies, mobile applications use SDKs (Software Development Kits) — built-in modules provided by third-party services. These technologies may automatically collect certain data from your device for purposes such as analytics, diagnostics, and advertising.

12.1. What Are SDKs?

SDKs are third-party code libraries embedded within the app that enable functionality like analytics and advertising. In KiloTrack, we use the following SDKs:

• Google Firebase SDK (for analytics);
• Google AdMob SDK (for advertising);
• Sentry SDK (for crash reporting and diagnostics).

12.2. What Identifiers Are Used?

These SDKs may automatically collect the following identifiers for analytics and advertising purposes:

• GAID (Google Advertising ID) on Android;
• IDFA (Identifier for Advertisers) on iOS;
• Device ID, operating system version, language, country, and other non-directly identifiable technical parameters.

These identifiers help us understand app usage and serve ads appropriately, but do not directly identify you as a person.

12.3. How to Manage These Technologies

You can limit or disable the collection of advertising and analytics identifiers using your device settings:

• On Android: Settings > Google > Ads > Opt out of Ads Personalization or Reset advertising ID
• On iOS: Settings > Privacy & Security > Tracking > Disable tracking for specific apps

Additionally, within the app (if the option is available), you may:

• Disable analytics tracking;
• Disable personalized advertising.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in laws, technologies, or app functionality.

13.1. How You Will Be Notified

If we make material changes to this Policy, we will notify you by:

• A pop-up notice upon launching the app, or
• An in-app message or notification.

The “Last Updated” date will always be shown at the bottom of this document.

13.2. Your Responsibility

We encourage you to review the current version of this Privacy Policy periodically. By continuing to use the app after an update, you are considered to have accepted the revised terms.

14. Contact Information

If you have any questions, comments, or requests regarding this Privacy Policy or the processing of your personal data, you may contact us at:

Email: support@anvilapp.org

Effective Date: July 28, 2025