Privacy Policy

1. Introduction

This Privacy Policy describes how OpenKan, LLC ("we," "our," or "LastCalorie") collects, uses, shares, and protects your personal information when you use our website, mobile application, and related services (collectively, the "Service").

By using our Service, you agree to the practices described in this Privacy Policy. If you do not agree with this policy, please do not use our Service.

2. Information We Collect

2.1 Information You Provide

• Account information: Email address, name, encrypted password
• Profile information: Fitness goals, food preferences, dietary restrictions
• Meal photos: Food images you upload for AI analysis. These photos may contain visual information about your diet and environment.
• Payment information: Processed by third parties (Stripe, RevenueCat). We do not store complete credit card numbers.
• Communications: Messages you send us via email or through the Service

2.2 Information Collected Automatically

• Usage data: Pages visited, features used, time spent, clicks, scrolling
• Device data: Device type, operating system, browser, language, unique identifiers
• Location data: IP address, time zone, locale settings
• Cookies and similar technologies: See Section 4 below for details

2.3 Information from Third Parties

We may receive information about you from our service partners, such as:

• Stripe/RevenueCat: Payment status, subscription history
• PostHog: Aggregated analytics data about Service usage
• Meta Pixel: Advertising conversion and remarketing data

3. How We Use Your Information

We use your information to:

• Provide the Service: Process meal photos, generate AI analyses, provide PDF planners
• Process transactions: Manage payments, subscriptions, refunds
• Communication: Send transactional emails (confirmations, receipts), educational emails (if you opted in), and service updates
• Improve the Service: Analyze usage, identify bugs, develop new features, train AI models
• Security: Detect fraud, prevent abuse, protect legal rights
• Legal compliance: Comply with legal obligations, resolve disputes, enforce agreements
• Marketing (with consent): Send promotional offers and targeted advertising campaigns

4. Cookies and Tracking Technologies

We use cookies, web beacons, pixels, and similar technologies to:

• Keep you logged in to your account
• Remember your preferences and settings
• Analyze how you use the Service
• Measure effectiveness of marketing campaigns
• Deliver personalized advertisements

Types of Cookies We Use:

• Essential: Required for basic Service operation (authentication, security)
• Functional: Remember your choices (language, preferences)
• Analytics: Collect usage data (PostHog, Google Analytics)
• Advertising: Track activity for targeted ads (Meta Pixel)

Cookie Management: You can control cookies through your browser settings. Note that disabling cookies may affect Service functionality.

5. Information Sharing and Disclosure

WE DO NOT SELL YOUR PERSONAL INFORMATION.

We may share your information in the following circumstances:

5.1 Third-Party Service Providers

We work with trusted third-party service providers to:

• Process payments and manage subscriptions
• Host and securely store data
• Send transactional emails
• Provide AI-powered photo analysis
• Analyze service usage and user behavior
• Advertising conversion tracking

These providers have limited access to your information solely to perform specific tasks on our behalf and are contractually obligated to protect your information.

5.2 Legal Requirements

We may disclose your information if required by law or if we believe in good faith that such action is necessary to:

• Comply with legal obligations or subpoenas
• Protect and defend our rights or property
• Prevent or investigate possible wrongdoing
• Protect personal safety of users

5.3 Business Transfers

If we are involved in a merger, acquisition, asset sale, or bankruptcy, your information may be transferred as part of that transaction. You will be notified of any change in ownership.

5.4 Aggregated and Anonymized Data

We may share aggregated or anonymized data that cannot reasonably be used to identify you (e.g., "80% of users log meals in the morning").

6. International Data Transfers

Your information may be transferred to and processed on servers located outside your country of residence, including the United States, where data protection laws may differ.

By using our Service, you consent to the transfer of your information to these countries. We implement appropriate safeguards (such as Standard Contractual Clauses) to protect your information during international transfers.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Account data: Retained while your account is active or as needed to provide the Service
• Meal photos: Stored while your account is active; you can delete them at any time
• Transaction data: Retained for up to 7 years for tax and accounting compliance
• Analytics data: Aggregated data may be retained indefinitely for trend analysis

When you request account deletion, we will delete or anonymize your personal information within 30 days, except as required by law.

8. Your Rights and Choices

Depending on your location, you may have the following rights:

8.1 General Rights

• Access: Request a copy of your personal information
• Correct: Update or correct inaccurate information
• Delete: Request deletion of your personal information
• Portability: Receive your data in a structured, machine-readable format
• Withdraw consent: Withdraw consent for consent-based processing
• Object: Object to processing of your information in certain circumstances

8.2 Email Preferences

You can unsubscribe from marketing emails by clicking the "Unsubscribe" link in any promotional email. Note that we may still send important transactional emails related to your account or purchases.

8.3 Region-Specific Rights

European Union Residents (GDPR)

If you are in the EU, you have additional rights under GDPR, including:

• Right to restriction of processing
• Right to lodge a complaint with a supervisory authority
• Legal basis: We process your data based on (i) contract, (ii) legitimate interests, or (iii) consent

California Residents (CCPA/CPRA)

If you are a California resident, you have rights under CCPA:

• Right to know what personal information we collect
• Right to delete personal information
• Right to opt-out of sale (we do not sell your data)
• Right to non-discrimination for exercising your rights

8.4 How to Exercise Your Rights

To exercise any of the above rights, contact us at:

contact@lastcalorie.com

We will respond to your request within 30 days. We may request additional information to verify your identity before processing your request.

9. Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, loss, destruction, or alteration, including:

• Encryption of data in transit (HTTPS/TLS)
• Encryption of data at rest
• Role-based access controls
• Regular security audits
• Secure authentication (bcrypt password hashing)
• Firewalls and intrusion monitoring

However, no internet transmission or electronic storage is 100% secure. We cannot guarantee absolute security. You are responsible for keeping your password and account information secure.

If we become aware of a security breach affecting your data, we will notify you and relevant authorities as required by law.

10. Children's Privacy

Our Service is not directed to children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

If we become aware that we have collected information from a child under 18, we will delete that information immediately.

11. Third-Party Links

Our Service may contain links to third-party websites or services that are not owned or controlled by us. We are not responsible for the privacy practices of these third parties.

We encourage you to review the privacy policies of any third-party sites you visit.

12. Automated Decisions and Profiling

We use artificial intelligence (AI) and machine learning algorithms to analyze meal photos and provide calorie estimates and nutritional information.

Important: These analyses are estimates and may not be 100% accurate. AI does not make automated decisions that have legal or significant impacts on you. You always have control over your health and nutrition decisions.

We may use limited profiling to personalize your experience (e.g., recommend recipes based on stated preferences), but you can opt-out by contacting us.

13. "Do Not Track" Signals

We currently do not respond to browser "Do Not Track" (DNT) signals. You can control cookies through your browser settings or use third-party blocking tools.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we may also send an email notice.

Your continued use of the Service after any changes constitutes your acceptance of the revised Privacy Policy.

15. Contact Us

If you have questions, concerns, or requests about this Privacy Policy or our data practices, please contact us: