Privacy Policy
Version 2.0 • Last updated: December 28, 2025
Welcome to Cholify ("we," "our," "us"). We are committed to protecting your privacy and ensuring your personal data is handled securely, responsibly, and transparently.
This Privacy Policy explains how we collect, use, and protect your data when you interact with our services, which include:
- Our marketing landing page (LP)
- Our Cholify mobile application (App)
It also outlines your rights and how you can exercise them.
1. Who Can Use Our Services
Our services are intended only for individuals 18 years of age or older. This is because the nutrition and fitness guidance we provide is designed for adults and is based, in part, on European Food Safety Authority (EFSA) nutrient reference values for individuals aged 18 and above. Our system also incorporates additional expert guidelines and proprietary logic developed for adult physiology.
We do not knowingly collect personal data from anyone under 18. If we discover that we have inadvertently collected data from someone under 18, we will delete it immediately.
2. Information We Collect
a. Contact & Account Information
- Email address (LP waitlist and App registration)
- Username (App)
- Account identifiers (user ID)
b. Biometric & Personal Attributes (App)
- Date of birth (or age)
- Weight
- Height
- Sex
- Body fat percentage or body type (e.g., underweight, normal, fit)
These data points are necessary to calculate nutrition estimates and personalize features.
c. Activity Data (App)
- Physical Activity Level (PAL)
- Logged activities (e.g., football / 30 minutes / intense)
d. Goals & Preferences (App)
- Fitness goals (e.g., lose weight, gain muscle, maintain)
- Target weight
- Dietary preferences
- Allergens
e. Health & Nutritional Data (App)
We generate nutrition scores and insights based on information you provide. These calculations use dietary reference values (including EFSA guidance) as a scientific baseline, supplemented by additional proprietary logic and internally developed calculation methods.
Important: These data are considered sensitive personal data under GDPR and are processed only with your explicit consent. Our nutrition scores are estimates, intended for general guidance only. They do not assess health and are not medical advice.
f. Meal Tracking (App)
- Meals, foods, and recipes you log
- Associated nutritional breakdowns
- Dates and times of entries
g. Images & Media (App)
- Profile pictures
- Food, meal, or recipe images you upload
Images are processed securely. Metadata (such as EXIF data) is removed where possible. Images are used only to provide app functionality and are not used to train AI models without your explicit consent.
h. Voice Input (If Enabled)
If you use voice features:
- Audio is converted to text for logging
- Audio recordings are not retained after transcription
- Resulting text is processed like standard meal entries
i. AI Interaction Data
When you use AI-powered features (e.g., chat, food recognition, recommendations), we may process:
- Text prompts you submit
- Images you upload (e.g., meal photos)
- Limited contextual data required to generate responses
AI interactions may be temporarily processed by third-party AI providers solely to deliver requested features. We do not use this data to train AI models unless you explicitly opt in.
j. Tracking & Analytics Data (LP)
We use Umami, a privacy-focused, cookie-less analytics tool, to collect anonymized usage data for the LP, including:
- Device type, operating system, browser
- Pages visited and time spent
This data cannot be used to identify you personally.
k. Push Notification Data
- Push notification tokens
- Device and platform information (iOS / Android)
Used only to deliver app notifications.
3. How We Obtain Explicit Consent for Health Data
Before collecting or processing biometric or health-related data, we present a clear consent prompt explaining:
- What data is collected
- Why it is needed
- How it is used
You must actively agree before these features are enabled. You may withdraw your consent at any time by contacting us.
4. How We Use Your Data
We use your data to:
- Provide and operate the App
- Personalize nutrition insights and estimates
- Generate nutrition scores and recommendations
- Track progress and display analytics
- Send essential service communications
- Improve performance and user experience
- Enhance security and prevent misuse
- Comply with legal obligations
5. Legal Basis for Processing
We process personal data based on:
- Contract performance – to deliver features you request
- Explicit consent – for health and biometric data
- Legitimate interests – service improvement, analytics, security
- Legal obligations – compliance and record-keeping
6. Payments & Subscriptions
Paid features are offered through subscriptions processed by Apple App Store.
We do not collect or store full payment details (such as credit card numbers). We receive limited information such as:
- Subscription status
- Subscription tier
- Renewal or expiration dates
Payments, billing, cancellations, and refunds are handled by the respective app store under their own terms and privacy policies.
7. Data Sharing and Disclosure
We do not sell your personal data.
We may share data with:
- Service providers (cloud hosting, email delivery, analytics, AI processing)
- AI providers (for inference only, not training without consent)
- Legal authorities, when required by law
All processors operate under contractual safeguards and data-protection agreements.
8. Data Retention
- LP waitlist emails: retained until beta completion unless converted into an App account
- App account data: retained until account deletion
- After deletion, limited records (e.g., consent logs) may be retained for up to 2 years for legal and compliance purposes
- AI interaction data: retained only briefly as required for functionality
- Analytics data: retained in aggregated form only
9. International Data Transfers
If data is transferred outside the EU/EEA, we apply appropriate safeguards, including:
- European Commission adequacy decisions
- Standard Contractual Clauses (SCCs)
- EU–US Data Privacy Framework (where applicable)
10. Automated Decision-Making & AI
We use automated calculations and AI-assisted features to generate nutrition estimates and insights. These processes:
- Do not produce legal or similarly significant effects
- Are intended solely for general guidance
- Are not medical assessments
11. Security Measures
We implement appropriate technical and organizational safeguards, including:
- Encryption in transit and at rest
- Secure authentication mechanisms
- Access controls
- Monitoring and incident response procedures
12. Cookies
Our LP and App do not use cookies. Umami analytics is cookie-less.
13. U.S. Privacy Rights
13.1 California (CCPA/CPRA)
California residents have rights to access, delete, correct, and limit the use of personal data. We do not sell or share personal information for targeted advertising.
13.2 Other U.S. States
Residents of other states with privacy laws may have similar rights.
13.3 Exercising U.S. Rights
Email cholifyapp@gmail.com with the subject "Privacy Rights Request."
14. Changes to This Privacy Policy
We may update this policy periodically. Significant changes will be communicated via the App, LP, or email.
15. Company & Contact Details
Data Controller: Cholify s.r.o. Bělehradská 858/23, Vinohrady 120 00 Praha 2, Czech Republic
Privacy Contact: 📧 cholifyapp@gmail.com
Supervisory Authority: Úřad pro ochranu osobních údajů, Pplk. Sochora 27, 170 00 Praha 7 — www.uoou.cz
Policy version: 2.0 • Last updated: December 28, 2025