Privacy Policy for Kojo

Introduction

Welcome to Kojo ("the App," "we," "us," or "our"). This Privacy Policy is designed to help you understand how we collect, use, share, and protect your personal information when you use our comprehensive calorie tracking platform. Our App features a friendly rabbit mascot and leverages artificial intelligence (AI) for easy meal logging through voice or text input, a barcode scanner for multiple item entry, personalized recaps, and insights into your dietary habits.

We are committed to protecting your privacy and ensuring that your personal information is handled in a safe and responsible manner. This Privacy Policy explains our practices and your rights regarding your information. By downloading, accessing, or using our App, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not use the App.

We encourage you to read this Privacy Policy carefully to understand our practices regarding your information and how we will treat it. This document will also outline how we handle data for users worldwide, with a particular focus on users in the United States of America, and our practices concerning data from users aged 4 and above.

Information We Collect

To provide and improve our App and its features, we collect certain information from and about you. The types of information we collect depend on how you use our App and the information you choose to provide. We collect information in several ways: directly from you when you provide it to us, automatically when you use the App, and from third-party sources.

Information You Provide Directly:

When you create an account or use our App, you may provide us with certain personal information. This includes your name and email address, which are necessary for account creation and communication. Furthermore, to utilize the core functionalities of our App, such as calorie tracking and meal logging, you will provide information about your dietary intake. This can be done through various methods, including voice input, text input, or by using our barcode scanner. The barcode scanner is designed to allow for the input of multiple items at once, streamlining the logging process. All information related to your food consumption, meal details, and any notes you add are collected.

Information Collected Automatically:

When you access or use our App, we automatically collect certain information about your device and your usage of the App. This includes your device ID, which helps us to identify your device for purposes such as analytics and providing a personalized experience. We may also collect other device-specific information, such as the operating system version, hardware model, and mobile network information. Usage data, such as the features you use, the frequency and duration of your interactions with the App, and error logs, are also collected to help us understand how our App is being used and to identify areas for improvement.

Information from Apple Health (HealthKit) and Google Fit/Health Connect:

With your explicit consent, our App can access and process data from Apple HealthKit (for iOS users) and Google Fit/Health Connect (for Android users). This may include a wide range of health-related information that you have chosen to store in these platforms, such as activity levels (steps, distance, active energy), body measurements (weight, height, body fat percentage), sleep data, and other health metrics. The specific Apple Health or Google Fit/Health Connect data we access will be clearly presented to you, and you will have control over what data is shared with our App. We only access the data necessary to provide you with the features of our App, such as incorporating your activity levels into your calorie tracking and providing more comprehensive insights into your overall health and dietary habits. You can manage our App's access to your Apple Health data at any time through the Apple Health app settings on your iOS device, and your Google Fit/Health Connect data through the respective app settings on your Android device.

How We Use Your Information

We use the information we collect for a variety of purposes aimed at providing you with a seamless, personalized, and effective calorie tracking experience, as well as to improve and maintain our App. Our primary goal in using your information is to help you achieve your dietary goals in an engaging and efficient manner. The specific ways we use your information are detailed below.

To Provide and Personalize Our Services:

Your personal information, including your name, email, and device ID, is used to create and manage your account, authenticate your access, and communicate with you about your account or our services. The dietary information you log, whether through voice, text, or the barcode scanner, is central to the App's functionality. We use this data to track your calorie intake, provide you with summaries of your eating habits, and help you monitor your progress over time.

Information from Apple Health (for iOS users) or Google Fit/Health Connect (for Android users), when you grant us access, is integrated to provide a more holistic view of your health and activity levels, allowing for more accurate calorie tracking and personalized insights. For example, your activity data can help adjust your daily calorie targets, and your weight data can be used to track progress towards your goals.

The friendly rabbit mascot delivers these personalized recaps and insights in a fun and engaging way, aiming to make your health journey more enjoyable.

To Improve Our App and Develop New Features:

We analyze the information we collect, including usage data and device information, to understand how our users interact with the App. This helps us identify popular features, areas for improvement, and potential bugs or technical issues. For instance, understanding how users utilize the barcode scanner or voice input helps us refine these features for better accuracy and ease of use.

The data also informs the development of new features and functionalities designed to enhance your experience and provide greater value. The AI components of our App, such as those used for meal logging via voice or text, are continuously improved through the analysis of aggregated and anonymized user input. This allows the AI to better understand different food items, portion sizes, and user phrasing, leading to more accurate and faster logging over time.

For Analytics and Performance Monitoring:

We use aggregated and anonymized data for internal analytics purposes to monitor the performance of our App, track user engagement, and understand trends in dietary habits. This information helps us make informed decisions about our service, such as optimizing server performance or identifying common user challenges. We may use third-party analytics services, such as Google Analytics and Mixpanel, to assist us in these efforts. These services help us measure traffic and usage trends for the App, and to understand more about the demographics and behaviors of our users. The insights gained from analytics are crucial for improving the overall user experience and ensuring the App meets the needs of our users effectively.

How We Share Your Information

We are committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect. We do not sell your personal information to third parties. However, we may share your information in the following circumstances and with the following categories of third parties to provide and improve our App, and as otherwise permitted by applicable law.

With Third-Party Service Providers:

We engage third-party companies and individuals to perform services on our behalf to support the operation and improvement of our App. These service providers may have access to your personal information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

The services they provide include, but are not limited to, cloud hosting, data analytics, customer support, and advertising. Specifically, we use Amazon Web Services (AWS) for cloud storage and hosting infrastructure, ensuring that your data is stored securely and reliably. For analytics purposes, to help us understand app usage and improve user experience, we utilize services like Google Analytics and Mixpanel. These tools collect and analyze data about your interactions with the App, such as features used and session duration, typically in an aggregated and anonymized form.

For Advertising Purposes:

To help us promote our App and reach potential new users, we may share certain information with advertising partners, such as Google Ads. This typically involves sharing device identifiers or other pseudonymous information to facilitate the delivery of targeted advertisements on other platforms. We do not share your sensitive personal information, such as specific meal logs or detailed health data from Apple Health (for iOS users) or Google Fit/Health Connect (for Android users), with advertising partners for their independent use.

You may have options to control the use of your information for interest-based advertising through your device settings or the settings within the advertising platforms themselves.

For Legal Reasons and to Protect Our Rights:

We may disclose your information if we believe in good faith that such disclosure is necessary to: (a) comply with a legal obligation, such as a subpoena, court order, or government request; (b) enforce our Terms of Service or other agreements, including investigation of potential violations thereof; (c) detect, prevent, or otherwise address fraud, security, or technical issues; or (d) protect against harm to the rights, property, or safety of our company, our users, or the public as required or permitted by law. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.

In Connection with a Business Transfer:

If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your information may be sold or transferred as part of such a transaction as permitted by law and/or contract. We will take steps to ensure that any such transfer is subject to appropriate safeguards and that the receiving entity honors the commitments made in this Privacy Policy.

With Your Consent:

We may share your information for other purposes if we have obtained your explicit consent to do so. For example, if we introduce a new feature that involves sharing information in a way not described in this Privacy Policy, we will inform you and request your consent before proceeding.

Data Retention and Security

We understand the importance of keeping your personal information secure and retaining it only for as long as necessary. We are committed to implementing appropriate technical and organizational measures to protect your data from unauthorized access, use, alteration, or destruction, and we have established a data retention policy to govern how long we keep your information.

Data Retention:

We will retain your personal information for as long as your account is active or as needed to provide you with our services. As per your specification, we will store your personal data, including your meal logs, account details, and Apple Health data (for iOS users) or Google Fit/Health Connect data (for Android users) (if shared), for a period of three years from the date of your last interaction with the App or from the date your account is closed, unless a longer retention period is required or permitted by law.

After this three-year period, or if you request deletion of your account, we will take steps to securely delete or anonymize your personal information. Anonymized data, which can no longer be used to identify you, may be retained for longer periods for statistical analysis, research, and to improve our AI algorithms and App features.

Please note that some information may persist in backup copies for a limited period, subject to our backup policies, or as required for legal, tax, or regulatory purposes.

Data Security:

We take the security of your data seriously and implement a range of security measures designed to protect it. These measures include, but are not limited to:

• Encryption: We use encryption technologies, such as SSL/TLS, to protect data transmitted to and from our App. Data stored on our servers, including those hosted by AWS, is also encrypted at rest.
• Access Controls: Access to your personal information is restricted to authorized personnel who need access to perform their job duties. We implement role-based access controls and regularly review access permissions.
• Secure Infrastructure: We utilize reputable third-party service providers like AWS, which maintain high standards of physical and network security for their data centers.
• Regular Security Assessments: We conduct regular security assessments and penetration testing to identify and address potential vulnerabilities in our systems.
• Incident Response Plan: We have an incident response plan in place to address any potential data breaches in a timely and effective manner, including notifying affected users and relevant authorities as required by law.

While we strive to use commercially acceptable means to protect your personal information, it is important to remember that no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security. We encourage you to take steps to protect your own information, such as choosing a strong password for your account, keeping your login credentials confidential, and ensuring the security of the devices you use to access our App.

Your Rights and Choices

We believe in providing you with control over your personal information. Depending on your location and applicable laws, you may have certain rights regarding the personal information we hold about you. We are committed to facilitating the exercise of these rights. Below is a summary of the rights you may have and how you can exercise them.

These rights may include:

• Access to Your Information: Request access to the personal information we have collected about you.
• Correction or Rectification: Request that we correct or update inaccurate or incomplete information.
• Deletion (Right to be Forgotten): Request the deletion of your personal information under certain circumstances.
• Objection to Processing: Object to the processing of your personal information, particularly for direct marketing.
• Restriction of Processing: Request that we restrict the processing of your personal information under certain conditions.
• Data Portability: Receive your personal information in a structured, machine-readable format and transmit it to another controller.
• Withdrawal of Consent: Withdraw consent where we rely on it to process your personal information.

Managing App Permissions:

Most mobile devices provide you with the ability to control or limit the collection of certain information by apps, such as location services, access to photos, camera, microphone, and push notifications, through the device settings. You can adjust these permissions at any time.

Opting Out of Marketing Communications:

If you receive promotional emails from us, you can opt-out by following the unsubscribe instructions provided in those emails. Even if you opt-out of marketing communications, we may still send you non-promotional communications, such as those about your account or our ongoing business relations.

Exercising Your Rights:

To exercise any of these rights, please contact us using the contact details provided in the "Contact Us" section of this Privacy Policy. We will respond to your request within a reasonable timeframe and in accordance with applicable laws. We may need to verify your identity before processing your request to protect your information.

Children's Privacy

Protecting the privacy of children is especially important to us. Our App is intended for a general audience but is designed to be used by individuals aged 4 and older. We understand that users in this age group, particularly those under the age of 13, require special safeguards and privacy protections. This section outlines our practices with respect to the collection of personal information from children.

Collection and Use of Children's Information:

For users under the age of 13 (or the applicable age of consent in their jurisdiction), we take additional steps to protect their privacy. If we knowingly collect personal information from a child under 13, we will do so in compliance with applicable laws, such as the Children's Online Privacy Protection Act (COPPA) in the United States. This may involve obtaining verifiable parental consent before collecting, using, or disclosing personal information from a child.

The information we collect from children is generally the same as for other users, as described in the "Information We Collect" section, including name, email (potentially a parent's email for younger children), device ID, meal logs, and, with consent, Apple Health data (for iOS users) or Google Fit/Health Connect data (for Android users). This information is used to provide the core functionality of the App, personalize their experience with the friendly rabbit mascot, track their dietary habits, and provide insights, all in an age-appropriate manner.

Parental Rights and Controls:

Parents or legal guardians of children under 13 have certain rights regarding their child's personal information. These rights may include:

• Reviewing: The right to review the personal information we have collected from their child.
• Deletion: The right to request that we delete the personal information collected from their child.
• Refusal: The right to refuse further collection or use of their child's personal information.

If you are a parent or guardian and believe that your child under 13 has provided us with personal information without your consent, or if you wish to exercise any of your parental rights, please contact us immediately using the details provided in the "Contact Us" section. We will take reasonable steps to verify your identity before granting access or making changes to your child's information. We encourage parents to be actively involved in their children's online activities and to discuss privacy with their children.

International Data Transfers

Our App is available to users worldwide, and as such, your personal information may be processed in countries other than your country of residence, including the United States, where our servers and the servers of our third-party service providers, such as AWS, may be located. These countries may have data protection laws that are different from the laws of your country. We are committed to ensuring that your information is protected no matter where it is processed.

When we transfer your personal information to other countries, we will take appropriate safeguards to ensure that your information remains protected in accordance with this Privacy Policy and applicable data protection laws. These safeguards may include:

• Standard Contractual Clauses: For transfers from the EEA, Switzerland, or the UK to countries not deemed to provide an adequate level of data protection.
• Adequacy Decisions: Relying on adequacy decisions adopted by the European Commission or other relevant authorities.
• Other Legal Bases: Such as your explicit consent, or where the transfer is necessary for the performance of a contract.

By using our App and providing us with your information, you acknowledge and consent to the transfer, storage, and processing of your information in countries outside of your country of residence, including the United States, as described in this Privacy Policy. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

If we make material changes to this Privacy Policy, we will notify you by posting the updated policy within the App, by sending you an email to the address associated with your account, or through other appropriate communication channels. The "Last Updated" date at the top of this Privacy Policy will indicate when it was last revised.

Your continued use of our App after any changes to this Privacy Policy become effective constitutes your acceptance of the revised policy. If you do not agree to the updated policy, you should discontinue your use of the App. We will also archive prior versions of our Privacy Policy for your review upon request.

Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy, our data practices, or if you wish to exercise any of your rights as described in this policy, please do not hesitate to contact us. We are committed to addressing your inquiries and resolving any issues you may have in a timely and transparent manner. You can reach us through the following contact methods:

Email:
privacy@kojo.com

Mailing Address:
Kojo
2882, 701 Tillery Street Unit 12
Austin, TX, Travis, US, 78702

When you contact us, please provide sufficient information to allow us to identify you and address your request effectively. This may include your name, email address associated with your account, and a clear description of your inquiry or request. We may need to verify your identity before processing certain requests, particularly those related to accessing, correcting, or deleting your personal information, to ensure the security of your data.

References

This Privacy Policy has been drafted in consideration of general best practices and common legal frameworks regarding data privacy. For users in specific jurisdictions, the following laws and regulations may be particularly relevant:

• General Data Protection Regulation (GDPR): For users in the European Economic Area (EEA).
• California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA): For users who are California residents.
• Children's Online Privacy Protection Act (COPPA): For users in the United States.
• Apple HealthKit Developer Guidelines: As we integrate with Apple Health.
• Google Fit/Health Connect Developer Policies: For Android users.

Third-Party Service Provider Policies:

• Google Analytics & Google Ads: https://support.google.com/analytics/answer/6004245
• Mixpanel: https://mixpanel.com/legal/privacy-policy
• Amazon Web Services (AWS): https://aws.amazon.com/privacy/?nc1=f_pr