Privacy Policy

Last Updated: February 2026

1. Critical Safety Notice

2. Information We Collect

We collect minimal information necessary to provide our service:

Product Scanning Data (Essential):

• Product barcodes (to retrieve public nutrition information)
• Temporary image capture for OCR processing (deleted immediately after analysis)
• Scan history (stored locally on your device only)
• Product names and nutrition facts from Open Food Facts database

Personal Profile Data (Optional Preferences):

• Age, gender, weight, height (for personalized scoring calculations)
• Activity level and general wellness goals
• Dietary preferences (e.g., vegetarian, low-sugar) – NOT medical conditions
• All stored locally on your device; never transmitted to our servers

Account Data (Optional):

• Email address (for account creation/sync)
• Authentication tokens
• Subscription status

Analytics Data (Anonymous):

• Aggregated feature usage statistics
• App performance metrics
• Crash reports (stripped of personal identifiers)

WE DO NOT COLLECT:

• Precise location data
• Contacts, photos library, or other device data
• Medical diagnoses, prescriptions, or clinical health records
• Permanent storage of product images
• Sensitive health data as defined under GDPR Article 9

3. Legal Basis for Processing (GDPR Compliance)

Under GDPR, we process your data based on:

• Contractual necessity: To provide core scanning functionality
• Legitimate interest: For app improvement and security (balanced against your rights)
• Explicit consent: ONLY for optional account creation and cloud sync

IMPORTANT: We do NOT process "special category" health data under GDPR Article 9. User-input preferences (weight, dietary goals) are treated as general personal data for scoring calculations only – NOT for medical purposes.

4. How We Use Your Information

Your data is used STRICTLY for:

• Scanning barcodes and retrieving public nutrition data
• Performing OCR analysis on captured images (temporary processing only)
• Calculating algorithmic health scores based on general nutrition guidelines
• Storing your scan history locally on your device
• Providing account sync (if you opt in)
• Improving OCR accuracy through anonymous pattern recognition
• Processing subscription payments

WE NEVER:

• Sell your personal information to third parties
• Share your scan history or health profile for advertising
• Use your data for medical diagnosis or treatment recommendations
• Build health profiles for insurance or employment purposes

5. Data Sources & Accuracy Limitations

Critical Transparency:

• Primary nutrition data comes from Open Food Facts (openfoodfacts.org), a crowd-sourced public database
• Open Food Facts data is user-contributed and may contain errors, omissions, or outdated information
• Product formulations change frequently; database entries may not reflect current packaging
• OCR technology may misread labels due to image quality, lighting, or label variations
• We do NOT verify, validate, or guarantee accuracy of third-party nutrition data
• Users bear full responsibility for verifying critical information (especially allergens) on physical packaging

6. Data Storage & Location

Where your data resides:

• Personal profile & scan history: Stored ENCRYPTED locally on your device ONLY
• Account data (if opted in): Secure cloud storage via Firebase (Google Cloud)
• Product images: Processed in memory and DELETED immediately after OCR completion
• Nutrition data: Retrieved in real-time from Open Food Facts API; not stored by us

Data Transfer Safeguards:

• All international transfers use Standard Contractual Clauses (SCCs) approved by EU Commission
• Servers located in EU (Ireland) and US (Virginia) with GDPR-compliant processors
• You may request data localization preferences via support

7. Third-Party Services & Data Sharing

We integrate with trusted services under strict data processing agreements:

• Open Food Facts – Public nutrition database (no personal data shared)
• Google Firebase – Authentication and optional cloud sync (minimal account data)
• Google ML Kit – On-device OCR processing (images never leave your device)
• Groq AI – Optional cloud-based text extraction (images deleted after 24 hours)
• App Store/Google Play – Subscription management (payment data handled by platform)

Our Firm Commitment:

• We DO NOT sell your personal information
• We DO NOT share your scan history or health profile for advertising
• We DO NOT permit third parties to use your data for their own purposes
• All processors are bound by GDPR-compliant Data Processing Agreements

8. Your Privacy Rights (GDPR, CCPA, & Global Laws)

You have the right to:

• Access all personal data we hold about you
• Correct inaccurate or incomplete information
• Delete your account and all associated data
• Data portability (export your scan history in machine-readable format)
• Restrict or object to processing
• Withdraw consent at any time
• Lodge complaints with supervisory authorities

CCPA-Specific Rights (California Residents):

• Right to know categories of personal information collected/sold/shared
• Right to request deletion
• Right to opt-out of "sale" or "sharing" of personal information
• NON-DISCRIMINATION: We will not penalize you for exercising CCPA rights

To exercise rights: Use in-app deletion tools or contact support.kado@balshoo.com. We respond within 30 days.

9. "Do Not Sell or Share" (CCPA Compliance)

Kado does NOT sell or share your personal information as defined under CCPA.

For California residents:

• We do not exchange your data for monetary or other valuable consideration
• We do not permit third parties to collect your data for their own purposes
• Analytics providers operate under strict service provider agreements

Opt-Out Mechanism:

• Toggle "Limit Ad Tracking" in device settings
• Contact support.kado@balshoo.com to confirm no data sharing occurs

10. Children's Privacy

Kado is not intended for children:

• Users under 13 (US COPPA) are prohibited from using the app
• Users under 16 (EU GDPR) require parental consent
• We do not knowingly collect personal information from children
• If we discover child data, we will delete it immediately upon notification

Parents/guardians may contact us to review or delete child information.

11. Data Security

We implement industry-standard protections:

• AES-256 encryption for all locally stored data
• TLS 1.3+ for all data transmissions
• Regular security audits and penetration testing
• Strict access controls for employee data access
• Automatic deletion of temporary processing data
• Compliance with OWASP Mobile Security guidelines

Note: No electronic transmission can be guaranteed 100% secure. You are responsible for device security (passcodes, biometrics). Report suspected breaches immediately via support.

12. Data Retention

We retain data only as long as necessary:

• Local scan history: Until YOU delete it (via app settings)
• Account data: Until account deletion request
• Analytics data: Aggregated/anonymized after 13 months
• Support communications: 24 months for legal compliance
• Product images: 0 seconds – deleted immediately after OCR

You control deletion: Settings > Privacy > Delete All Data performs immediate local wipe.

13. Data Breach Notification

In the unlikely event of a data breach involving your personal information:

• We will notify affected users within 72 hours of discovery (as required by GDPR)
• Notification will include nature of breach, likely consequences, and mitigation steps
• We will report breaches to relevant supervisory authorities
• No breach has occurred since app launch (February 2024)

14. Changes to Privacy Policy

We may update this policy to reflect changes in data practices, new legal requirements, or service improvements. Material changes affecting your rights will:

• Be communicated via in-app notification at least 30 days prior
• Require explicit acceptance for significant changes
• Be versioned with clear change logs in app settings

15. Contact & Data Protection Officer

For privacy inquiries, rights requests, or concerns:

• In-app: Menu > Report a problem
• Email: support.kado@balshoo.com
• Response time: Within 30 days

EU/EEA users may lodge complaints with their local supervisory authority. We cooperate fully with regulatory investigations.