Privacy Policy

Last amended: 20 August 2025

We acknowledge the importance of personal data safety. This Privacy Policy describes how Faliane Ltd. (“we”, “us” or “our”) collects, uses, shares, and otherwise processes your personal data in connection with your use of our mobile application “Calorie Counter - CaloCount” (the “App”) and any related services (jointly - the “Services”).

Please read this Policy carefully to understand our privacy practices. Please note that by using our Services, you confirm that you agree to our Privacy Policy.

No Minors Data: We do not knowingly collect personal data from individuals under the age of 17. If we become aware that we have collected personal data from an individual under the age of 17 as a result of false, inaccurate, or misleading information provided, we will promptly delete such personal data from its systems to the extent required by applicable law.

1. Categories of information we collect

1.1. We collect certain personal information about you when you register to use our Services, become our customer (for example, by subscribing to, downloading our App or otherwise using or accessing our Services), communicate with us (submit enquiries, questions, comments, feedback, or contact requests, etc.) or contact us via AppStore, by post, email or phone, subscribe to our marketing communications. This information may include:

Identifiers: such as your name, username (in the App or third-party platforms), postal address, email address, IP address, phone number, IDFA (if provided), and your Device ID.
Consumer Record Information: this may include personal data you voluntarily provide, such as: your age, gender, weight, height, or similar information you may record in the App when tracking physical parameters for your convenience; your dietary preferences, health-related information, information about your daily routine etc, as well as any other consumer information you share through your interaction with our Services. Please, note, that this information is stored only locally on your device and is not transferred to our servers or to third parties unless you choose to share it. In case you instruct us to transfer and store this information on our servers, all such information will be permanently deleted (and cannot be restored) if you uninstall the App.
Your Content: we collect any content you submit to the Service or via third-party platforms (such as the App Store) regarding the Service, including but not limited to:

Your Content, namely: (a) the photographs you specifically choose to upload (e.g., to create an avatar in your Account). We do not access or collect your entire photo library; and (b) content uploaded via access to your Camera, in case you grant us the access to your device camera (via the camera access prompt or your device settings) for functions such as scanning food data or adding a photo to your profile. We may have technical access to your device camera after you grant permission, but you can disable it at any time in your device settings.
feedback, reviews, and comments regarding our App and Services.

Our Services do not use facial recognition technology, biometric templates, or any other system regulated as biometric data under applicable law. We do not collect or process biometric identifiers. Any health-related metrics provided through the App are not classified or processed as biometric data and are not intended to diagnose, treat, cure, or prevent any disease or health condition.

From time to time, we may receive personal information about you from third-party sources, including:

Advertising, Analytics, and Strategic Partners: we may receive data from advertising networks, analytics providers, and other business partners. This data may include mobile advertising identifiers, hashed email addresses, phone numbers, cookie identifiers, and insights regarding your activity on external websites or mobile apps. We use this information to better understand your interests and tailor the Service accordingly.
Payment Processors - Apple App Store: when you make a payment through the Service, you provide your financial details (e.g., credit card number) to Apple Inc’ AppStore. While we do not collect or store full credit card numbers, we may receive limited payment-related information such as transaction date, time, amount, and payment method type.
Other Sources: we may obtain additional personal information from our vendors engaged in facilitating or providing Services, publicly available sources, third-party data providers, or other sources as permitted or required by applicable law.

Under no circumstances do we collect or process special categories of personal data such as your race or ethnicity, religious or philosophical beliefs, sex life, political opinions, trade union membership, information about your health, genetic or biometric data.

2. Purposes and legal bases of your personal data processing. Sharing of your personal data.

We may collect and process your information for the purposes specified in the table below. We collect and process personal data on the following legal basis:

Consent. The collection of personal data based on your consent will be done by using “Consent Forms” that will store documentation related to the consent. Individual consents will be documented and stored in our systems. You may withdraw your consent at any time by contacting us at support@calocount.pro
Contractual necessity: Processing of your personal data may be necessary for the performance of a contract to which you are a party or to take pre-contractual steps at your request.
Legitimate interest: We may process your personal data where it is necessary for our legitimate interests, such as improving our products and Services, ensuring the security of our Platform, and maintaining business relationships. When relying on legitimate interest, we always conduct a balancing test to ensure that our interests do not override your fundamental rights and freedoms.
Legal obligation: We process your personal data when it is necessary to comply with our legal and regulatory obligations, including tax, accounting, anti-money laundering (AML), and data protection laws.
Vital interests and other legal bases: In exceptional cases, we may process your personal data to protect your vital interests or those of another person, or when processing is otherwise permitted under Article 6 of the GDPR.

Under no circumstances do we sell, rent, or trade your information with any third parties.

We may share your information with the following third parties only to the extent it is necessary to achieve the purposes outlined in this section:

Faliane Ltd. group of companies (or their successors) to maintain and provide our Services and products, and to maintain and improve our Services; and
The entities specified in the table below, namely:

Our vendors and service providers (including Google Inc) for the performance of a contract we enter into with you or we are about to enter into to provide the best service to you;
Analytics services that assist us in the improvement and optimization of our Services;
Advertising networks that require the data to select and serve relevant adverts to you and others (subject to relevant consent).

We may also share your information when it is required by mandatory legal obligations and to comply with any subpoena, court order, ongoing or prospective legal proceedings, or other governmental request.

Your personal data may also be shared if it is necessary to establish, exercise, or defend our legal rights, protect our property, enforce our agreements, or prevent fraud or other illegal activities. We require all third parties with whom we share your data to maintain appropriate security measures and comply with applicable data protection laws. Third parties are only permitted to process your personal data for specified purposes per our instructions.

We require all third parties to respect the security of personal data and to treat it following the legal requirements and in accordance with our instructions.

The table below summarizes the purposes and legal bases of your personal data processing, as well as indicates third parties with whom we may share your data to achieve each particular purpose of data processing:

Purpose of processing	Legal basis	With whom do we share your data
To provide, customize, facilitate, and support the Services we provide to you. This includes the performance of our obligations under the ToS and managing your registered user account with us.	Performance of a Contract	Google Inc: https://support.google.com/gemini/answer/13594961?visit_id=638907754018765283-1034501948&p=pn_gemini_apps&rd=1#gemini_apps&zippy=%2Cwhat-are-gemini-apps
To analyze how you engage with our Services to improve and develop our Services and features, and to secure our systems and applications.	Legitimate interest	Amplitude: https://amplitude.com/privacy/archive/2025-04 Google Analytics: https://policies.google.com/technologies/partner-sites Meta: https://www.facebook.com/privacy/policy/ Adjust: https://www.adjust.com/terms/privacy-policy Adapty: https://adapty.io/privacy/
To provide you with customer support, including receiving, responding to, and following up on your enquiries and requests about our company, Services, or practices.	Performance of a Contract/ Legitimate interest	Google Services: https://policies.google.com/privacy?hl=en-US
To process your payments	Performance of a Contract	Apple Inc.: https://www.apple.com/legal/privacy/data/en/apple-pay/

3. Use of AI components.

We share your prompts and other relevant inputs for Generated Content with Google Inc. solely to enable the content generation functionality within the App as explained in our Terms of Service. This data is processed pursuant to the applicable data protection laws and our Privacy Policy. Google Inc will process and store your inputs in accordance with its Gemini Apps Privacy Notice and will use them only as necessary to facilitate generation of content, comply with applicable laws, or enforce Google Inc.’s policies.

4. Where we process and transfer your information

We host and process your data in Europe (and the hosting services are purchased by us from Google Cloud. We may transfer personal data to jurisdictions outside of your home country and outside of European Economic Area (EEA) as necessary for the purposes of processing. You are entitled to learn about the legal basis of data transfers to a country outside the EU and about the security measures we take to safeguard your information. If we transfer personal data originating from the EEA to countries with not adequate level of data protection, we use one of the following legal bases: (i) Standard Contractual Clauses approved by the European Commission, or (ii) the European Commission adequacy decisions about certain countries.We take all steps necessary to provide suitable safeguards to protect your personal data during the cross-border transfer and to ensure that your data is treated in accordance with this Privacy Policy.

5. How we protect your information

We are committed to protecting your information through robust technical and organizational measures. Our security framework is designed to protect your personal information from unauthorized access, use, disclosure, copying, modification, destruction, and accidental loss or misuse. We implemented industry-standard security controls, including but not limited to:

Access Controls: we enforce strict access controls to ensure that only authorized personnel and contractors can access your information, based on the principle of least privilege.

Data Encryption: to prevent unauthorized access, tampering, or interception of your personal information, we employ strong encryption mechanisms: (i) in transit: we utilize 256-bit SSL/TLS 1.2 encryption to secure data while it is transmitted from us to you; (ii) at rest: all data stored within our infrastructure is encrypted using AES-256 industry standards, ensuring an additional layer of protection; (ii) backups: regular encrypted backups are maintained to ensure data availability and integrity in the event of an incident.

Regular Security Audits: we conduct regular penetration testing, vulnerability assessments, and security audits to proactively identify and mitigate potential risks.

Antivirus and Intrusion Prevention Systems (IPS): deployed to monitor and prevent unauthorized access and potential threats in real-time.

Incident Response: we have established protocols to promptly address any suspected data breaches and will notify you and applicable regulators within legally required timeframes if a breach occurs.

6. How you can control your information

If you reside in one of EEA jurisdictions, you have the following rights in relation to the processing of your information:

Right to request access. You may obtain confirmation as to whether or not we process your information, learn about the details of such processing and obtain a copy of the information that we process.
Right to request correction. You may verify the accuracy of your information and ask us to update or correct it. We may need to verify the accuracy of the new data you provide to us.
Right to request erasure. You may ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing, where we may have processed your information unlawfully or where we are required to erase your personal data to comply with the law. However, we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Right to object to processing. At any time on grounds relating to your particular situation you have a right to object to processing of your personal data where we are relying on a legitimate interest (or those of a third party). You have the right to object to processing of your personal data for direct marketing purposes and unsubscribe (opt out) from marketing communications at any time by clicking the unsubscribe link in any of these emails or by contacting us at the email specified at the bottom of this section.
Right to request restriction of processing. You may ask us to suspend the processing of your personal data where one of the following applies: (a) if you want us to establish the data’s accuracy; (b) if the processing of personal data is unlawful but you do not want us to erase it; (c) if we no longer require your personal data but you need us to hold the data since you need it to establish, exercise or defend legal claims; (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Right to request the transfer of your personal data to you or to a third party. You may ask us to provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. This right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Right to withdraw consent. If you have previously provided us with your consent to collect and process your personal data, you can change your mind and withdraw such consent at any time. However, this will not affect the lawfulness of any processing carried out before withdrawal. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time of withdrawal.
Right to complain to a supervisory authority. If you are unhappy with the way in which your personal data has been processed, you may contact us. If you remain dissatisfied, you may lodge a complaint to your national data protection supervisory authority: https://edps.europa.eu/.

To exercise these rights, you can contact us by submitting an access request by emailing us by email address at the bottom of this section.

If you reside in the United States of America (USA), you have rights under certain USA state data protection laws. However, these rights are not absolute, and in certain cases, we may decline your request as permitted by law. These rights include:

Access. Right (1) to know whether or not we are processing your personal information, (2) to access your personal information, and (3) to obtain a copy of the personal information you disclosed to us, and as permitted by applicable law, including the "Shine The Light" law, (4) to obtain a list of specific third parties to which we have disclosed personal information, (5) to obtain a list of categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year.

Rectification. Right to correct inaccuracies in your personal information.

Erasure. Right to request the deletion of your personal information. Please notice, that we have to keep certain personal information in our files after fulfilling such request, including data required to be kept in accordance with the law or to protect our rights, in particular in the context of court proceeding. The right to delete data may be limited by law or provisions related to freedom of expression and information.

Opt-out of sale and sharing. Right to opt out, under certain applicable laws, of (1) the sharing, meaning the processing for targeted advertising, of your personal information, (2) the sale of personal information, or (3) profiling in furtherance of decisions that produce legal or similarly significant effects (profiling).

You can opt out from the selling of your personal information of internet or other electronic network activity, targeted advertising, or profiling by disabling cookies in your browser’s cookie preference settings.

Right to limit use and disclosure of sensitive personal information, namely, to direct us to limit the use of your sensitive personal information that you disclose to us, to that use which is necessary to provide our services and granted by certain applicable laws.
Withdrawing your consent. If we are relying on your consent to process your personal information, which may be express and/or implied consent depending on the applicable law, you have the right to withdraw your consent at any time.
Non-discrimination. Right to not been discriminated for exercising your rights. Please notice that because to the nature of our services, opting out of sharing and sale of your personal information restricts us from providing your application to lenders.

Under certain US state data protection laws, you can designate an authorized agent to make a request on your behalf. We may deny a request from an authorized agent that does not submit proof that they have been validly authorized to act on your behalf in accordance with applicable laws. If you submit the request through an authorized agent, we may need to collect additional information to verify your identity before processing your request and the agent will need to provide a written and signed permission from you to submit such request on your behalf.

Under certain US state data protection laws, if we decline to take action regarding your request, you may appeal our decision by emailing us by email address at the bottom of this section. We will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If your appeal is denied, you may submit a complaint to your state attorney general.

If you wish to exercise any of the rights set out above, please contact us at support@calocount.pro. We will process your request free of charge and as early as possible, but always within one month. Note that before acting on any such request, we will need to verify your identity and may ask you for additional information. We will only use personal information provided in your request to verify your identity or authority to make the request. However, if we cannot verify your identity from the information already maintained by us, we may request that you provide additional information for the purposes of verifying your identity and for security or fraud-prevention purposes. We may not be able to honor your request if we don’t verify your identity.

7. How long do we keep your information

We keep your information for as long as it is necessary for the purposes outlined in section 2 above. We may retain your information if required to do so by law or upon an order of a state authority.

8. Links to third-party resources

Our Services may contain links (including those embedded into the ads distributed via our Services) to third-party resources that are not administered by Faliane Ltd. and are not governed by this Privacy Policy. We encourage you to familiarize yourself with the privacy policies and security practices of the linked third-party websites before providing them with any personal data.

9. Changes to the Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data processing practices, regulatory requirements, or to address feedback received from our customers. Any changes will be published on this page, and we encourage you to review it regularly to stay informed about how we protect your information. When we post changes, we revise the "Last Updated" date at the top of this policy. If we make any material changes in the way we collect, use, or share your information, we will notify you by prominently posting notice of the changes in our App, and if required by applicable law, we will request your consent for such changes.

10. Contact Information

If you have questions or comments regarding this Privacy Policy and our privacy practices, or you have any requests to exercise your legal rights, please contact us at: support@calocount.pro

Registered address: 13 Imathias, Limassol, 3117, Cyprus