Privacy Policy

Learn how Automorphism protects your privacy and handles your personal information in Kilo and our other products.

September 23, 2025

Privacy Policy

Effective Date: September 23, 2025 Last Updated: September 23, 2025

Introduction

At Automorphism, Inc. (“we,” “our,” or “us”), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our mobile application Kilo and visit our website automorphism.app.

The Short Version: We collect minimal data necessary to provide our services, never sell your personal information, and give you control over your data at all times.

Information We Collect

Information You Provide Directly

Account Information

  • Email address (for account creation and support)
  • Display name (optional)
  • Profile information (age, gender, height, weight, activity level - used for calculations)
  • Health goals and preferences

Nutrition and Health Data

  • Food intake logs and meal entries
  • Weight measurements and progress data
  • Custom food entries you create
  • Goal settings and preferences
  • Usage patterns within the app

Information Collected Automatically

Device Information

  • Device type, operating system version
  • App version and crash reports
  • General usage analytics (anonymized)

We DO NOT Collect:

  • Location data or GPS coordinates
  • Camera or microphone access (except for barcode scanning when explicitly requested)
  • Contacts, photos, or other personal files
  • Health data from Apple Health (unless you explicitly grant permission)

How We Use Your Information

Primary Uses

  • Personalized Experience: Calculate your BMR/TDEE and provide personalized nutrition recommendations
  • Data Syncing: Sync your data securely across your Apple devices
  • App Improvement: Understand how users interact with our app to improve functionality
  • Customer Support: Respond to your inquiries and provide assistance

Communications

  • Service Updates: Important information about app updates, policy changes, or service issues
  • Optional Marketing: Newsletter and product updates (only if you opt-in)

What We DON’T Do

  • Never sell your data to third parties or advertisers
  • No targeted advertising based on your health information
  • No data mining for commercial purposes unrelated to app functionality
  • No sharing with insurance companies or employers

Data Storage and Security

Where Your Data is Stored

  • On Your Devices: Primary data storage uses Apple’s SwiftData framework
  • Apple iCloud: Encrypted syncing between your devices (when iCloud is enabled)
  • Our Servers: Minimal metadata for app functionality, all encrypted in transit and at rest

Security Measures

  • End-to-end encryption for data syncing between devices
  • Industry-standard security practices and regular security audits
  • Secure data centers with SOC 2 compliance
  • Employee access controls with strict need-to-know basis

Data Retention

  • Active accounts: Data retained as long as your account is active
  • Deleted accounts: Data permanently deleted within 30 days
  • Anonymized analytics: May be retained for product improvement (no personal identifiers)

Your Rights and Choices

Data Control

  • Export your data: Download a complete copy of your data at any time
  • Delete your data: Request permanent deletion of all personal information
  • Correct inaccuracies: Update or correct any personal information we have
  • Opt-out: Unsubscribe from marketing communications

How to Exercise Your Rights

  1. In-app settings: Many data controls are available directly in Kilo
  2. Contact us: Email [email protected] for data requests
  3. Response time: We respond to data requests within 30 days

Third-Party Services

Services We Use

USDA FoodData Central API

  • Used for food nutrition data lookup
  • No personal information shared with USDA
  • Only food search queries are transmitted

Apple Services

  • iCloud for data syncing (your choice to enable)
  • App Store for app distribution
  • Apple’s privacy policies apply to their services

Analytics (Anonymized)

  • Basic usage statistics to improve app performance
  • No personally identifiable information included
  • You can opt-out in app settings

Services We DON’T Use

  • Social media tracking pixels
  • Third-party advertising networks
  • Data brokers or marketing platforms

Children’s Privacy

Kilo is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

International Data Transfers

Your data may be processed and stored in the United States where our servers are located. We ensure appropriate safeguards are in place for international data transfers in compliance with applicable privacy laws.

For users in the European Economic Area (EEA), we comply with GDPR requirements and provide appropriate data protection measures.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes:

  • Material changes: We’ll notify you via email and in-app notification
  • Minor changes: Updated policy will be posted with a new effective date
  • Your choices: Continued use of our services indicates acceptance of updated terms

California Privacy Rights (CCPA)

California residents have specific rights regarding their personal information:

  • Right to know what personal information is collected
  • Right to delete personal information we have collected
  • Right to opt-out of the sale of personal information (we never sell data)
  • Right to non-discrimination for exercising privacy rights

To exercise these rights, contact us at [email protected].

European Privacy Rights (GDPR)

If you’re in the European Economic Area, you have rights under GDPR including:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your personal data
  • Portability: Receive your data in a machine-readable format
  • Objection: Object to processing of your personal data
  • Restriction: Request restriction of processing

Contact our Data Protection Officer at [email protected] for GDPR-related requests.

Contact Information

Privacy Questions

Email: [email protected]

Data Protection Officer (EU)

Email: [email protected]

General Contact

Automorphism, Inc. [Address] San Francisco, CA [ZIP] United States

Email: [email protected]

Transparency Report

We believe in transparency about government requests for user data:

  • 2024: Zero government requests received
  • Policy: We notify users of government requests unless prohibited by law
  • Commitment: We will challenge overbroad or inappropriate requests

This Privacy Policy is designed to be clear and understandable. If you have questions about any part of this policy, please don’t hesitate to contact us at [email protected].