Global Privacy Policy

Last updated: May 26, 2026

This Privacy Policy regulates how the How2Burn AI application ("How2Burn", "We", or "Service") collects, uses, stores, transfers, and protects your personal information ("Data"). By using our Service, you expressly consent to the practices described in this document. If you do not agree, please discontinue using the application immediately.

1. Categories of Information Collected

We collect Personally Identifiable Information and Anonymized Data in the following categories:

User Information: Data you provide voluntarily when creating your account, such as your name, date of birth, email, biological sex, height, and starting weight.
Health Data (Biometrics): Data synced directly via integration with official health ecosystems, such as Apple HealthKit and Google Fit. This data includes Calories Burned (Active and Basal Energy), Heart Rate (if authorized), and Step Count.
Food Logs (User Content): Photographs, voice transcripts (audio converted to text), and text descriptions of meals inputted by you for algorithm analysis.
Technical and Telemetry Data: IP addresses, device type (Phone Model), operating system (iOS/Android), crash history (Crash Reports), Anonymous Device Identifiers, and access logs.

2. Apple HealthKit Rules and Restrictions

CRITICAL STATEMENT REGARDING HEALTH DATA:
In full compliance with Apple's Terms of Service (App Store Review Guidelines), How2Burn AI solemnly guarantees that the data extracted through the HealthKit API (Health App) is used exclusively and limitedly to monitor your caloric expenditure within our application's interface.

We will NEVER use HealthKit data for targeted marketing, behavioral advertising, retargeting, or any form of commercial recommendation. Furthermore, we will NEVER sell, license, rent, or share your HealthKit data with ad networks, data brokers, or any external providers under any circumstances. Your health metrics remain isolated and strictly designated to promote and visually display your own health and fitness on your device's screen.

3. Cloud Processing and Third Parties (Artificial Intelligence)

The Service operates through robust integrations with Cloud Computing Services (Cloud Providers). By accepting this policy, you acknowledge that your data may travel through servers located outside your jurisdiction of residence, such as in the United States of America.

AI Processing Notice (Google Gemini):
How2Burn utilizes advanced Google algorithms (Gemini API) to extract nutritional context from your photos and informal texts. You expressly agree that your meal data (submitted images and text strings from your log) be temporarily transmitted to the Google cloud to generate the "Dr. Chama" analysis. These isolated data packets do not include trackers like your email, ensuring that the third-party algorithm does not identify you nominally, keeping the technical operation of transcription as pseudonymized as technologically possible.

4. Storage, Security, and Retention

We employ industry-standard physical and electronic safeguards to maintain the security of the database (e.g., Firebase). Data in transit is encrypted using TLS (Transport Layer Security) technology. However, we do not guarantee absolute security (as no internet service can), exempting ourselves, to the limits of applicable law, from liabilities arising from breaches caused by malware or large-scale criminal attacks orchestrated on the user's device.

5. Consent for Cookies and Trackers

The application may collect device identifiers (Device Identifiers, such as IDFA on iOS and Advertising ID on Android) exclusively for crash telemetry, product adoption metrics, and anonymous behavior analysis (Analytics) focused on user interface improvements. We do not perform Cross-App Tracking to display intrusive ads and are not part of ad brokerage panels (Ad Networks).

6. Right to be Forgotten, Modification, and Deletion (GDPR and LGPD Compliance)

You have full proprietary control over your digital entity. Through the application's Settings menu, you possess the summary power to request "Account Deletion". Such an act will permanently purge your linked profile records, weight, HealthKit caches, and diet history from our primary servers without undue delay, except for data kept isolated due to pending legal disputes or applicable financial regulations (in case of Premium refunds).

7. Children and Protection of Minors

The Service strictly rejects the collection and processing of information from individuals under 18 (eighteen) years of age, strictly following protective norms such as COPPA (USA) and global equivalents. If we identify records originating from minors, we will proceed with the systemic purging of such data.

8. Governing Law and Contact

The practices set forth herein are interpreted in accordance with the laws of the commercial headquarters of the application's developers, notwithstanding applicable supranational provisions. In case of structural questions or an expert request regarding this policy, formally write to our designated legal data protection officer at the official electronic address: support@how2burn.com.