← Back

Privacy Policy

Last updated: March 23, 2026

1. Information We Collect

We collect the following types of information:

  • Account information: name, email address, role, organization
  • Health & nutrition data: food logs, meal plans, body composition, dietary goals
  • Usage data: feature usage, session information, device type
  • Communication data: video consultation recordings and transcripts (when consented)

1a. SMS/Text Messaging

When you provide your phone number during registration and consent to receive text messages, we collect your phone number to send you SMS messages related to the Calsanova service. These messages may include:

  • Phone number verification codes during signup
  • Account security alerts (password resets, suspicious login attempts)
  • Appointment reminders for scheduled consultations with your dietitian
  • Meal logging reminders and nutrition goal notifications

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. Your phone number is used solely for the purposes described above and is not sold, rented, or shared with any third party except our SMS service provider (Twilio) which processes messages on our behalf under strict data processing agreements.

You may opt out of SMS messages at any time by replying STOP to any message. For help, reply HELP or contact support@calsanova.com. Message frequency varies based on your account activity. Message and data rates may apply.

2. How We Use Your Information

We use your information to:

  • Provide and maintain the Service
  • Generate personalized nutritional insights and meal plans
  • Facilitate communication between dietitians and members
  • Improve the Service through aggregated, anonymized analytics
  • Send important account and service notifications

3. AI Processing

Calsanova uses artificial intelligence to generate nutritional insights, meal plans, and recommendations. Your nutritional data may be processed by AI models to provide these features. AI-generated content is clearly labeled and should not be considered medical advice.

4. Data Storage & Security

Your data is stored securely using industry-standard encryption. We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. Passwords are hashed using bcrypt and are never stored in plain text.

4a. Health Data & HIPAA Considerations

Calsanova collects and processes health-related information including dietary intake, body composition, nutritional goals, and consultation notes. We recognize the sensitive nature of this data and apply the following safeguards:

  • Health data is encrypted in transit (TLS) and at rest
  • Access to health data is restricted to authorized users (the member and their assigned dietitian)
  • We do not share health data with third parties for marketing or advertising purposes
  • AI-processed health data is not used to train models or shared outside your care team
  • Users may request complete deletion of their health data at any time

HIPAA Notice: While Calsanova implements security practices aligned with HIPAA standards, the platform is designed as a nutrition management tool for sports dietitians and members — not as a covered healthcare provider or health plan. If your organization requires a Business Associate Agreement (BAA) or formal HIPAA compliance certification, please contact us at compliance@calsanova.com to discuss your specific requirements.

5. Data Sharing

We do not sell your personal data. We may share your information with:

  • Your assigned dietitian or coach within the platform
  • Service providers who assist in operating the platform (under strict data processing agreements)
  • Law enforcement when required by applicable law

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Withdraw consent for data processing
  • Lodge a complaint with a supervisory authority

6a. How to Delete Your Account

You can delete your account and all associated data at any time:

  1. Log in to your account at calsanova.com or the Calsanova app
  2. Navigate to Settings (accessible from your profile)
  3. Scroll to the Danger Zone section
  4. Click “Delete Account” and confirm

Upon confirmation, the following data is permanently deleted within 30 days:

  • Account information: name, email, profile, credentials
  • Health & nutrition data: food logs, meal plans, body composition, goals, hydration logs
  • Workout data: workout journal entries and exercise history
  • Communication data: messages with coaches/dietitians, consultation notes
  • AI interaction data: Kiwi AI conversation history and queries
  • Device tokens: push notification registrations

Data that may be retained: Anonymized, aggregated analytics data that cannot be linked back to you. Transaction records required for legal or tax compliance (up to 7 years). Data that has been shared with your assigned dietitian as part of their professional records may be retained by them separately.

6b. How to Delete Specific Data

You can delete specific data without deleting your account:

  • Food logs: Swipe or click delete on individual entries in your food diary
  • Weight/body composition: Remove entries from your body composition history
  • Workout logs: Delete individual workouts from your workout journal
  • All health data: Email privacy@calsanova.com to request bulk deletion of all health data while keeping your account active

Deletion requests sent to privacy@calsanova.com are processed within 30 days. You will receive email confirmation when your data has been deleted.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. If you request account deletion, we will delete your personal data within 30 days, except where retention is required by law.

  • Active accounts: Data retained as long as your account is active
  • Deleted accounts: Personal data permanently removed within 30 days
  • Backups: Data may persist in encrypted backups for up to 90 days after deletion, after which it is purged
  • Legal requirements: Transaction and billing records may be retained for up to 7 years for tax and legal compliance

8. Cookies

Calsanova uses essential cookies and local storage for authentication and user preferences. We do not use third-party tracking cookies.

9. Children's Privacy (COPPA)

Calsanova is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. Users must confirm they are 13 years of age or older during registration. If we learn that we have collected personal information from a child under 13, we will promptly delete such information.

Users between 13 and 18 should use the Service under the supervision of a parent or guardian. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@calsanova.com.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the “Last updated” date and, where appropriate, through in-app notification.

11. Contact

For privacy-related inquiries, contact our Data Protection Officer at privacy@calsanova.com.

Privacy Policy | Calsanova