Privacy Policy

Effective: 2026-05-02

TL;DR. Macroline is a macro and calorie tracker. We collect what's needed to make the app work — your email, foods you log, goals you set — and process payment info via Stripe. We don't sell your data, run ads, or use your meal logs to train AI models. You can delete your account any time by emailing info@macroline.app.

This policy describes how Macroline, operated by Calvert Estate LLC ("we", "us", "our", or the "Operator"), collects, uses, and shares information about you when you use the Macroline iOS app or visit macroline.app (together, the "Service").

1. Information we collect

You give us

Account information. Email address and a password you create. Passwords are hashed with bcrypt and never stored in readable form.
Diary entries. Foods you log, the quantity, optional meal type (breakfast/lunch/dinner/snack), the timestamp, and any optional notes.
Body and goal data. Calorie and macronutrient targets you set, weight entries you log (if any), display name, and timezone.
Custom foods. Foods you add to your private library that aren't in our public database.
Free-text descriptions. When you use the "Describe meal" feature, the text you submit is sent to our AI provider (Anthropic) for parsing into structured items. The text is not used by Anthropic to train models (per the API terms in effect at the time of this policy).
Customer support communications. If you email us, we keep the message to respond.

Generated automatically

Authentication metadata. Session refresh-token hashes, the user-agent string from your device, and the IP address of the request, recorded when you sign in or refresh a session. Used to detect compromised sessions.
Subscription state. Your current tier (Free or Pro), and identifiers from our payment processors (Stripe customer ID, Apple original transaction ID) used to associate your subscription with your account.
Usage events. Counts of feature use (e.g., "describe meal" call, "barcode scan" call) timestamped per user, used to enforce free-tier quotas. We do not record the content of those events beyond a feature label.
Server logs. Standard request logs (URL, status code, timing) retained for up to 30 days for debugging and security.

Apple Health (HealthKit)

If you opt in via Settings → Apple Health, Macroline can read and write body weight (HKQuantityTypeIdentifierBodyMass) to/from Apple Health on your device. Specifically:

Read: the latest weight sample and a recent history window, used only to display alongside your Macroline-logged weights so trends stay continuous if you've been logging weight in another app.
Write: when you log a weight in Macroline and the "Mirror weight logs" toggle is on, the same kilogram value is written to Apple Health, sourced as "Macroline."

Apple Health data is processed on your device only — it is not transmitted to our servers, not shared with third parties, and not used for advertising or other use-based data mining. You can revoke access at any time in iOS Settings → Health → Data Access & Devices → Macroline.

AI assistants via the Claude connector (MCP)

Macroline operates an MCP (Model Context Protocol) server at api.macroline.app/mcp. If you choose to connect an AI assistant such as Claude to your Macroline account, the assistant authorizes with OAuth 2.1 + PKCE and receives a scoped access token tied to your user.

The token grants only the scopes you approve on the consent screen. As of this policy the available scopes are:

read:foods — search the public food database and your custom foods.
read:diary — read your diary entries, exercise logs, and daily summaries.
write:diary — add new diary, exercise, and water entries.
write:goals — update your calorie and macro targets.

Weight entries, body-composition data, HealthKit data, subscription/billing data, and authentication credentials are not exposed through any MCP scope. The connector cannot delete account-level data or change your password.

When you ask Claude to "log a meal" or "show me last week's protein," the request flows: Claude → Anthropic's servers → Macroline's MCP server (server-to-server, bearer token) → your account data → response back through the same path. Anthropic processes only the conversation content you submit to Claude (which may include data Claude has retrieved from Macroline). Anthropic does not bulk-export your Macroline data; the data flow is request-by-request, scoped to the active chat. Anthropic's handling of that content is governed by their own privacy policy at anthropic.com/legal/privacy.

You can revoke connector access at any time. From Claude: Settings → Connectors → Macroline → Remove. From Macroline: open the iOS app, Settings → Connect AI → Revoke all sessions. Revocation invalidates the access token immediately; any future tool calls fail until you re-authorize.

What we do NOT collect

Apple Health data on our servers (HealthKit reads/writes stay on your device — see above).
Health data types other than body weight (we do not request access to active energy, basal energy, water, or any other HealthKit type at this time).
Location.
Contacts, calendar, or other on-device personal data.
Photos beyond images you take or pick inside the app for food scanning.
Advertising identifiers (IDFA). We do not run advertising.
Cross-app or cross-site tracking data.

2. How we use information

Operate the Service. Authenticate you, store your diary, calculate daily macro/calorie totals, send transactional emails (signup confirmation, password reset).
Personalize. Apply your goals to dashboards and summaries.
Improve the Service. Aggregated, non-identifying analysis of which features get used. We do not use your individual diary content to train AI models.
Communicate. Send service updates, security notices, and replies to your support requests.
Detect and prevent abuse. Block fraudulent signups, payment fraud, and unauthorized access.
Legal compliance. Respond to lawful requests, enforce our Terms.

3. Who we share information with

We share data with the following service providers strictly to operate Macroline. We do not sell your personal information to anyone.

Service	What it processes	Why
Stripe	Payment card data, billing email	Process web subscription payments
Apple	In-app purchase receipt	Process iOS subscriptions
Anthropic	Meal-description text you submit	Parse natural language into structured food items
Resend	Email address, message body	Send signup confirmation, password reset, account notifications
Neon	All structured data described above	Database hosting
Fly.io	Server logs, in-memory request data	Application hosting
Cloudflare	DNS records, edge cache, marketing site requests	Domain DNS, CDN, marketing site hosting, email routing
Upstash	Background-job metadata	Job queue for the food-research worker

Each of these vendors has its own privacy policy. We've selected vendors that have public policies and recognized data-protection practices.

We may also disclose information when required by law (subpoena, court order), to enforce our Terms, or to protect the rights, property, or safety of Macroline or others.

4. Where data is stored

Macroline's primary infrastructure is hosted in the United States (Neon Postgres in AWS US-East, Fly.io in IAD region, Upstash US-East). If you access the Service from outside the United States, your information will be transferred to and processed in the US. By using Macroline, you consent to this transfer.

Email and DNS routing pass through Cloudflare's global network. Cloudflare may temporarily process data through edge locations near you for performance.

5. How long we keep data

Active account data — kept as long as your account is active.
Server logs — up to 30 days.
Deleted account data — fully removed within 30 days of deletion request, except where we are legally required to retain certain financial records (Stripe subscription history is retained per Stripe's policy).
Backups — Neon takes daily automatic backups retained for 7 days. Deleted records may persist in those backups for up to 7 days after deletion.

6. Your rights

You have the right to:

Access the data we have about you. Most of it is visible in the app (Settings, Diary). For a complete export, email us.
Correct any inaccuracies. Edit goals, weight, food entries directly in the app.
Delete your account. Email info@macroline.app with the subject "Delete my data" from the email address tied to your account. We will delete your account, diary, weight history, custom foods, and subscription records within 30 days.
Export your data. Pro users can export their full diary as CSV from the app. Free users can request a JSON export by emailing us.
Withdraw consent for processing where consent is the basis (e.g., describing a meal sends text to Anthropic — you can simply not use that feature).
Object to certain processing or request portability where required by your local law.

For California residents (CCPA/CPRA)

You have the right to know what categories of personal information we collect, to delete your information, to correct inaccurate information, and to opt out of "sale" or "sharing" of personal information. We do not sell or share personal information for cross-context behavioral advertising. To exercise any right, email info@macroline.app. We will not discriminate against you for exercising any CCPA right.

For EU/UK/EEA residents (GDPR)

Our legal bases for processing are: (a) contract — to provide the Service you requested; (b) legitimate interests — to keep the Service secure and improve it; (c) consent — for optional features like meal description text submission to Anthropic; (d) legal obligation — to comply with applicable law. You may lodge a complaint with your local data protection authority. The Operator does not currently appoint an EU representative as we operate below the threshold requiring one; this may change as we grow.

7. Security

Passwords are hashed with bcrypt. All connections to the Service are over HTTPS/TLS. Subscription payment data does not touch our servers — it is handled by Stripe and Apple. Database access is authenticated and role-restricted. We use industry-standard security practices but no system is perfectly secure; if you believe your account has been compromised, contact us immediately at info@macroline.app.

8. Children's privacy

Macroline is intended for users 13 years of age or older. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has created an account, contact us at info@macroline.app and we will delete the account.

Health note for younger users and their guardians. Calorie and macro tracking can intersect with eating disorders. If you or someone you care about is struggling with food or body image, please consider reaching out to a qualified professional. The National Eating Disorders Association helpline (US) is available at 1-800-931-2237.

9. Cookies and similar technologies

The Macroline iOS app does not use cookies. The marketing site (macroline.app) uses minimal analytics provided by Cloudflare Pages, which counts page views without setting tracking cookies or collecting personally identifiable information. We do not use third-party advertising or social-media tracking pixels.

A short transparency notice appears on your first visit summarising the above. If you dismissed it and want to re-read it, use the link below — it clears the local flag and reloads the page so the notice shows again. Manage cookie notice.

10. Changes to this policy

We may update this policy as Macroline evolves. The "Effective" date at the top reflects the current version. For material changes, we will notify you by email or by an in-app notice at least 7 days before the change takes effect. Continued use after the effective date constitutes acceptance.

11. Contact

Questions or requests: info@macroline.app