Our Commitment
Kalon is built on a simple principle: your personal data belongs to you. We collect only what is necessary to provide personalized strategy coaching, and we never sell, share, or monetize your behavioral data. We do not serve advertisements or share data with data brokers.
Information We Collect
The following data is collected as part of core app functionality and is required to use Kalon.
Account Information — Email address and password for authentication, plus a unique user ID generated at signup. Managed securely through Supabase with Row Level Security.
Diagnostic Responses — Your answers to the 20-question behavioral assessment across 7 psychological dimensions. Used to calculate your dimension scores and assign your behavioral persona. Stored locally and synced to Supabase.
Behavioral Feedback — Your interactions with levers — thumbs up/down, completions, pauses with reasons, daily check-in confirmations, view duration, and whether you read the reasoning. Used to improve future recommendations through the feedback learning system.
Journal Entries — Personal reflections you write in the journal (available to all users). Titles and content are stored locally and synced to Supabase. The most recent entries are included as context when generating AI recommendations to improve accuracy.
Lever & Experiment Data — Records of AI-generated recommendations you receive, including type (Stop/Start/Shift), instruction text, duration, commitment status, and completion outcome. Stored locally and synced to Supabase.
Subscription Status — Whether you have an active Kalon One subscription and its expiration date. Payment processing is handled entirely by Apple — we never access payment card or bank account information.
Optional Data (Explicit Consent Required)
The following data sources are entirely optional. Each category is independently toggled in your data permissions and is never collected without your explicit consent. You can enable or revoke consent for each category at any time.
Screen Time — App engagement patterns including session frequency, timing (morning vs. evening), and usage consistency. No specific third-party app names are collected — only your Kalon usage patterns. Stored locally on your device only.
Health Data (via Apple HealthKit) — Steps, active energy burned, exercise time, stand hours, sleep duration and quality (core, deep, REM), wake time consistency, heart rate, heart rate variability, and mindfulness sessions. Read-only access — Kalon never writes to HealthKit. Raw health data is queried on-demand and not persisted; only derived behavioral signals are stored locally.
Location Patterns — Significant location changes and visit patterns using battery-efficient monitoring. Precise coordinates are stored locally on your device only and are never sent to our servers. Only aggregated summaries (e.g., number of unique locations, late-night activity counts) are used for behavioral analysis.
Photo Context — Photo metadata only — creation dates, geotagged locations, media type, favorite and screenshot status. Kalon never inspects, reads, uploads, or stores the visual content of your images. Metadata is analyzed in memory and not persisted to disk; only derived signals are stored.
How We Use Your Data
Personalization — Your diagnostic scores, feedback history, and journal entries are used to generate AI-powered Stop/Start/Shift recommendations tailored to your behavioral patterns and persona.
Pattern Analysis — When you consent to optional data sources, behavioral signals help Kalon surface reflections and insights about your routines, energy patterns, and tendencies.
Score Reinforcement — Over time, your 7 dimension scores adjust based on behavioral signals using time-weighted windows (7-day and 30-day). Scores decay toward the mean to prevent extremes, with a maximum change limit per month.
Feedback Learning — Your feedback actions (thumbs up/down, completions, abandonments) build a preference profile that adjusts the type, theme, and duration of future recommendations.
Data Storage & Security
Your data is stored locally on your device using SwiftData and selectively synced to Supabase PostgreSQL with Row Level Security — only your authenticated account can access your records. AI-generated content is cached locally to minimize API calls.
Synced to Supabase — Profile, diagnostic responses, dimension scores, levers, reflections, lever feedback, and journal entries.
Local Only (Never Sent to Our Servers) — Health data, location coordinates, photo metadata, screen time patterns, daily check-ins, and all derived behavioral signals.
Encryption — Data in transit is encrypted via TLS. Supabase enforces Row Level Security so each user can only query their own records.
Data Retention
Account & Profile Data — Retained until you delete your account.
Behavioral Signals — Automatically purged after 90 days. This includes all derived signals from health, location, photo, and screen time data.
Photo Metadata — Analyzed in memory only and discarded when the app closes. Not written to disk.
Levers, Feedback & Journal Entries — Retained until you delete your account, as they contribute to your ongoing behavioral profile.
Third-Party Services
Supabase (Authentication & Database) — Provides email/password authentication and cloud database with Row Level Security. Hosted infrastructure for secure data sync.
OpenAI (AI Generation) — Generates lever recommendations, reflections, and insights. We send: your dimension scores, persona type, aggregated feedback patterns, recent journal excerpts (up to 8 entries, max 500 characters each), lever history summaries, and behavioral signal summaries from consented data sources. We never send your email address, user ID, or other personal identifiers to OpenAI.
Apple HealthKit — Read-only access to health and fitness metrics when you consent. HealthKit data is queried on your device and never transmitted to our servers. Only aggregated behavioral signals derived from this data may be included in AI prompts.
Apple StoreKit — Manages subscription purchases and verification. All payment processing is handled by Apple — Kalon never receives or stores payment card information.
Your Rights
Access — View all your data in the app — diagnostic scores, persona, dimension visualizations, levers, reflections, journal entries, and feedback history.
Portability — Your data is accessible through the app interface. Contact us to request a full export of your data.
Reset — Retake the diagnostic assessment at any time from Settings to recalculate your scores and persona without deleting historical data.
Delete — Permanently delete all your data from Settings. This removes everything from both your device and our servers, including all synced records in Supabase.
Revoke Consent — Toggle off any optional data source at any time from your data permissions. Previously collected signals are retained for up to 90 days (per the retention schedule) but no new data is gathered.
Account Deletion — Delete your account entirely from Settings. This permanently removes your account, all associated data from our servers, and all local data. This action cannot be undone.
Children's Privacy
Kalon is not designed for or directed at children under 13. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 13, we will delete it promptly.
International Users
Kalon is operated from the United States. If you access Kalon from outside the US, your data may be transferred to and processed in the United States. By using Kalon, you consent to this transfer. We process data in accordance with applicable privacy laws.
Changes to This Policy
We may update this policy as Kalon evolves. Significant changes will be communicated through in-app notifications. Continued use after changes constitutes acceptance of the updated policy.
Contact
Questions about your privacy? Reach us at support@kalon.one.