Legal Last updated: May 23, 2026

Privacy Policy

CarbTrack is a health app for people living with diabetes. We take your health data seriously. This policy explains exactly what we collect, why, and the controls you have over it.

Questions? Contact [email protected] ↗

🔍 Privacy at a glance

What we collect: account info (email, name), health data (glucose readings, meals, insulin), community posts, and basic device/crash info.
Why we use it: to power the app's core features — meal logging, CGM sync, insights, notifications, and community — and to fix bugs.
We do not sell your data to advertisers or data brokers. Ever.
We do not run ads or use advertising trackers.
CGM sharing: Dexcom and LibreView data is only accessed when you explicitly connect your account. You can disconnect at any time.
Your controls: you can disconnect CGM devices, delete individual meals and posts, and contact us to delete your account and all associated data.
Age requirement: CarbTrack is intended for users aged 13 and older. We do not knowingly collect data from children under 13.

Section 01

Who we are

CarbTrack is operated by Kouidev. When this policy says "we", "us", or "our" it refers to Kouidev. If you have questions about this policy, please contact us at [email protected].

ℹ️ Not medical advice. CarbTrack is a logging and tracking tool — it is not a medical device and does not provide medical advice. Always consult a qualified healthcare professional for medical decisions. Terms of Use apply.

Section 02

Data we collect

Category	Examples	Source
Account data	Email address, display name	You, via Clerk authentication
Health profile	Diabetes type, weight, age, insulin regimen, activity level, glucose targets, timezone	You, during onboarding & settings
Glucose readings	Blood glucose values, timestamps, reading source (manual, Dexcom, LibreView)	You (manual) or CGM integration (Dexcom / LibreView)
Meal & nutrition data	Meal photos, ingredient names, carbs/fat/protein per item, serving sizes, eaten-at timestamp, AI-generated carb estimates	You; AI analysis powered by OpenAI
Insulin data	Insulin-to-carb ratios, logged doses, recommended dose calculations	You
Community content (UGC)	Post text and optional attached images, comments, reactions	You
Device & usage data	Device OS/version, app version, crash reports, error logs	Automatically, from your device
Notification tokens	Push notification device token (Expo)	Automatically, when you grant notification permission

⚠️ Community reminder: Community posts are visible to other CarbTrack users. Do not include sensitive personal health details (e.g. full medication doses, personal identifiers) in public posts.

Section 03

How we use your data

Core app functionality: logging meals, recording glucose readings, computing insulin recommendations, and displaying your history and timeline.
AI carb estimation: when you scan a meal photo, the image is sent to OpenAI's API to estimate nutritional content. The image is not stored by OpenAI for training without your consent under their API terms.
Insights & analytics: generating daily/weekly summaries, glucose trend analysis, and meal-impact reports — all computed server-side for your account only.
CGM synchronisation: fetching your glucose data from Dexcom or LibreView at your request, so it appears in your timeline and insights.
Notifications & alerts: sending push notifications for glucose alerts, meal reminders, and community activity you subscribe to.
Community features: displaying your posts and comments to other users in the community rooms you join.
Bug fixing & reliability: error logs and crash data help us identify and fix issues. This data is not linked to health records.
Customer support: responding to support requests you initiate by email.
Legal compliance: retaining records as required by applicable law.

We do not use your health data for advertising, profiling for third-party marketing, or any purpose beyond what is described above.

Section 04

Sharing & third parties

We do not sell your personal or health data. We share data only in the following limited circumstances:

Recipient	What & why	Your control
Clerk	Authentication provider — stores your email and manages sign-in sessions.	Account deletion removes your Clerk record.
Dexcom	CGM data sync — we request glucose readings via Dexcom's OAuth API only when you connect your account.	Disconnect anytime in Settings → Connected Devices.
LibreView (Abbott)	CGM data sync — same as Dexcom; credentials used only to fetch your readings.	Disconnect anytime in Settings → Connected Devices.
OpenAI	AI meal analysis — meal photos you scan are sent to OpenAI's API to estimate carbohydrates and nutrition.	You choose when to scan; manual entry is always available.
Cloudflare R2	Cloud object storage — meal photos, community post images, and profile avatars are stored on Cloudflare R2.	Deleting a meal or post removes associated images.
Expo (Notifications)	Push notification delivery — your device push token is registered with Expo's notification service.	Revoke notification permission in your device Settings.
Cloud hosting provider	Our backend servers, database (PostgreSQL), and cache (Redis) run on cloud infrastructure. Providers access data only to operate the service.	Covered by our data processing agreement with the provider.

We may also disclose data when required by law, court order, or to protect the safety of users or the public.

Section 05

CGM integrations — Dexcom & LibreView

When you connect a Continuous Glucose Monitor account, CarbTrack will:

Request an OAuth token (Dexcom) or authenticate with your LibreView credentials to fetch your glucose readings.
Store the access token securely in our database to enable background synchronisation.
Import glucose readings into your CarbTrack timeline and analytics.
Never share your CGM credentials or data with any party other than the CGM provider itself.

You can disconnect any CGM integration at any time in Settings → Connected Devices. Disconnecting revokes our token and stops future syncs. Historical readings already imported remain in your account unless you request account deletion.

Section 06

Your controls

Edit your profile: update your name, health profile, and alert settings any time in Settings.
Delete meals: any meal can be deleted from the Meals History screen; this permanently removes the log and its associated photo.
Delete posts & comments: you can delete your own community posts and comments at any time. Deleted posts are soft-removed and cease to be visible immediately.
Disconnect CGM devices: go to Settings → Connected Devices and tap Disconnect next to Dexcom or LibreView.
Manage device permissions: camera and photo library access can be revoked in your device's Settings app at any time. Notification permission can also be toggled there.
Delete your account: contact us at [email protected] with the subject "Delete my account". We will permanently delete your account and all associated health data within 30 days. Community posts may be anonymised rather than individually deleted where doing so is technically required for integrity of existing threads.

ℹ️ We do not currently offer a self-serve data export feature. If you need a copy of your data, contact us and we will provide one in a machine-readable format where technically feasible.

Section 07

Security

All data is transmitted over HTTPS / TLS — never in plain text.
Authentication tokens are signed JWTs verified server-side on every request.
API keys and CGM credentials are stored encrypted in our database, not in plain text.
Access to production data is restricted to authorised personnel only.
We use Cloudflare as our network edge for DDoS mitigation and request filtering.

No system is perfectly secure. If you discover a security vulnerability, please report it responsibly to [email protected].

Section 08

Data retention

Health and meal data is retained for as long as your account is active.
Deleted meals and posts are soft-deleted (flagged as removed) and fully purged from our systems within 90 days of deletion.
On account deletion, all personal data is permanently erased within 30 days, subject to any legal retention obligations.
Anonymised, aggregated analytics (e.g. total number of users, app crash rates) may be retained indefinitely as they cannot identify individuals.

Section 09

Children's privacy

CarbTrack is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has created an account, please contact us at [email protected] and we will delete the account promptly.

For users between 13 and 18, we recommend parental or guardian involvement in reviewing this policy and configuring the app's health settings.

Section 10

Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via an in-app notice or email before the changes take effect. The "Last updated" date at the top of this page always reflects the most recent revision. Continued use of CarbTrack after the effective date constitutes acceptance of the revised policy.

Section 11

Contact us

Kouidev — CarbTrack Privacy Team

For privacy requests, data deletion, or policy questions:

[email protected]

For general support:

[email protected]

We aim to respond to all privacy-related requests within 5 business days.