Legal

Privacy Policy

Last Updated: December 2025

Scope of This Policy

This Privacy Policy applies to all Cratox services:

Cratox AI Mobile App – iOS nutrition tracking application
Cratox Website – cratox.com nutrition database and blog content

1. Introduction

CRATOS INNOVATIONS S.R.L. ("Cratox," "we," "our," or "us"), based in Brașov, Romania (CIF: 51792827), operates the Cratox AI mobile application and cratox.com website. This Privacy Policy explains how we collect, use, and protect your information when you use our services.

2. Data We Collect

📱 Mobile App (Cratox AI)

Health & Fitness Data

Food logs and meal photos you submit
Nutritional goals and dietary preferences
Weight, activity level, and health objectives (if provided)
Calorie and macro tracking data

This data is used solely for app personalization and is not sold to third parties.

Device & Usage Data

Device type, OS version, and app version
Usage patterns and feature interactions
Crash logs and performance data
IP address and approximate location (country/region)

Advertising Identifiers

With your consent, we may collect:

IDFA (Identifier for Advertisers) for advertising attribution

You can opt out via the App Tracking Transparency (ATT) prompt or in your device settings.

🌐 Website (cratox.com)

Automatically Collected

Pages visited and time spent on site
Browser type and device information
IP address for security and analytics
Language preferences
Referral source (how you found us)

Cookies

Essential: Required for basic website functionality
Analytics: Help us understand how visitors use our site
Preferences: Remember your language settings

3. How We Use Your Data

Personalization: Tailor nutrition recommendations based on your goals (mobile app)
Service Improvement: Analyze usage patterns to enhance features
Analytics: Understand how users interact with our services
Advertising: Measure ad effectiveness and attribution (mobile app)
Support: Respond to inquiries and troubleshoot issues
Security: Detect fraud and protect our services
Legal Compliance: Meet regulatory requirements

4. Third-Party Services

We use the following third-party services that may collect data:

📊 Firebase (Google)

Analytics, crash reporting, and performance monitoring.

📱 Meta / Facebook

Advertising and event tracking (mobile app).

📈 Singular

Attribution tracking for app installs (mobile app).

🤖 OpenAI

AI-powered food recognition and content generation.

🧠 Cerebras

AI processing for meal analysis (mobile app).

📧 Customer.io

Email and push notifications.

💳 Adapty

Subscription and payment management (mobile app).

☁️ Amazon Web Services

Cloud infrastructure and data storage (mobile app).

☁️ Vercel

Website hosting and infrastructure.

🗄️ Supabase

Database hosting (website).

5. Tracking & Advertising (Mobile App)

This section applies to the Cratox AI mobile application only.

App Tracking Transparency (ATT)

On iOS 14.5+, we request your permission before tracking via the ATT prompt. If you decline, we will not access your IDFA or track you across other apps.

What We Track

App install attribution (which ad led you to download)
In-app events (e.g., sign-up, first scan, subscription)
Ad impressions and conversions for campaign optimization

Opting Out

You can opt out of personalized advertising via your device settings or by declining the ATT prompt on iOS.

6. Data Sharing

We do not sell your personal data. We may share data with:

Service Providers: Third parties listed above for analytics, hosting, and advertising
Legal Requirements: When required by law or to protect our rights
Business Transfers: In connection with a merger, acquisition, or sale

7. Data Security

We implement industry-standard security measures:

Encrypted connections (HTTPS/TLS)
Secure cloud infrastructure
Regular security audits
Limited access to personal data
Database-level encryption

However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

8. Your Rights (GDPR & CCPA)

Depending on your location, you have the right to:

Access:Request a copy of your data

Correction:Update inaccurate information

Deletion:Request deletion of your data

Portability:Export your data

Objection:Object to data processing

Opt-out:Opt out of tracking/marketing

To exercise these rights, contact us at office@cratox.com

9. Data Retention

We retain your personal data only for as long as necessary to provide our services and fulfill the purposes described in this policy. When you delete your account (mobile app), we will delete your personal data within 30 days, except where we need to retain it for legal or legitimate business purposes.

10. Children's Privacy

Our services are not directed to children under 13 (or 16 in certain jurisdictions). We do not knowingly collect data from children. If you believe we have collected information from a child, contact us immediately at office@cratox.com.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence (including the USA for cloud services). These countries may have different data protection laws. By using our services, you consent to such transfers. We ensure appropriate safeguards are in place.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by updating the "Last Updated" date and, where appropriate, through in-app notifications or email.

13. Contact Us

For privacy-related inquiries:

Email: office@cratox.com

Company: CRATOS INNOVATIONS S.R.L.

Location: Brașov, Romania

CIF: 51792827

Back to Home