Privacy Policy

For LeanPlan — Calorie & Weight Tracker

Last updated: June 1, 2026

🚫No Data Collected
🔒Local Storage Only
📵No Trackers or Ads
🏥HealthKit Compliant

1. Introduction & Scope

This Privacy Policy explains how LeanPlan ("the App", "we", "our") handles your information. It applies to the LeanPlan iOS application and all of its features.

The short version: we do not collect, store, or transmit any personal information about you — ever. There are no servers that hold your data, no accounts to create, and no profiles to build. This document exists to be completely transparent about how the App works and to satisfy App Store Connect disclosure requirements.

2. Our Core Privacy Beliefs

LeanPlan was designed from the ground up around a single, non-negotiable principle: your health data belongs to you alone.

We believe that a calorie and weight tracking app has absolutely no legitimate reason to know who you are. There are no user accounts, no sign-up flows, no logins, and no cloud sync. Everything you log — every meal, every weigh-in, every goal — lives exclusively on your personal device.

✦ The No-Login, Local-First Model

  • No account creation required — ever.
  • No email address, name, or any identifier is requested or stored.
  • We operate no servers, no cloud databases, and no sync infrastructure.
  • We receive no data from your device. Zero. Not even crash reports.

3. Information Collection & Usage

The App stores the following data types locally on your device only, inside a private SQLite database that only the App can access. This information is never transmitted anywhere.

Data TypeStored WhereSent To Us
Food diary entriesOn-device SQLite DBNever
Weight log entriesOn-device SQLite DBNever
Calorie budgets & goalsOn-device SQLite DBNever
App preferences & settingsOn-device SQLite DBNever
HealthKit body weight (optional)Apple Health on-deviceNever
HealthKit active energy (optional)Apple Health on-deviceNever

Deleting the App from your device permanently and irrecoverably destroys all of this data. We have no ability to recover it on your behalf.

4. Apple HealthKit Data Policy

LeanPlan integrates with Apple HealthKit to enhance the accuracy of your calorie budgets. This integration is entirely optional and requires your explicit permission, which you can grant or revoke at any time in iOS Settings → Privacy & Security → Health → LeanPlan.

What the App reads from Apple Health (with permission):

  • Body Weight — to pre-populate your current weight and display trends.
  • Active Energy Burned — to adjust your daily net calorie budget based on your activity level.

What the App writes to Apple Health (with permission):

  • Body Weight entries you manually log within LeanPlan.

⚖️ Strict Apple Developer Guideline Compliance

We strictly comply with Apple's HealthKit developer guidelines. Specifically:

  • HealthKit data is never shared with third parties for any purpose, including advertising, research, or analytics.
  • HealthKit data is never used for marketing or to build a profile of you.
  • All HealthKit data processing occurs entirely on-device. It is never transmitted to our servers (which do not exist) or to any external service.
  • HealthKit data is not stored by the App beyond what you explicitly log; it is read in real time to calculate your budget.

5. Third-Party Web Services

LeanPlan uses one external web service: the Open Food Facts API (world.openfoodfacts.org), a free and open-source food database.

When you search for a food item or scan a barcode, your device sends a search query (the food name or barcode number) directly to Open Food Facts' servers. No user-identifying information — no name, no email, no device ID, no account token — is included in these requests.

Example request: When you scan a barcode 5901234123457, your device sends a query to world.openfoodfacts.org/api/v2/product/5901234123457. This is functionally identical to typing a web address into a browser.

The Open Food Facts API is governed by its own Terms of Use. Their privacy practices are independent of ours. We have no affiliation with, or contractual relationship with, Open Food Facts beyond making standard HTTP requests to their public API.

LeanPlan has no other third-party integrations. There are no analytics SDKs, no advertising networks, no crash reporting tools, and no A/B testing frameworks embedded in the App.

6. Data Security & Retention

You are in complete control of your data. Because everything is stored locally on your device, your data is protected by the same hardware and software security mechanisms Apple provides for all iOS apps — including hardware-level encryption tied to your device passcode and Face ID / Touch ID.

🔒 Encryption at Rest

Your local SQLite database is stored in the App's private sandbox, protected by iOS Data Protection. On modern iPhones, this data is encrypted by the Secure Enclave and inaccessible without your biometric or passcode authentication.

⏳ Retention Period

Your data is retained for as long as you have the App installed. You can delete individual entries at any time within the App. Deleting the App from your device removes all associated data immediately and permanently. We hold no copies.

🚫 No Data Breach Risk From Us

Since we hold no data, we cannot be breached. There is no LeanPlan server or database that could be compromised, leaked, or subpoenaed.

7. Children's Privacy

LeanPlan is rated 12+ in Brazil and South Korea, and 13+ in all other 173 countries and regions where it is available on the App Store, in accordance with local regulations regarding health and fitness application content.

Because LeanPlan collects absolutely no personal information from any user — regardless of age — we automatically satisfy the requirements of children's privacy legislation including the United States' Children's Online Privacy Protection Act (COPPA) and equivalent regulations in other jurisdictions.

Specifically:

  • We do not knowingly collect personal information from children under 13 (or the applicable age limit in their jurisdiction).
  • We do not request, require, or store any name, email address, date of birth, or any other identifier from any user, child or adult.
  • There are no mechanisms in the App through which a child could share personal information with us.

If you are a parent or guardian and believe your child has somehow shared personal information through our App, please contact us at the address below. We assure you, however, that no such mechanism exists.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the App's features, applicable law, or our practices. When we make changes, we will update the "Last updated" date at the top of this document.

Because we do not have your email address (and never will), we cannot notify you of changes directly. We encourage you to review this policy periodically. Continued use of the App after any changes constitutes your acceptance of the updated policy. If you do not agree with any changes, your remedy is to delete the App.

We will not make any changes to this policy that contradict our core commitment to collecting zero personal data without making that change very clear and prominent.

9. Contact Information

If you have any questions, concerns, or feedback regarding this Privacy Policy, please reach out to us. We will respond as promptly as possible.

LeanPlan Support

Developed by Kasame

[email protected]