Privacy Policy

1. Overview

FoodMate ("we", "our", or "us") is a personal food management app that helps you track your pantry inventory, reduce food waste, plan meals, manage your food budget, and understand nutrition patterns. We are committed to protecting your privacy and being transparent about how your information is collected and used.

This Privacy Policy applies to the FoodMate mobile application (iOS) and any related services. By using FoodMate, you agree to the practices described in this policy.

2. Information We Collect

2.1 Account Information

• Email address — used for account creation, login, and transactional emails (e.g., email verification, magic sign-in links)
• Password — stored as a cryptographic hash; we never store or access your plaintext password
• Profile photo — optionally uploaded by you; stored securely in cloud storage
• OAuth tokens — if you sign in with Google, we receive your name and email from Google; we do not receive your Google password
• Subscription status — if you purchase FoodMate Premium, we store your current entitlement status, RevenueCat customer identifier, and App Store purchase state so paid features can be unlocked correctly

2.2 App Content You Provide

• Inventory items — food names, quantities, units, storage locations, expiry dates, and purchase prices you manually enter or scan
• Purchase & expense records — item cost data used to calculate your food budget and savings
• Waste and rescue logs — food items you mark as wasted, rescued, used soon, or removed, used to generate waste reduction insights
• Nutrition logs — meals and foods you log, including calories, protein, carbohydrates, fat, and related estimates
• Meal history — records of AI-suggested, planned, cooked, saved, or community meals you interact with
• Meal requests & planning inputs — prompts you type for features like craving descriptions, AI meal ideas, daily insights, and weekly planning, together with the inventory and preferences needed to generate relevant results
• Recipe ratings and comments — reviews you submit on community recipes
• Recipe photos and other community uploads — images or content you choose to upload to community or profile features
• Weekly plans and shopping lists — generated plan days, selected meals, pantry matches, locked or replaced meals, and shopping-list items
• Household data — if you join or create a household group, your membership and shared inventory, purchase, budget, and waste data may be linked to that group

2.3 Preferences & Settings

• Your main goal (save money, eat healthier, reduce waste)
• Priority rankings for personalized suggestions
• Dietary type (e.g., vegan, vegetarian, gluten-free) and food allergies
• Nutrition goals (e.g., target daily calories, protein)
• Food likes, dislikes, and custom preferences
• Monthly food budget targets
• Language, currency, timezone, and unit-system settings
• Notification preferences

2.4 Device & Technical Information

• Push notification token — used to deliver reminders and insights you enable, such as expiry alerts, shopping-day reminders, budget reminders, weekly-planning reminders, and AI insight nudges
• Product interaction analytics — events such as screen views, onboarding completion, pantry actions, meal interactions, paywall opens, and feature taps, used to understand how FoodMate is used and improved over time
• User ID and linked analytics identifiers — used so your in-app activity can be associated with your account for analytics and feature measurement
• Device and app context — basic technical information needed to operate the app, diagnose issues, and route native push or local notifications

2.5 Photos (Optional)

• Pantry, fridge, or food photos — if you use photo scanning, your photo is sent to our secure server for analysis; photos used only for scanning are not intentionally stored after processing
• Receipt photos — if you use the receipt scanner, your photo is sent to our secure server for text extraction and item parsing; photos used only for receipt scanning are not intentionally stored after processing
• Voice transcripts — if you use voice input for pantry capture, the spoken transcript is sent to our secure server for structured parsing; recordings are not stored by FoodMate after processing
• Profile photo — stored in your account if you choose to upload one

3. How We Use Your Information

We use the information you provide for the following purposes only:

• Core app functionality — managing your pantry, tracking nutrition, generating meal suggestions, creating weekly plans, calculating budget metrics, and displaying waste logs
• AI-powered personalization — your inventory, preferences, goals, budget, waste, nutrition, and meal history are used to generate relevant meal suggestions, daily insights, next moves, and plans tailored to you
• Notifications — sending expiry alerts, planning reminders, budget reminders, and insight notifications you enable
• Account management — authentication, email verification, and account security
• Subscriptions — verifying Premium purchases, restoring entitlements, and managing access to paid features
• Product analytics — understanding which features people use, where users get stuck, and how to improve the app experience

We do not use your data for advertising, cross-app tracking, profiling for third-party sale, or any purpose not listed above.

4. AI & Third-Party Processing

FoodMate uses AI to generate meal suggestions, weekly meal plans, daily AI insights, budget/waste/nutrition summaries, pantry-focused next moves, and to analyze pantry photos, fridge photos, receipts, food photos, and pantry voice input. This AI processing is performed through OpenAI's API, accessed through our secure server-side infrastructure (Supabase Edge Functions). Your data is not sent directly from your device to OpenAI by the app.

Third-Party Services We Use

• Supabase — database, authentication, and file storage provider. Your data is stored in Supabase's infrastructure. See Supabase Privacy Policy.
• OpenAI — AI processing for meal suggestions, food analysis, and insights. See OpenAI Privacy Policy.
• PostHog — product analytics provider used to measure feature usage and improve the app experience. We do not use PostHog for advertising or cross-app tracking. See PostHog Privacy Policy.
• RevenueCat — subscription management provider used to validate Premium purchases, restore purchases, and manage entitlements. See RevenueCat Privacy Policy.
• Google Sign-In — optional OAuth authentication. See Google Privacy Policy.
• Apple Sign-In — optional OAuth authentication. See Apple Privacy Policy.
• Apple App Store — processes iOS subscription payments and related billing records when you purchase Premium through Apple.
• USDA FoodData Central — food search and nutrition enrichment for nutrient estimates. Food search terms and ingredient names may be sent through our server to USDA.
• Open Food Facts — barcode lookup for grocery products. Barcode numbers may be sent to Open Food Facts when you use barcode scanning.

5. Data Sharing & Disclosure

We do not sell, rent, or trade your personal information. We share data only in the following limited circumstances:

• Service providers — Supabase, OpenAI, USDA FoodData Central, and Open Food Facts receive data solely to provide the services described above
• Analytics and subscription providers — PostHog and RevenueCat receive only the data necessary to provide analytics and subscription functionality for FoodMate
• Household members — if you join a household group, your shared inventory items and household activity are visible to other members of that group
• Community features — if you submit a recipe rating, comment, or uploaded content, that content is visible to other app users, but your private account details such as email are not shown publicly
• Legal requirements — if required by law, court order, or to protect the rights and safety of our users or the public
• Business transfers — in the event of a merger, acquisition, or sale of assets, your data may be transferred; you will be notified of such a change

6. Data Storage & Security

Your data is stored securely using Supabase, hosted on infrastructure compliant with industry security standards. We implement the following safeguards:

• All data transmitted between your device and our servers is encrypted using TLS/HTTPS
• Passwords are hashed using bcrypt; we cannot recover your password
• Database access is restricted using Row-Level Security (RLS) policies — your data is only accessible by your authenticated account
• Profile photos are stored in private, access-controlled cloud storage
• Push notification tokens and analytics identifiers are stored and used only for FoodMate's own functionality and product analytics

While we take significant measures to protect your data, no system is 100% secure. We encourage you to use a strong, unique password for your account.

7. Data Retention

We retain your personal data for as long as your account is active. Specific retention rules:

• Account data — retained until you delete your account
• Inventory, nutrition, and waste logs — retained in your account until deleted by you or when your account is deleted
• Photos submitted for AI analysis — not stored; processed in memory and immediately discarded
• Analytics events — retained for as long as reasonably needed to understand product usage, improve the app, and investigate issues
• Subscription records — retained as needed to manage Premium access, restore purchases, troubleshoot billing access, and comply with legal or financial obligations
• Push notification tokens — deleted when you disable notifications or delete your account

When you delete your account, all personal data associated with your account is permanently deleted from our systems within 30 days, except where retention is required by law.

8. Your Rights & Choices

Depending on your location, you may have the following rights regarding your personal data:

Access & Portability

You can access all data stored in your account directly within the app. To request a full export of your data, contact us at support@foodmate.fit.

Correction

You can edit or correct your data at any time within the app (inventory items, nutrition logs, profile, preferences, etc.).

Deletion

You can delete individual items at any time within the app. To delete your entire account and all associated data, use the Data & Privacy section in the app's Profile tab, or email us at support@foodmate.fit with the subject "Account deletion request". We will process your request within 30 days.

Notifications and Optional AI Features

You can enable or disable push notifications at any time from the Settings section in the app, or from your device's notification settings.

You can choose not to use optional AI-powered scans, voice input, barcode lookup, weekly planning, or photo features. Some core app features may be less personalized if you do not provide pantry, budget, waste, nutrition, or preference data.

Withdraw Consent

You may stop using the app at any time. To withdraw consent to data processing, delete your account as described above.

California Residents (CCPA)

California residents have the right to know what personal information is collected, the right to delete, and the right to opt out of sale. We do not sell personal information. To exercise your rights, contact support@foodmate.fit.

EEA / UK Residents (GDPR)

If you are located in the European Economic Area or United Kingdom, you have rights under GDPR including access, rectification, erasure, restriction, portability, and the right to object. To exercise these rights, contact support@foodmate.fit. You also have the right to lodge a complaint with your local data protection authority.

9. Children's Privacy

FoodMate is not directed to children under the age of 13 (or under 16 in the EEA). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately at support@foodmate.fit and we will delete the information promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons. When we make material changes, we will:

• Update the "Last updated" date at the top of this page
• Notify you via email or an in-app notification

Continued use of FoodMate after changes take effect constitutes your acceptance of the updated policy. We encourage you to review this page periodically.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We aim to respond to all privacy-related requests within 5 business days.