Privacy Policy

Introduction

Shelfie ("we," "our," or "us") respects your privacy. This Privacy Policy describes how we collect, use, and protect your information when you use our mobile application and services (collectively, the "Service").

By downloading or using Shelfie, you agree to this policy.

1. Information We Collect

A. Information You Provide

Account Information:

• Email address (for authentication and communication)
• Display name and username (optional)
• Password (securely hashed and never stored in plaintext)
• Profile photo (optional)
• If you use Social Login (Google/Apple), we collect your public profile name and email ID

Pantry & Kitchen Data:

• Food items you add to your pantry
• Expiry dates and storage locations
• Purchase history and prices (optional)
• Quantities and serving sizes
• Photos of food items (stored securely, processed locally when possible)
• Grocery receipts (temporary processing only - we do not permanently store raw images unless you explicitly attach them to a bug report)

Cooking & Preferences:

• Recipes you save and cook
• Dietary preferences and restrictions (e.g., Vegan, Keto, Gluten-Free)
• Food allergies and intolerances
• Disliked ingredients
• Cooking history and meal plans
• Recipe ratings and reviews
• Custom recipes you create
• Nutrition goals (if you connect Apple Health or Google Fit)
• Macro targets (protein, carbs, fats)
• Calorie preferences

Social Features (if enabled):

• Family members you invite to shared grocery lists
• Recipe substitutions you submit to the community
• Comments and interactions with other users
• Leaderboard participation data

Support Queries: Information sent to us when you report a bug or request features, including screenshots you attach.

B. Information Collected Automatically

Usage Data:

• App features you use and how often (e.g., "Scanned Receipt," "Generated Recipe")
• Screen views and user interactions
• Scan frequency and success rates
• Recipe discovery patterns
• Time spent in different app sections
• Feature adoption metrics

Device Data:

• Device model, operating system version, and app version
• Unique device identifiers (for crash reporting and subscription entitlement management)
• Device language and region settings
• Screen resolution and device capabilities

Location Data (with your permission):

• Approximate location for local grocery store recommendations
• Used only when app is in use, never in background
• You can disable this in device settings at any time

Camera & Photo Library (with your permission):

• Photos you take for pantry scanning or recipe sharing
• Processed locally on-device when possible for privacy
• Only uploaded to our servers if you explicitly choose to save or share

Crash Reports and Performance Diagnostics:

• Stack traces and error logs
• Device type and OS version
• App performance metrics
• Memory usage and load times

C. Information from Third Parties

OAuth Providers (if you sign in with Apple/Google):

• Email address
• Name (Apple may hide your email with "Hide My Email")
• Profile photo (Google only)

Health Data (if you connect Apple Health or Google Fit):

• Daily calorie goals and macro targets
• Activity data (read-only)
• Nutritional data from other apps (if shared)
• We write nutrition data back to Health apps only with your explicit permission
• Note: Health data is stored securely and never shared with third parties

D. AI & Third-Party Processing

Recipe Generation: When you request a recipe, we send a list of your selected ingredients to our AI provider (Google Gemini). We do not send your personal identifiers (email/name) to the AI provider, only the food data (ingredients, dietary preferences).

Images (Temporary): When you scan a receipt or a fridge shelf, the image is processed by Google Gemini to extract data. We do not permanently store raw images unless you explicitly attach them to a bug report.

2. How We Use Your Information

We use your data to:

Provide Core Features

• Manage your pantry inventory and track expiry dates
• Recommend recipes based on available ingredients
• Generate smart grocery lists
• Sync data across your devices
• Enable family sharing for grocery lists and meal planning
• Process AI-powered scans (receipts, pantry shelves)
• Provide nutrition tracking and health app integration

Improve the Service

• Analyze usage patterns to improve app performance (via PostHog)
• Train AI models for better recipe recommendations (using aggregated, anonymized data)
• Fix bugs and diagnose crashes (via Firebase)
• Develop new features based on user behavior
• Identify confusing UI patterns

Process Subscriptions

• Manage your Shelfie Free/Core/Pro status (via RevenueCat)
• Handle subscription renewals and cancellations
• Verify purchase entitlements

Communicate with You

• Send important service announcements
• Respond to support requests
• Notify you of expiring food (if you enable push notifications)
• Share recipe suggestions (if you opt in to marketing emails)

Ensure Security & Compliance

• Detect and prevent fraud
• Enforce our Terms of Service
• Comply with legal obligations (e.g., GDPR, CCPA)
• Monitor for security breaches
• Audit sensitive operations (account deletion, data exports)

3. Data Sharing and Third Parties

We never sell your data. We only share data with trusted infrastructure providers necessary to run the app:

All vendors are contractually required to:

• Use data only for providing services to Shelfie
• Implement strong security measures
• Comply with GDPR, CCPA, and other privacy laws

Legal Compliance

We may disclose your information if required to:

• Comply with court orders, subpoenas, or legal processes
• Protect the rights, property, or safety of Shelfie, our users, or the public
• Investigate fraud, security breaches, or Terms of Service violations

Business Transfers

If Shelfie is acquired by or merged with another company, your data may be transferred to the new owners. We will notify you via email or in-app notification before this happens.

With Your Consent

We may share data in other ways if you explicitly consent (e.g., sharing a recipe on social media).

4. Data Retention

We retain your data for as long as necessary to provide the Service:

• Account Data: Until you delete your account (+ 30 days for backup retention)
• Pantry Items: Until you manually delete them or delete your account
• Recipes & Meal Plans: Until you delete them or close your account
• Usage Logs: 90 days for analytics, 12 months for crash reports
• Support Tickets: 3 years for legal compliance
• Health Data: Stored only while you maintain the integration; deleted when you disconnect

Deletion Process

If you delete your account, all personal data is removed from our live database immediately (and from backups within 30 days).

1. Your personal data is immediately flagged for deletion
2. All data is permanently deleted within 30 days
3. Backups are overwritten within 90 days
4. Anonymized analytics data (no personal identifiers) may be retained indefinitely

5. Your Rights (GDPR & CCPA)

Regardless of where you live, you have the right to:

GDPR Rights (European Union)

If you are located in the EU/EEA, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure ("Right to be Forgotten"): Delete your account and all data permanently via the "Delete Account" button in Settings
• Data Portability: Export your data in JSON format
• Restriction: Limit how we process your data
• Objection: Opt out of certain data processing (e.g., marketing emails)
• Withdraw Consent: Revoke consent at any time (e.g., location permissions, health data sync)

To exercise these rights: Go to Settings → Privacy → Request My Data

We will respond within 30 days as required by GDPR.

CCPA Rights (California)

If you are a California resident, you have the right to:

• Know: What personal information we collect, use, and share
• Delete: Request deletion of your personal data
• Opt-Out: We do not sell your data, so no opt-out is required
• Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise these rights: Use the same process as GDPR (above).

Other Regions

Regardless of your location, you can always:

• Access and update your profile in Settings → Account
• Delete your account in Settings → Privacy → Delete Account
• Export your data in Settings → Privacy → Download My Data
• Manage notification preferences in Settings → Notifications
• Disconnect health app integrations in Settings → Integrations

6. Security Measures

We implement industry-standard security practices to protect your data:

Encryption

• In Transit: All data encrypted using TLS 1.3 (HTTPS)
• At Rest: Database encryption via Supabase (AES-256)
• Passwords: Bcrypt hashing with salt (never stored in plaintext)
• Sensitive Data: OAuth tokens stored in device-secure storage (iOS Keychain, Android Keystore)
• Health Data: Additional encryption layer for Apple Health and Google Fit data

Access Controls

• Authentication: Email/password, Apple Sign-In, Google Sign-In
• Multi-Factor Authentication (MFA): Available via TOTP (Time-based One-Time Password)
• Session Management: 30-minute inactivity timeout
• Row-Level Security (RLS): Database policies ensure users can only access their own data
• Logout All Devices: Available in security settings

Infrastructure

• Certificate Pinning: Prevents man-in-the-middle attacks
• Rate Limiting: Protects against brute-force attacks (via Supabase)
• Audit Logging: Tracks sensitive operations (account deletion, data exports, password changes, MFA setup)

Incident Response

• We monitor for security breaches 24/7
• If a breach occurs, we will notify affected users within 72 hours (GDPR requirement)

Contact: security@shelfie.food

7. Children's Privacy

Shelfie is not intended for children under 13 (or 16 in the EU).

• We do not knowingly collect data from children
• If we discover a child's account, we will delete it immediately
• Parents: If you believe your child has created an account, contact privacy@shelfie.food

8. International Data Transfers

Shelfie is based in the United States. Your data may be transferred to and processed in:

• United States (Supabase, Firebase, RevenueCat, PostHog)
• European Union (if using Supabase EU region)

We use Standard Contractual Clauses (SCCs) to ensure GDPR compliance for EU data transfers.

9. Cookies & Tracking

Mobile App (Primary Use Case)

The Shelfie mobile app does not use cookies. We use:

• Local Storage: For offline caching (Hive database)
• Analytics SDKs: Firebase Analytics, PostHog (anonymized events)
• Device IDs: For crash reporting and personalization (you can reset in device settings)

Website (if applicable)

If you visit shelfie.food, we may use:

• Essential Cookies: For login sessions and security
• Analytics Cookies: Google Analytics (anonymized IP addresses)
• Marketing Cookies: Only if you opt in

You can control cookies in your browser settings.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted with a new "Last Updated" date at the top.

Significant changes will be notified via:

• In-app notification
• Email to registered users
• Prominent banner on the app homepage

Your continued use of Shelfie after changes indicates acceptance of the updated policy.

11. Contact Us

Data Protection Officer (DPO): dpo@shelfie.food

General Privacy Questions: privacy@shelfie.food

Security Concerns: security@shelfie.food

Mailing Address:

Shelfie Inc.
[Your Company Address]
[City, State, ZIP]
United States

12. Additional Information for EU/EEA Users

Legal Basis for Processing (GDPR Article 6):

• Contractual Necessity: To provide the Service you signed up for
• Legitimate Interest: To improve the app, prevent fraud, and ensure security
• Consent: For optional features like location services, marketing emails, health data sync

Data Controller: Shelfie Inc. (contact details above)

Supervisory Authority: You have the right to lodge a complaint with your local data protection authority if you believe we have violated GDPR.