🥬 FridgeFuel

Last updated: May 4, 2025 • Version 1.0

FridgeFuel is committed to protecting your personal health information. This Privacy Policy explains how we collect, use, and protect your data.

1. What Data We Collect

• Account data: Email address, hashed password (bcrypt), authentication tokens
• Health & fitness data: Steps, active calories, heart rate, body weight, sleep hours (read from Apple HealthKit with your permission)
• Nutrition data: Meal logs, macro entries, recipe history you create
• App usage data: Anonymised feature usage, crash reports (no PII in analytics)
• Device info: iOS version, device model (for crash reporting only)
• Subscription data: Subscription status via RevenueCat (no payment card data stored by us)

2. How We Use Your Data

• To generate personalised AI recipe suggestions from your fridge ingredients
• To personalise nutrition recommendations using your health metrics
• To track your meal history and macro goals
• To authenticate your account securely
• To validate your subscription status server-side

3. Data Storage & Security

• All data is encrypted in transit using TLS 1.3
• Data at rest is encrypted using AES-256 on Supabase (hosted on AWS)
• Passwords are never stored — only bcrypt hashes
• Auth tokens are stored in the iOS Secure Keychain, never in plain text
• Health data is processed on-device and only transmitted to our servers with your explicit permission

4. Third-Party Services

• Supabase (database & auth) — supabase.com/privacy
• Anthropic Claude (AI recipe generation) — anthropic.com/privacy
• RevenueCat (subscription management) — revenuecat.com/privacy
• Apple HealthKit — governed by Apple's Privacy Policy
• Oura Ring API — governed by Oura's Privacy Policy

We do not sell, rent, or share your personal data with advertisers or data brokers.

5. Your Rights (GDPR & CCPA)

• Access: Request a copy of all data we hold about you
• Correction: Update inaccurate personal information
• Deletion: Request complete deletion of your account and all associated data
• Portability: Export your data in a machine-readable format
• Opt-out: Opt out of any non-essential data processing at any time

To exercise these rights, contact us at privacy@fridgefuel.app

6. Data Retention

• Account data: retained while your account is active, deleted within 30 days of account deletion
• Meal logs & recipe history: retained while your account is active
• Anonymised analytics: retained for up to 24 months
• Crash reports: retained for 90 days

7. Children's Privacy (COPPA)

FridgeFuel is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us immediately.

8. Cookies & Tracking

The FridgeFuel iOS app does not use cookies. We do not use cross-app tracking, advertising identifiers, or behavioural tracking of any kind. Crash reporting is configured to exclude all PII.

9. Changes to This Policy

We will notify you of material changes to this Privacy Policy via in-app notification. Continued use after notice constitutes acceptance of the updated policy.

10. Contact

For privacy questions or data requests: privacy@fridgefuel.app