Privacy Policy
ok2eat ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use the ok2eat mobile application or website.
1. Information we collect
- Account information: your email address (and a hashed password if using email login), or an Apple Sign In identifier.
- Fridge data: items you add, including product names, categories, quantities, expiry dates, and barcodes you scan.
- Receipt data: photographs of grocery receipts you upload for AI parsing. Photographs are processed and discarded; only the parsed item data is retained.
- Usage data: anonymized analytics about feature usage and crash diagnostics.
2. Information we do NOT collect or sell
- We do not collect your precise location.
- We do not sell, rent, or trade your personal information to third parties.
- We do not display advertisements or share your data with advertisers.
- We do not access your contacts, photos (beyond receipts you explicitly upload), or other apps.
3. How we use your information
- To provide ok2eat's core functionality: tracking your fridge, sending expiry alerts, and generating recipe suggestions.
- To send the daily digest by push notification or email if you've opted in.
- To authenticate your account and keep your fridge data private to you.
- To diagnose bugs and improve product quality.
4. Subprocessors
To deliver ok2eat, we rely on the following third-party providers. Each has its own privacy policy.
- Supabase — database and authentication (US)
- Anthropic — AI vision for receipt parsing and recipe generation (US)
- Resend — daily email digest delivery (US)
- Apple Push Notification Service — push notifications
- PostHog — anonymized product analytics (US)
- Netlify — website hosting (US)
- Open Food Facts — open-source product database queried when you scan a barcode (EU)
5. Data storage and security
Your data is stored using Supabase, a SOC 2 Type II compliant cloud database. Passwords are hashed using industry-standard algorithms. Your fridge data is protected by Row-Level Security — only you can read or modify your own items. Connections to our servers are encrypted using TLS 1.2 or higher.
6. Data retention
Account and fridge data are retained for as long as your account is active. If you delete your account, we permanently delete your data within 30 days. Anonymized analytics may be retained longer in aggregate form but cannot be tied back to you.
7. Your rights
You have the right to:
- Access the personal information we hold about you.
- Correct inaccurate or incomplete information (most data is editable directly in the app).
- Delete your account and associated data.
- Receive your data in a portable format.
- Withdraw consent for optional processing (such as the email digest).
- Object to or restrict certain types of processing.
To exercise any of these rights, email privacy@ok2eat.com. We will respond within 30 days.
8. California residents (CCPA)
If you reside in California, you have additional rights under the California Consumer Privacy Act, including the right to know what categories of personal information we collect and how we use them, and the right to opt out of the sale of personal information. We do not sell personal information.
9. EU/UK residents (GDPR)
If you reside in the EU or UK, our legal basis for processing your information is your consent (provided when you create an account) and our legitimate interest in providing and improving the service. Your data may be transferred to and stored in the United States; we use Standard Contractual Clauses where required.
10. Children's privacy
ok2eat is not directed to children under the age of 13 (or under 16 in the EU). We do not knowingly collect personal information from children. If you believe a child has provided us with information, please contact us and we will delete it.
11. Changes to this policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent change. Material changes will be communicated via email or in-app notice.
12. Contact
For privacy questions or to exercise any of the rights described above, email privacy@ok2eat.com. For security disclosures, see our security.txt.