Privacy Policy — Eating Manager
Effective date: 30 June 2026
Eating Manager (“the app”, “we”, “us”) is a smart pantry and recipe assistant. This policy explains what we collect, why, who processes it, and the choices you have. We collect the minimum needed to run the app, we do not sell your data, and we do not use it for advertising or cross-app tracking.
1. Information we collect
Account information. When you create an account we store your email address and a securely hashed password. Authentication is handled by our provider, Supabase; we never store your password in plain text.
Your pantry and preferences. The food items you add, their status and expiry dates, your dietary requirements, preferred cuisines, temperature-unit choice, and any recipe feedback you give. This is the data that makes the app work for you, and it is tied to your account.
Photos you scan. If you use the camera/receipt scan feature, the image is sent to our server and on to an AI vision provider only to recognise the food in it. The image is processed in memory and discarded immediately after recognition — it is not saved to our database or storage.
Usage counters. We keep simple counts of how many scans you’ve run in the current billing period, to enforce fair-use limits.
Technical data. Like any internet service, our server and our network provider (Cloudflare) process basic request data such as IP address and timestamps to operate the service and prevent abuse. We do not use third-party analytics or advertising SDKs.
We do not collect contacts, precise location, health data, or your device’s advertising identifier.
2. How we use your information
- To provide the core features: your pantry, recipe matching, scanning, and saved preferences.
- To recognise food in photos you choose to scan.
- To enforce usage limits and protect the service from abuse.
- To respond to you if you contact us for support.
We process this data because it is necessary to provide the service you asked for, and to keep the service secure.
3. Who processes your data (service providers)
We share data only with the infrastructure providers needed to run the app, and only for that purpose:
| Provider | Purpose | What it processes |
|---|---|---|
| Supabase | Database, authentication, hosting | Your account, pantry, and preferences |
| Oracle Cloud | Hosts our application server | Requests in transit |
| Cloudflare | Network security + content delivery | Request metadata (e.g. IP) |
| OpenRouter (and the AI model it routes to) | Food recognition and recipe text assistance | Scan images and recipe text, transiently — not stored by us |
| Pexels | Stock photos for recipes | A dish name only (no personal data) |
These providers act on our behalf under their own privacy and security terms. We do not sell or rent your personal information to anyone.
4. Data retention and deletion
We keep your account data for as long as your account exists. You can delete your account at any time from within the app (Settings → Delete account). Deleting your account permanently removes your profile, pantry items, preferences, saved feedback, and usage counters. This action cannot be undone. Scan photos are not retained at all (see section 1).
5. Security
Connections between the app and our servers use HTTPS encryption. Your data in the database is protected by per-user access controls (row-level security), so one user cannot read another user’s data. Privileged keys live only on our server, never in the app. No system is perfectly secure, but we take reasonable measures to protect your information.
6. Children
Eating Manager is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us information, contact us and we will delete it.
7. Your rights
- Access the data in your account directly in the app.
- Correct your preferences and pantry at any time.
- Delete your account and all associated data from Settings.
8. International data transfers
Your account data is stored in our database (Supabase), hosted in Australia. Our application server (Oracle Cloud) is hosted in Singapore, and some other service providers listed above may process data in other countries. Wherever your data is processed, we handle it to Australian privacy standards and this policy, alongside each provider’s own safeguards.
9. Changes to this policy
We may update this policy as the app evolves. We will revise the “Effective date” above and, for material changes, make a reasonable effort to notify you.
10. Contact
Questions about this policy or your data:
Email: [email protected]