Privacy Policy – Ingredients2Meals

Ingredients2Meals ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and safeguard your personal information when you use the Ingredients2Meals mobile application (the "App").

1. Information We Collect

a. Personal Information

• Email address, name, and profile picture
• Display name and uploaded profile photo (if provided)
• Subscription status and account ID

b. Biometric Data

• Face ID / Touch ID used solely for on‑device authentication. Biometric templates remain in the device's Secure Enclave and never leave your device or sync to iCloud.

c. Usage Data

• Recipes generated, saved, and favorited
• Ingredient photos, cooking history, barcode scans
• Voice commands (processed in real time; not stored)

d. Device Information

• Device model, OS version, app version
• Device‑specific identifier

e. Data We Do Not Collect

• Precise or coarse location data
• Contacts or calendar data
• Persistent voice recordings

f. Cookies & Similar Technologies

The App does not use web cookies. Limited first‑party analytics relies on the device identifier.

2. How We Use Your Information

We use your information to:

• Generate personalized recipes and cooking guidance
• Analyze ingredient photos to detect food items
• Manage pantry/kitchen inventory
• Enable barcode scanning for product information
• Provide voice‑based cooking assistance
• Improve App performance and user experience
• Authenticate and manage user accounts
• Administer subscriptions and billing

3. How Data Is Stored and Processed

a. On Your Device (Local)

• Cached recipe data and settings
• Biometric authentication data (Secure Enclave)
• Temporary photo and video files

b. In the Cloud

• User account details, recipe data, and pantry info
• Saved preferences and history
• Crash logs and performance analytics

c. Third‑Party Processors (all GDPR/CCPA & Apple‑compliant)

• Google Gemini AI – recipe generation & food recognition
• Google Vision API – image safety checks
• Firebase – secure authentication & data storage
• Firebase Crashlytics – crash logs (device model, OS version, anonymized instance ID)
• Google Cloud Text‑to‑Speech – voice instructions
• OpenFoodFacts API – barcode product data
• Apple – subscription billing & account recovery

No third‑party service is permitted to use your data for advertising or cross‑app tracking.

4. Data Sharing

We do not sell or rent your personal information. We only share data with:

• Service providers listed above, strictly to operate core App features
• Apple and Google services as required for functionality

We do not share data for marketing or advertising purposes.

5. Data Protection Measures

• End‑to‑end encryption (TLS) during data transfer
• Firebase App Check & robust user authentication
• Biometric locks for sensitive features
• Server‑side input validation & rate limiting
• Secure, monitored backend infrastructure

6. User Rights

You may:

• Access your profile data and preferences
• Export saved recipes and pantry data
• Delete individual items or your entire account
• Cancel your subscription at any time via Apple App Store settings
• Contact us for assistance at support@ingredients2meals.com

When you delete your account, all personal data is permanently erased immediately.

7. Data Retention

• Data is retained while your account is active
• Upon account deletion, all data is erased within immediately
• Anonymized usage statistics may be retained to improve features
• Subscription transaction data may be retained as required by Apple

8. Children's Privacy

Ingredients2Meals is not directed to children under 13. We do not knowingly collect personal data from anyone under 13. If we learn that we have inadvertently collected such information, we will delete it promptly. Parents or guardians who believe that their child has provided us with personal information may contact us at support@ingredients2meals.com.

9. Cookies & Tracking

The App does not use advertising identifiers (IDFA) nor third‑party tracking SDKs. We rely solely on the device identifier for vendors (IDFV) for essential analytics and crash reporting. No data is shared for advertising or cross‑site tracking.

10. Legal Compliance

We comply with:

• Apple App Store Privacy Requirements
• GDPR (for EU users)
• CCPA (for California residents)
• Children's Online Privacy Protection Act (COPPA)