Privacy Policy
Version 1.0 — Effective May 28, 2026
This Privacy Policy explains how we collect, use, and protect your information when you use Eatrica. We believe in being straightforward about our data practices.
1. Who We Are
Eatrica is operated by Andrii Semenov. If you have any questions about this policy or your data, you can reach us at support@eatrica.app.
2. What Data We Collect
We collect only the data necessary to provide you with a working recipe experience.
Anonymous Account (created automatically on first launch):
- An anonymous user identifier — created on your device so we can store your preferences and scan history without requiring you to sign in
Account Information (collected only when you save your progress with Sign in with Apple):
- Name — taken from your Apple ID and/or entered during onboarding; used to personalize your experience
- Email address — provided by Sign in with Apple. This may be your real email or an Apple “private relay” address that forwards to you. We use it solely for essential service communications and never for marketing.
- An opaque Apple user identifier — a stable, anonymous string from Apple that lets us associate your saved data with your account on future sign-ins
We do not store passwords. Sign-in is handled end-to-end by Apple's Sign in with Apple flow, so we never see or store any password.
Cooking Preferences (provided by you during onboarding or in settings):
- Dietary restrictions (e.g., vegetarian, vegan, halal, kosher)
- Allergens to avoid (e.g., peanuts, gluten, shellfish)
- Cuisine preferences, cooking skill level, spice tolerance, time budget, and disliked ingredients
Scan Data (generated when you take a photo of ingredients):
- Photos you capture with the in-app camera (Eatrica does not access your photo library; only the live camera is used)
- The list of ingredients the AI detects in each photo, and any edits you make to that list
- The recipe suggestions generated for each scan, the model used, and the cost of the request (for our own operational analytics)
- Timestamps of when each scan was created and completed
Voice Input (only when you tap the “Tap to speak” prompt on the disliked-ingredients screen):
- Speech is captured by your device's microphone and converted to text by Apple's built-in Speech framework. Audio is not recorded or stored by us. iOS may stream short snippets to Apple's servers for recognition; that processing is governed by Apple's privacy policy.
- Only the recognized text is passed back into the App. We extract ingredient names from it and store only those names on your “disliked ingredients” list — the same data you would have entered by tapping chips.
- Voice input is entirely optional. You can type or tap chips instead, and you can deny the microphone and speech permissions without losing any other feature.
Subscription Information:
- Your subscription tier (free or Eatrica Plus) and its status, managed through RevenueCat and Apple
On-Device Storage:
- Authentication tokens (for keeping you signed in) are stored securely on your device
- Onboarding state is stored on your device only and is not transmitted to our servers
Data We Do NOT Collect:
- Location data or contacts
- Voice recordings (the microphone is used only for live speech-to-text and the audio is not retained anywhere by us)
- Device advertising identifiers (IDFA) — we do not participate in ad tracking or use the App Tracking Transparency framework
- Usage analytics or behavioral tracking data
- We do not use cookies or serve ads of any kind
3. How We Use Your Data
We use your data for the following purposes only:
- Providing the service: sending your photo to OpenAI to detect ingredients, sending the ingredient list and your cooking preferences to OpenAI to generate recipe suggestions, converting your speech to text (via Apple's Speech framework) when you choose to dictate disliked ingredients, and storing your scan history so you can revisit past results
- Account management: authenticating Sign in with Apple sessions and managing your subscription state
- Service communications: sending essential, non-marketing emails related to your account when necessary
- Operating the service: fixing bugs, maintaining server performance, and tracking aggregate AI usage costs at the per-scan level
We do not use your data for advertising, behavioral profiling, or selling to third parties.
4. How Photos and Recipes Are Processed
Eatrica's core experience is powered by OpenAI's GPT-4o family of models. There are two AI calls per scan:
- Ingredient detection. The photo you capture is sent over an encrypted HTTPS connection to OpenAI's API. The vision model returns a list of ingredient names it can identify in the image.
- Recipe generation. The reviewed ingredient list is sent to OpenAI together with the cooking preferences you set during onboarding (dietary restrictions, allergens, disliked ingredients, cuisine preferences, spice tolerance, household size, cooking skill, and time budget). The model returns three recipe suggestions.
Important facts about how this works:
- Per OpenAI's API data policy, content submitted via the API is not used to train OpenAI's models.
- OpenAI retains API request data for up to 30 days for abuse-monitoring purposes only, after which it is deleted from OpenAI's systems.
- We do not store the raw photo on our servers after the scan is processed. We retain only the detected ingredient list, any edits you made to it, and the generated recipes — this is what powers your scan history inside the App.
- We do not send your name, email address, password, or account ID to OpenAI. Requests are not personally identifiable on OpenAI's side.
- You can delete any individual scan, or your entire account, from within the App at any time.
5. Camera, Microphone, and Speech Permissions
Camera. Eatrica requests access to your device camera so you can take a photo of your fridge or pantry. This permission is optional and is only requested the first time you initiate a scan. The camera is only activated while you are on the scan screen — we never access the camera in the background, and Eatrica does not request or access your photo library at all. Apple requires apps to declare every privacy-sensitive API a linked library references, so the App's Info.plist contains a “Photo Library” purpose string for that reason, but the App itself never reads from or writes to your photo library.
Microphone and Speech Recognition. Eatrica requests access to your microphone and to iOS Speech Recognition only when you tap the “Tap to speak” prompt on the disliked-ingredients screen. We use these permissions exclusively to transcribe what you say into text so that ingredient names can be picked out of it. We do not record audio. iOS may stream short audio snippets to Apple's servers for speech recognition; that processing is governed by Apple's privacy policy. The microphone is never accessed in the background or outside that single prompt.
If you deny any of these permissions, you can still use Eatrica. You will simply tap the chips manually instead of dictating, and (for camera) you will not be able to start new scans until you enable the camera in your iOS Settings.
6. Legal Basis for Processing (GDPR)
If you are in the EU/EEA, we process your data under the following legal bases:
- Contract performance (Art. 6(1)(b) GDPR): account data, preferences, scan data, and subscription data — necessary to provide the service you signed up for
- Legitimate interest (Art. 6(1)(f) GDPR): service communications, bug fixes, and server performance maintenance — necessary for the operation and improvement of the service
- Consent (Art. 6(1)(a) GDPR): camera, microphone, and speech-recognition access — you may withdraw this consent at any time in your device settings
7. Third Parties & Sub-Processors
We work with a limited number of third parties to operate the App. We do not sell, rent, or trade your personal data to anyone.
- OpenAI — we use OpenAI's GPT-4o family of models for two things: (1) detecting ingredients in the photo you capture, and (2) generating the three recipe suggestions. The photo is sent to OpenAI for ingredient detection. The detected ingredient list is then sent to OpenAI together with your cooking preferences to generate recipes tailored to you. We do not send your name, email, password, or any direct identifier to OpenAI; requests are not linked to your account on OpenAI's side. OpenAI does not use API data to train its models, and retains API data for up to 30 days for abuse monitoring only.
- RevenueCat — manages in-app subscription state and entitlements. RevenueCat receives a pseudonymous user identifier and subscription event data from Apple. RevenueCat does not receive your scan photos, ingredients, name, email, or preferences.
- Apple — processes all payments for subscriptions via In-App Purchase, and handles the Sign in with Apple flow used for saving your account. We do not receive or store your payment card details, and we never receive or store your Apple ID password. Apple's privacy policy governs any data Apple collects through the App Store, In-App Purchase, and Sign in with Apple.
- Railway — US-based cloud infrastructure provider that hosts our backend servers, PostgreSQL database, and Redis cache in their EU (Western Europe) region. Railway is contractually bound to protect your data and acts only as a data processor under our instructions.
Each sub-processor is bound by data processing agreements that require them to protect your data in accordance with applicable law.
8. Data Security
We take the security of your data seriously:
- Authentication is delegated end-to-end to Apple's Sign in with Apple flow, so we never store or process passwords
- All data is encrypted in transit using HTTPS/TLS
- Database access is restricted and protected by authentication
- User accounts are isolated: you can only access your own data
- Authentication sessions expire automatically (access tokens after 15 minutes, refresh tokens after 30 days) and are rotated on each renewal
- Temporary server-side caches are used for performance and expire automatically; cached data is not used for any secondary purpose
No system is perfectly secure. If we discover a data breach that affects your personal information, we will notify you and applicable regulatory authorities as required by law.
9. Data Retention
Active accounts: your data is retained for as long as your account is active.
Scan history: retained while your account is active. We may periodically clean up older scans, failed scans, or scans no longer needed to operate the service, but the most recent scans remain available to you in the app.
Deleted accounts: when you delete your account through the App, all associated data (account information, preferences, scan history, and session data) is marked as deleted immediately and permanently purged from our systems within 30 days.
Cached data: temporary caches expire automatically within hours and are not retained beyond their operational purpose.
10. International Data Transfers
Our servers are located in Western Europe (EU). Your data is stored and processed within the EU.
Some of our sub-processors (OpenAI, RevenueCat, Apple, and Railway as a company) are based in the United States. Where data is transferred outside the EU/EEA, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, together with each provider's own supplementary safeguards, to ensure your data is protected to EU standards.
11. Your Rights
Regardless of where you live, you have control over your data:
- Correction: edit your preferences and profile information directly in the App
- Deletion: delete individual scans, or your entire account and all associated data, from within the App
EU/EEA residents (GDPR): you additionally have the right to request access to your data, rectification, erasure, restriction of processing, data portability, and withdrawal of consent. You also have the right to lodge a complaint with your local data protection supervisory authority.
California residents (CCPA/CPRA): you have the right to know what data we collect, request deletion, and opt out of data sales. We do not sell or share your personal information as defined by the CCPA. You may also use an authorized agent to submit requests on your behalf.
To exercise any rights, contact us at support@eatrica.app. We will respond within 30 days.
12. Children's Privacy
Eatrica is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children under 16. If we learn we have collected data from a child under 16, we will delete it promptly.
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we make changes, we will update the version number and effective date, and notify you through the App or via email for significant changes. Your continued use of Eatrica after changes are posted constitutes acceptance.
14. Contact Us
If you have questions about this Privacy Policy or your personal data, please contact us at support@eatrica.app.