Privacy Policy

1. Who We Are

Eatrica is operated by Andrii Semenov. If you have any questions about this policy or your data, you can reach us at support@eatrica.app.

2. What Data We Collect

We collect only the data necessary to provide you with a working recipe experience.

Anonymous Account (created automatically on first launch):

• An anonymous user identifier — created on your device so we can store your preferences and scan history without requiring you to sign up

Account Information (provided by you when you create a full account):

• Name — to personalize your experience
• Email address — for login, account recovery, and important service communications
• Password — stored only as a secure bcrypt hash; we never store or can read your actual password

Cooking Preferences (provided by you during onboarding or in settings):

• Dietary restrictions (e.g., vegetarian, vegan, halal, kosher)
• Allergens to avoid (e.g., peanuts, gluten, shellfish)
• Cuisine preferences, cooking skill level, spice tolerance, time budget, and disliked ingredients

Scan Data (generated when you take a photo of ingredients):

• Photos you capture with the in-app camera (Eatrica does not access your photo library; only the live camera is used)
• The list of ingredients the AI detects in each photo, and any edits you make to that list
• The recipe suggestions generated for each scan, the model used, and the cost of the request (for our own operational analytics)
• Timestamps of when each scan was created and completed

Subscription Information:

• Your subscription tier (free or Eatrica Plus) and its status, managed through RevenueCat and Apple

On-Device Storage:

• Authentication tokens (for keeping you logged in) are stored securely on your device
• Theme preference and onboarding state are stored on your device only and are not transmitted to our servers

Data We Do NOT Collect:

• Location data, contacts, or microphone access
• Device advertising identifiers (IDFA) — we do not participate in ad tracking or use the App Tracking Transparency framework
• Usage analytics or behavioral tracking data
• We do not use cookies or serve ads of any kind

3. How We Use Your Data

We use your data for the following purposes only:

• Providing the service: sending your photo to OpenAI to detect ingredients, sending the ingredient list and your cooking preferences to OpenAI to generate recipe suggestions, and storing your scan history so you can revisit past results
• Account management: authenticating your login, processing password changes and resets, and managing your subscription state
• Service communications: sending essential emails related to your account (currently limited to password reset codes)
• Operating the service: fixing bugs, maintaining server performance, and tracking aggregate AI usage costs at the per-scan level (we store the model name and the cost in cents per scan, but never link cost data back to any third party for advertising)

We do not use your data for advertising, behavioral profiling, or selling to third parties.

4. How Photos and Recipes Are Processed

Eatrica's core experience is powered by OpenAI's GPT-4o family of models. There are two AI calls per scan:

1. Ingredient detection. The photo you capture is sent over an encrypted HTTPS connection to OpenAI's API. The vision model returns a list of ingredient names it can identify in the image.
2. Recipe generation. The reviewed ingredient list is sent to OpenAI together with the cooking preferences you set during onboarding (dietary restrictions, allergens, disliked ingredients, cuisine preferences, spice tolerance, household size, cooking skill, and time budget). The model returns three recipe suggestions.

Important facts about how this works:

• Per OpenAI's API data policy, content submitted via the API is not used to train OpenAI's models.
• OpenAI retains API request data for up to 30 days for abuse-monitoring purposes only, after which it is deleted from OpenAI's systems.
• We do not store the raw photo on our servers after the scan is processed. We retain only the detected ingredient list, any edits you made to it, and the generated recipes — this is what powers your scan history inside the App.
• We do not send your name, email address, password, or account ID to OpenAI. Requests are not personally identifiable on OpenAI's side.
• You can delete any individual scan, or your entire account, from within the App at any time.

5. Camera Permission

Eatrica requests access to your device camera so you can take a photo of your fridge or pantry. This permission is optional and is only requested the first time you initiate a scan. The camera is only activated while you are on the scan screen — we never access the camera in the background, and Eatrica does not request or access your photo library at all.

If you deny the camera permission, you can still use Eatrica's other features (recipe history, profile, settings), but you will not be able to start new scans until you enable the camera in your iOS Settings.

6. Legal Basis for Processing (GDPR)

If you are in the EU/EEA, we process your data under the following legal bases:

• Contract performance (Art. 6(1)(b) GDPR): account data, preferences, scan data, and subscription data — necessary to provide the service you signed up for
• Legitimate interest (Art. 6(1)(f) GDPR): service communications, bug fixes, and server performance maintenance — necessary for the operation and improvement of the service
• Consent (Art. 6(1)(a) GDPR): camera and photo library access — you may withdraw this consent at any time in your device settings

7. Third Parties & Sub-Processors

We work with a limited number of third parties to operate the App. We do not sell, rent, or trade your personal data to anyone.

• OpenAI — we use OpenAI's GPT-4o family of models for two things: (1) detecting ingredients in the photo you capture, and (2) generating the three recipe suggestions. The photo is sent to OpenAI for ingredient detection. The detected ingredient list is then sent to OpenAI together with your cooking preferences (dietary restrictions, allergens, disliked ingredients, cuisine preferences, spice tolerance, household size, cooking skill, and time budget) to generate recipes tailored to you. We do not send your name, email, password, or any direct identifier to OpenAI; requests are not linked to your account on OpenAI's side. OpenAI does not use API data to train its models, and retains API data for up to 30 days for abuse monitoring only.
• RevenueCat — manages in-app subscription state and entitlements. RevenueCat receives a pseudonymous user identifier and subscription event data from Apple. RevenueCat does not receive your scan photos, ingredients, name, email, or preferences.
• Apple — processes all payments for subscriptions via In-App Purchase. We do not receive or store your payment card details. Apple's privacy policy governs any data Apple collects through the App Store and In-App Purchase.
• Resend — transactional email provider used solely to deliver password reset emails. Resend receives only your email address and the reset code for that specific email. No scan data, photos, or preferences are sent to Resend.
• Railway — US-based cloud infrastructure provider that hosts our backend servers, PostgreSQL database, and Redis cache in their EU (Western Europe) region. Railway is contractually bound to protect your data and acts only as a data processor under our instructions.

Each sub-processor is bound by data processing agreements that require them to protect your data in accordance with applicable law.

8. Data Security

We take the security of your data seriously:

• Passwords are hashed using bcrypt before storage
• All data is encrypted in transit using HTTPS/TLS
• Database access is restricted and protected by authentication
• User accounts are isolated: you can only access your own data
• Authentication sessions expire automatically (access tokens after 15 minutes, refresh tokens after 30 days) and are rotated on each renewal
• Temporary server-side caches are used for performance and expire automatically; cached data is not used for any secondary purpose

No system is perfectly secure. If we discover a data breach that affects your personal information, we will notify you and applicable regulatory authorities as required by law.

9. Data Retention

• Active accounts: your data is retained for as long as your account is active.
• Scan history: retained for the lifetime of your active account, or until you delete individual scans.
• Deleted accounts: when you delete your account through the App, all associated data (account information, preferences, scan history, and session data) is marked as deleted immediately and permanently purged from our systems within 30 days.
• Cached data: temporary caches expire automatically within hours and are not retained beyond their operational purpose.

10. International Data Transfers

Our servers are located in Western Europe (EU). Your data is stored and processed within the EU.

Some of our sub-processors (OpenAI, RevenueCat, Resend, and Railway as a company) are based in the United States. Where data is transferred outside the EU/EEA, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, together with each provider's own supplementary safeguards, to ensure your data is protected to EU standards.

11. Your Rights

Regardless of where you live, you have control over your data:

• Correction: edit your preferences and profile information directly in the App
• Deletion: delete individual scans, or your entire account and all associated data, from within the App

EU/EEA residents (GDPR): you additionally have the right to request access to your data, rectification, erasure, restriction of processing, data portability, and withdrawal of consent. You also have the right to lodge a complaint with your local data protection supervisory authority.

California residents (CCPA/CPRA): you have the right to know what data we collect, request deletion, and opt out of data sales. We do not sell or share your personal information as defined by the CCPA. You may also use an authorized agent to submit requests on your behalf.

To exercise any rights, contact us at support@eatrica.app. We will respond within 30 days.

12. Children's Privacy

Eatrica is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children under 16. If we learn we have collected data from a child under 16, we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the version number and effective date, and notify you through the App or via email for significant changes. Your continued use of Eatrica after changes are posted constitutes acceptance.

14. Contact Us

If you have questions about this Privacy Policy or your personal data, please contact us at support@eatrica.app.