Data controller and contact
Fridgea ("we", "our", or "us") is the data controller for the Fridgea mobile application. If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact us at: [email protected].
Categories of data we process
We process the following categories of data:
- Account and device identifiers: A persistent app user ID (UUID), device identifiers, and (where you consent) advertising identifier (IDFA).
- Usage and analytics: Screen views, event counts, and (if you grant Advanced analytics) item and list names and similar content you enter in the app.
- User-generated content: Fridge items (names, quantities, expiration dates, storage location), shopping lists and list items, notes, and recipe preferences.
- Subscription and payments: Subscription status and purchase information, managed through Apple’s App Store and our subscription provider (RevenueCat).
- Recipe AI: If you enable AI recipes, ingredient names and optional prompts are sent to our AI provider (Google/Firebase Gemini) to generate suggestions.
- Sharing and sync: Data shared via iCloud/CloudKit for Family Sharing and sync across your devices.
- Barcode scanning: When you use the in-app barcode scanner, the camera is used to read barcodes. The barcode (product code) is sent to Open Food Facts (openfoodfacts.org) to retrieve product information (e.g. name) so we can add the item to your fridge. We do not send any personal data to Open Food Facts.
- Marketing and attribution: If you consent to marketing, we use AppsFlyer for attribution and campaign measurement.
Purposes and legal basis
We process your data for the following purposes and legal bases:
- Providing the app (fridge, lists, sync, sharing): Performance of contract. Necessary to run the app.
- Usage analytics (basic): Consent. Device/usage metrics only; no names or personal content unless you also grant Advanced analytics.
- Advanced analytics (item/list names, etc.): Consent. Optional; you can turn this on or off in Manage Privacy.
- AI recipes (Gemini): Consent. Optional; ingredient data is sent only if you enable AI recipes in Manage Privacy.
- Marketing and attribution (AppsFlyer): Consent. Optional; we only use it if you enable Marketing in Manage Privacy.
- Subscriptions and payments: Performance of contract and legal obligation. Processed via Apple and our subscription provider.
- Notifications (expiration reminders): Consent and performance of contract. We only send them if you enable notifications.
- Support and compliance: Legitimate interest and legal obligation.
Recipients and processors
We use the following service providers (processors) that may process your data:
- Apple: App Store (subscriptions), CloudKit (sync and sharing), push notifications.
- Google / Firebase: Analytics (when you consent), Remote Config, and (when you consent to AI recipes) Gemini for recipe generation. Google acts as a sub-processor for AI.
- Open Food Facts: When you use barcode scanning, we send the scanned barcode to the Open Food Facts API to retrieve product information. Only the barcode is sent; no personal data.
- AppsFlyer: Attribution and marketing analytics only when you grant Marketing consent.
- RevenueCat: Subscription management and entitlement checks.
We do not sell your personal data. A list of sub-processors and data processing terms is available on request ([email protected]).
Consent and how to manage it
In certain regions (e.g. EEA and UK) we ask for your consent for:
- Usage analytics – basic app usage (no names)
- Advanced analytics – including item and list names in analytics
- AI recipes – sending ingredient data to Gemini for recipe suggestions
- Marketing – attribution and campaign measurement (e.g. AppsFlyer)
You can change these choices at any time in the app: Settings → Manage Privacy. If you have not yet completed the consent screen, you will see the Privacy Policy link in Settings until you do.
Retention
We retain your data for as long as you use the app and as needed to provide the service, comply with law, and resolve disputes. Analytics and attribution data are typically retained according to our processors’ policies (e.g. Firebase, AppsFlyer). You can delete all app data at any time via Settings → Delete all my data and request full erasure by contacting us.
Your rights (GDPR)
You have the right to:
- Access your personal data (Art. 15)
- Rectification of inaccurate data (Art. 16)
- Erasure (“right to be forgotten”) (Art. 17)
- Restriction of processing (Art. 18)
- Data portability (Art. 20)
- Object to processing (Art. 21)
- Withdraw consent at any time (Art. 7(3))
- Lodge a complaint with a supervisory authority
How to exercise your rights in the app:
- Export your data: Settings → Export my data. You will get a JSON file with your items and shopping lists.
- Delete all data: Settings → Delete all my data. This removes local and synced data and resets the app. For full account/identifier erasure, contact [email protected].
- Change consent: Settings → Manage Privacy (four toggles for Analytics, Advanced analytics, AI recipes, Marketing).
For any other request, contact us at [email protected]. We will respond within the timeframes required by applicable law.
International transfers
Your data may be processed in countries outside the European Economic Area (e.g. United States), including by our processors (Google, AppsFlyer, RevenueCat, Apple). We ensure appropriate safeguards, such as standard contractual clauses (SCCs) or adequacy decisions, where required by law.
App Tracking Transparency
We may request permission to track your activity across apps and websites for advertising purposes. This is optional; you can allow or deny it. Your choice does not affect core app functionality. You can change it later in your device settings.
Data security
We use appropriate technical and organizational measures to protect your data. Data in iCloud is encrypted in transit and at rest. No method of transmission or storage is 100% secure; we encourage you to use a strong device passcode and keep the app updated.
Contact
For privacy requests, questions, or complaints: [email protected]. We will respond as soon as possible.
This privacy policy is effective as of February 2026 and applies to the Fridgea mobile application. We may update it from time to time; the “Last updated” date at the top indicates the latest version.