Privacy Policy

Last updated: January 2026

1. Introduction

MealScribe ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application ("App") and related services. This policy complies with applicable data protection laws including the General Data Protection Regulation (GDPR) in the European Union, the California Consumer Privacy Act (CCPA) in the United States, the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada, and other applicable privacy regulations.

By using our App, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our App.

2. Data Controller

MealScribe is the data controller responsible for the processing of your personal data. For privacy-related inquiries, requests, or concerns, please contact us using the information provided in Section 15 of this policy.

3. Information We Collect

3.1 User Input Data

When you use AI-powered features in our App, we collect the following types of data that you submit:

  • Text Descriptions: Recipe prompts, dietary preferences, meal planning settings, and other text-based inputs
  • Uploaded Images: Photos of ingredients, recipes, or other meal-related content that you upload for AI processing
  • URLs: Links to recipes from websites, social media platforms (TikTok, Instagram, Facebook), and YouTube videos
  • Dietary Preferences: Your selected dietary preferences, restrictions, cuisine preferences, and cooking method preferences
  • Meal Planning Settings: Your meal planning configurations and scheduling preferences

3.1.1 Health-Related and Sensitive Personal Information

When you configure "Meal Settings > Restrictions & Exclusions" in the App, you may provide information that constitutes health-related or sensitive personal information under various privacy laws. This includes:

  • Food Allergies: Information about allergies to specific foods (e.g., peanuts, tree nuts, shellfish, eggs, dairy, wheat/gluten, soy, fish, sesame)
  • Medical Dietary Restrictions: Dietary requirements related to health conditions (e.g., celiac disease, diabetes-related restrictions, kidney disease dietary limitations, phenylketonuria/PKU)
  • Food Intolerances: Non-allergic adverse reactions to foods (e.g., lactose intolerance, fructose intolerance, histamine intolerance)
  • Religious or Ethical Dietary Restrictions: While not health-related, we treat religious dietary restrictions (e.g., kosher, halal) and ethical dietary choices (e.g., vegan, vegetarian) with the same level of care

Classification Under Privacy Laws:

  • GDPR (European Union): Allergy and medical dietary information may constitute "special category" data under Article 9 as it relates to health. We process this data based on your explicit consent when you configure these settings
  • CCPA/CPRA (California): Allergy and health-related dietary information constitutes "sensitive personal information" under the CPRA. You have the right to limit our use of this information (see Section 10.11)
  • PIPEDA (Canada): Health-related dietary information is considered sensitive and requires heightened consent protections. By configuring these settings, you provide meaningful consent to our collection and use of this information

Purpose Limitation: We collect and process health-related dietary information solely for the purpose of customizing AI-generated meal suggestions and filtering recipes to exclude ingredients you have identified as problematic. This information is:

  • NOT used for advertising, marketing, or profiling purposes
  • NOT sold or shared for monetary consideration
  • NOT used to make medical diagnoses or provide medical advice
  • NOT shared with insurance companies, employers, or data brokers
  • NOT used to infer other health conditions or characteristics

You may withdraw your consent to processing of health-related information at any time by removing your dietary restrictions in the App settings or by requesting data deletion as described in Section 10.2.

3.2 Backend Storage

We store job records in our database that include:

  • User identification (anonymous user IDs generated by RevenueCat)
  • Input data submitted for AI processing
  • AI processing results and outputs
  • AI usage metadata (timestamps, feature types, processing status)
  • Usage tracking metadata (job counts, period timestamps, usage limits, remaining counts, trial status)

Important: To protect your privacy and reduce storage requirements, sensitive content (including media_base64, content text, and titles) is redacted before being stored in our database. Full unredacted data is used only for AI processing to ensure quality results, and only redacted versions are retained in our database for auditing purposes.

Recipe Caching: To improve performance and reduce AI processing costs, we cache recipe extraction results. When you extract a recipe from a URL, the normalized URL and extracted recipe content may be stored in our cache. If another user requests the same recipe URL, they may receive the cached result. This caching:

  • Does NOT share your personal information with other users
  • Only caches the extracted recipe content (which is publicly available from the source URL)
  • Strips tracking parameters from URLs before caching to normalize results
  • Benefits you by providing instant results when a recipe has already been extracted

3.3 Logging Information

We collect basic request and response information for operational purposes, including:

  • Request timestamps and endpoints
  • Response status codes
  • Basic operational metadata necessary for service reliability and security

3.4 User Identification

We use an anonymous identification system:

  • Hashed User IDs: Users are identified through hashed (HMAC-SHA256) RevenueCat user IDs. The original RevenueCat user ID is hashed using HMAC-SHA256 with a secure pepper before storage, providing enhanced privacy and anonymization. The original user ID is never stored in our systems
  • No Personal Information: We do not collect or store personal identifying information such as names, email addresses, physical addresses, phone numbers, or other personally identifiable information

3.5 What We Do NOT Collect

We do not use third-party analytics, advertising trackers, or cookies. We do not track your browsing behavior outside of our App, and we do not sell your data to third parties.

3.6 Device Attestation (Security)

For security and fraud prevention purposes, we use Firebase App Check to verify that authentication requests come from legitimate app instances:

  • Purpose: Device attestation is used solely for security and anti-fraud purposes to prevent unauthorized access to our services
  • What It Verifies: Device attestation verifies the authenticity of the app instance and device integrity, not your personal identity
  • How It Works:
    • Android: Uses Google Play Integrity API to verify app authenticity and device integrity
    • iOS: Uses Apple App Attest to verify app authenticity and device integrity
  • Data Processing: Device attestation tokens are processed by Firebase and are not stored by us. These tokens are ephemeral and used only during the authentication process
  • No Personal Information: Device attestation does not collect or transmit personal identifying information. It only verifies that the app is legitimate and running on a genuine device
  • Required for Authentication: Device attestation is required for authentication to our backend services. Without a valid attestation token, authentication requests will be rejected
  • Third-Party Service: Device attestation is provided by Firebase (Google). Firebase processes the attestation according to their privacy policy, but no personal data is shared with Firebase beyond what is necessary for the attestation process

Privacy Impact: Device attestation is a security measure that does not collect personal information or track your behavior. It is similar to other security measures like SSL certificates that verify the authenticity of connections. The attestation process is transparent to you and does not require any action on your part.

3.7 Usage Tracking Data

We collect and store usage tracking metadata to manage subscription-based service limits:

  • Job Usage Counts: The number of AI-powered jobs (recipe generation, ingredient detection, etc.) you create within each subscription period
  • Period Timestamps: Start and end timestamps for your current usage period, calculated based on your subscription billing cycle
  • Usage Limits: The maximum number of jobs allowed per period, which varies by subscription tier
  • Remaining Usage: The number of jobs remaining in your current period
  • Trial Status: An indicator of whether you are in a trial period
  • Month Index: For yearly subscriptions, a month index (1-12) indicating which monthly period within the year

This usage data is calculated based on job creation timestamps within your subscription periods and is stored in our backend database, linked to your hashed user ID. Usage tracking is necessary to enforce subscription-based service limits and manage your subscription periods.

Note: Specific usage limits vary by subscription tier and are subject to change. Current usage information and limits are displayed in the App, and you can view your current usage at any time.

4. How We Use Your Information

We use the information we collect solely for the following purposes:

  • AI Processing: To process your requests through AI-powered features including recipe generation, recipe extraction, recipe remix, ingredient detection, meal planning, and recipe image generation
  • Service Provision: To provide, maintain, and improve our App's functionality and features
  • Trending and Discovery Features: To calculate aggregate statistics for our trending recipes feature, which shows popular recipes based on extraction counts across all users. This analysis uses only recipe metadata (extraction counts, timestamps) and does not identify individual users
  • Subscription Management: To manage your subscription through RevenueCat integration
  • Usage Tracking and Limits: To enforce subscription-based usage limits, manage subscription periods and billing cycles, provide usage transparency to users, and support subscription tier management
  • Operational Logging: To ensure service reliability, security, and operational monitoring
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes

5. Legal Basis for Processing (GDPR)

For users in the European Union, we process your personal data based on the following legal bases:

  • Consent: AI-powered features require your explicit consent before processing your data. You may withdraw your consent at any time through the App settings
  • Explicit Consent for Health Data (Article 9): Processing of health-related dietary information (allergies, medical dietary restrictions, food intolerances) requires your explicit consent under GDPR Article 9(2)(a). You provide this explicit consent when you voluntarily configure dietary restrictions and exclusions in the App's "Meal Settings > Restrictions & Exclusions" section. You may withdraw this consent at any time by removing your configured restrictions or requesting data deletion. Withdrawal of consent does not affect the lawfulness of processing performed before withdrawal
  • Contract Performance: Data processing is necessary to provide the subscribed service and fulfill our contractual obligations to you. Usage tracking is necessary for providing subscription services with usage limits and managing subscription periods
  • Legitimate Interest: Operational logging for service reliability, security, and fraud prevention serves our legitimate business interests

6. Information Sharing and Disclosure

6.1 Third-Party AI Service Providers

To provide AI-powered features, we share your submitted data (text, images, URLs, preferences) with the following third-party AI service providers:

  • OpenAI: We use OpenAI's GPT model for recipe generation, recipe extraction from URLs and images, and recipe remix functionality. For compliance purposes and to help prevent service abuse, we provide hashed user IDs to OpenAI as safety identifiers. These hashed identifiers cannot be reversed to identify individual users
  • Google Gemini: We use Google Gemini for recipe generation, recipe extraction, and recipe remix functionality
  • Google Imagen: We use Google Imagen for AI-powered recipe image generation

Health-Related Data Sharing: When you have configured dietary restrictions and exclusions (including allergy information), this health-related data is transmitted to our AI providers (OpenAI, Google) as part of recipe generation and filtering requests. This sharing is necessary to customize AI outputs to respect your dietary requirements. Our AI providers process this data solely to generate appropriate recipe suggestions and are contractually prohibited from using this data for other purposes. No health data is retained by AI providers beyond the immediate processing request.

These providers process your data in accordance with their own privacy policies and our data processing agreements. Data is transmitted securely and used solely for the purpose of providing the requested AI features.

6.2 RevenueCat Integration

We share anonymous user IDs with RevenueCat for subscription management purposes only. RevenueCat does not receive any other user data, content, or personal information from our App.

6.3 Firebase App Check

We use Firebase App Check (Google) for device attestation and security verification. Firebase processes device attestation tokens to verify app authenticity and device integrity. No personal information is shared with Firebase beyond what is necessary for the attestation process. Device attestation tokens are ephemeral and are not stored by Firebase or by us. For more information about Firebase's data practices, please review Firebase's privacy policy.

6.4 No Sale of Data

We do not sell, rent, or trade your personal information to third parties for marketing or advertising purposes. Your data is shared only as described in this section and solely for the purpose of providing our services.

6.5 Legal Requirements

We may disclose your information if required by law, court order, or governmental regulation, or if we believe disclosure is necessary to protect our rights, property, or safety, or that of our users or others.

6.6 Instacart Integration

When you use the Instacart shopping list feature, we share ingredient information (names, units, and quantities) with Instacart to generate your shopping list. This data is sent to Instacart's API, and you will be redirected to Instacart's platform to complete your order. Your use of Instacart is subject to Instacart's terms of service and privacy policy. We do not share any other personal information with Instacart beyond the ingredient data necessary to create the shopping list.

7. International Data Transfers

Your information may be transferred to and processed in countries outside your country of residence:

  • Server Location: Our backend services are hosted in the United States
  • Third-Party Providers: Data is transferred to US-based AI providers (OpenAI and Google) for processing
  • Safeguards: We ensure that all international data transfers comply with applicable data protection regulations, including:
  • - Standard Contractual Clauses (SCCs) for GDPR compliance
  • - Adequate safeguards as required by applicable privacy laws
  • - Compliance with cross-border data transfer requirements

8. Data Storage and Security

We implement comprehensive technical and organizational measures to protect your information:

  • Content Redaction: Sensitive content is redacted before database storage to minimize privacy risks while maintaining audit capabilities
  • Encryption: All data is transmitted over secure HTTPS connections using industry-standard encryption protocols
  • Device Attestation: Firebase App Check verifies app authenticity and device integrity to prevent unauthorized access
  • Token-Based Authentication: Secure JWT (JSON Web Token) authentication with encrypted refresh tokens stored securely on your device
  • Access Controls: Backend access is restricted to authorized personnel only, with strict authentication and authorization mechanisms
  • Security Monitoring: We regularly monitor our systems for security vulnerabilities and threats
  • Data Minimization: We collect and store only the minimum amount of data necessary to provide our services

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to maintaining industry-standard security practices.

9. Data Retention

We retain your information for the following periods:

  • Application Logs: Retained for 2 weeks for operational and security purposes
  • Database Job Backups: Available for 3 months for service recovery and auditing purposes
  • User Data: Retained until you request deletion or stop using the service. You can request deletion of your backend data at any time through the App, which will sanitize your user_id in all associated job records
  • Usage Tracking Data: Usage tracking data (job counts per subscription period) is retained indefinitely to prevent subscription abuse. This data is linked to a pseudonymous identifier and cannot identify you personally
  • Local Data: Stored on your device until you manually delete it or uninstall the App

When you request data deletion, personal data is immediately redacted. Anonymized analytics data, including anonymized usage analytics, may be retained indefinitely for business intelligence purposes, but it cannot be used to identify you.

After the retention period expires, we will securely delete or anonymize your data, except where we are required to retain it for legal or regulatory purposes.

10. Your Rights and Choices

Depending on your location, you have the following rights regarding your personal information:

10.1 Right to Access

You have the right to access and view your data through the App. You can view your current usage information and limits directly in the App. You can also request a copy of your personal data by contacting us at support@mealscribe.app.

10.2 Right to Deletion

You have the right to request deletion of your personal data. When you request deletion:

  • Personal data is redacted: All personal data including text inputs, URLs, uploaded images, generated content (recipes, images), error messages, and report descriptions are permanently removed
  • Usage tracking is retained: To prevent subscription abuse and fraud, we retain usage tracking data (job counts within subscription periods) linked to your pseudonymous user identifier. This is necessary for our legitimate business interest in preventing users from resetting their subscription usage limits. This data cannot be used to identify you personally
  • User identifier is retained: Your user ID (a one-way cryptographic hash that cannot be reversed to identify you) is retained solely for usage tracking purposes. Without access to our server-side secrets and your original RevenueCat ID, this hash cannot identify you
  • Analytics data is retained: Non-identifiable analytics data is retained for business intelligence, including AI token usage, processing costs, technical metadata (job types, AI providers, models used), and timestamps
  • Consent records: Consent records are soft-deleted (marked as deleted with a timestamp) for compliance documentation purposes

You can request deletion of your backend data through any of the following methods:

  • In the App: Request deletion directly through the App, which will process the deletion immediately
  • Website Form: Submit a deletion request via our Data Deletion Request page using your Anonymous User ID
  • Email: Contact us at support@mealscribe.app to request deletion

10.3 Right to Data Portability

You have the right to receive your data in a portable format. You can export your local app data through the App's data export feature. For backend data, please contact us at support@mealscribe.app.

10.4 Right to Withdraw Consent

You have the right to withdraw your consent for AI-powered features at any time through the App settings. Withdrawing consent will prevent future AI processing but will not affect data already processed.

10.5 Right to Restriction

You have the right to restrict data processing by choosing not to use AI-powered features. The App functions with local-only features without requiring AI processing.

10.6 Right to Object

You have the right to object to processing based on legitimate interests. You can exercise this right by contacting us at support@mealscribe.app.

10.7 Right to Rectification

You have the right to correct inaccurate data. Since most data is stored locally on your device, you can update it directly in the App.

10.8 California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the CCPA:

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your privacy rights

To exercise these rights, please contact us at support@mealscribe.app. We will respond within 45 days as required by CCPA.

10.9 Canadian Privacy Rights (PIPEDA)

If you are a Canadian resident, you have rights under PIPEDA including the right to access, correct, and challenge the accuracy of your personal information. To exercise these rights, please contact us at support@mealscribe.app.

10.10 Right to Limit Use of Sensitive Personal Information (CCPA/CPRA)

If you are a California resident, the California Privacy Rights Act (CPRA) provides you with the right to limit our use and disclosure of your "sensitive personal information," which includes health-related dietary data such as allergies and medical dietary restrictions.

You have the right to direct us to limit our use of sensitive personal information to only what is necessary to provide the services you requested. To exercise this right, you may:

  • In the App: Remove or modify your dietary restrictions in "Meal Settings > Restrictions & Exclusions" to limit what health data we process
  • Request Limitation: Contact us at support@mealscribe.app to request that we limit processing of your sensitive personal information
  • Request Deletion: Request deletion of your sensitive personal information as described in Section 10.2

Note: MealScribe already limits use of sensitive personal information to providing our core services (customizing meal suggestions based on your dietary requirements). We do not use sensitive personal information for advertising, do not sell it, and do not share it except as necessary to provide the AI-powered features you have requested. Limiting use further may affect our ability to filter recipes according to your dietary restrictions.

10.11 Request Processing Timeframes

We will process your requests within the following timeframes:

  • GDPR: Within 30 days of receiving your request
  • CCPA: Within 45 days of receiving your request
  • Other Jurisdictions: Within reasonable timeframes as required by applicable law

11. Children's Privacy

Our App is not intended for users under 13 years of age (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children under the applicable age threshold.

If you are a parent or guardian and believe that your child under the age of 13 (or applicable age in your jurisdiction) has provided us with personal information, please contact us immediately at support@mealscribe.app. We will promptly investigate and delete any such information from our systems.

If we become aware that we have collected personal information from a child under the applicable age without parental consent, we will take steps to delete that information promptly.

12. Google Play Store and Apple App Store Compliance

Our App is distributed through Google Play Store and Apple App Store. This Privacy Policy complies with:

  • Google Play Store Requirements: We comply with Google's User Data Privacy policy, including requirements for data collection disclosure, user consent, and data security
  • Apple App Store Requirements: We comply with Apple's App Store Review Guidelines, including requirements for privacy policy disclosure, data collection transparency, and user consent mechanisms

Subscriptions are managed through the respective app stores, and payment processing is handled by Google and Apple in accordance with their privacy policies.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

  • Posting the updated Privacy Policy on this page with an updated "Last updated" date
  • Notifying you through the App when material changes are made
  • Prompting you to review and re-consent to updated privacy terms when significant changes occur

The App tracks consent versions and will prompt you to re-consent when privacy terms change significantly. Your continued use of the App after such changes constitutes acceptance of the updated Privacy Policy.

If you do not agree with the updated Privacy Policy, you may stop using the App and request deletion of your data as described in Section 10.2.

14. Jurisdiction-Specific Information

14.1 European Union (GDPR)

If you are located in the European Union, your data is processed in accordance with the General Data Protection Regulation (GDPR). You have the rights described in Section 10, and we process your data based on the legal bases described in Section 5. For GDPR-related inquiries, you may also contact your local data protection authority.

14.2 United States (CCPA and State Laws)

If you are located in the United States, particularly California, your data is processed in accordance with the California Consumer Privacy Act (CCPA) and other applicable state privacy laws. You have the rights described in Section 10.8.

14.3 Canada (PIPEDA)

If you are located in Canada, your data is processed in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws. You have the rights described in Section 10.9.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

We are committed to addressing your privacy concerns and will respond to your inquiries within the timeframes specified in Section 10.10.