Privacy Policy

Last updated: June 2025

At MicroPantry, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our MicroPantry mobile application (version 1.0.0) and related services.

App Information

App Name: MicroPantry

Version: 1.0.0

Platform: React Native (iOS & Android)

Developer Contact: admin@micropantry.org

Address: 6440 Large Street, Philadelphia, PA

1. Information We Collect

1.1 Personal Information

When you create an account and use our mobile app, we collect:

  • Account Information: Email address and display name for account creation
  • Profile Data: BMI, allergies, dietary restrictions, and health conditions
  • Authentication Data: Securely stored via Firebase authentication
  • Dietary Preferences: Food preferences, health goals, and nutritional objectives
  • Communication Preferences: Notification settings and contact preferences

1.2 Usage Data

To provide core app functionality, we collect:

  • Pantry Management: Food items, quantities, expiry dates, and categories
  • Meal Planning: Shopping lists, meal plans, and recipe preferences
  • App Interactions: Feature usage patterns and user behavior
  • Device Information: OS version, device model, and app version
  • Performance Data: App crash reports and performance metrics

1.3 Media Data

With your permission, we may collect:

  • Camera Access: For food scanning and barcode recognition
  • Food Photos: Images of food items for AI recognition
  • Barcode Data: Product information from scanned barcodes
  • Receipt Images: For automated pantry updates (when permission granted)

1.4 Technical Data

For app functionality and improvement, we collect:

  • Network Information: IP address and connectivity status
  • Local Storage: Data stored using AsyncStorage for offline functionality
  • Device Identifiers: For app analytics and crash reporting
  • API Usage: Requests to third-party services for food data

2. How We Use Your Information

We use your information to provide and improve our mobile app services:

  • Core App Functionality: Pantry management, recipe suggestions, and meal planning
  • Food Recognition: Process camera images and barcode scans for food identification
  • Nutritional Analysis: Provide detailed nutritional information and recommendations
  • Smart Notifications: Alert you about expiring items and suggest recipes
  • Personalization: Customize recommendations based on your dietary preferences and health goals
  • Data Synchronization: Sync your data across devices using cloud storage
  • App Improvement: Analyze usage patterns to enhance user experience and fix bugs
  • Customer Support: Provide technical assistance and respond to your inquiries
  • Legal Compliance: Meet regulatory requirements and protect user rights

3. Third-Party Services & Data Sharing

We integrate with the following third-party services to provide app functionality:

3.1 Firebase (Google)

  • User Authentication: Secure account creation and login management
  • Cloud Database: Firestore for data synchronization across devices
  • Analytics: App usage statistics and crash reporting
  • Data Storage: Information stored in Google Cloud (US-based servers)

3.2 Edamam API

  • Food Database: Nutritional information and food identification
  • Search Queries: Food search terms sent for nutritional data
  • Data Sharing: No personal data shared beyond search terms

3.3 OpenAI API

  • AI Meal Planning: Personalized recipe suggestions and meal planning
  • Natural Language Processing: Understanding food queries and preferences
  • Data Processing: Query data may be processed by OpenAI for AI functionality

3.4 Other Services

  • Expo: App development and deployment platform
  • React Native Libraries: Core app functionality and UI components
  • App Store Services: iOS App Store and Google Play Store for app distribution

3.5 Data Sharing Policies

We do not sell your personal information. We may share data only when:

  • Legal Requirements: Required by law or to protect rights and safety
  • Business Transfers: In connection with mergers, acquisitions, or asset sales
  • Explicit Consent: When you explicitly consent to sharing
  • Service Providers: With trusted vendors who assist in app operations

4. Data Storage & Security

We implement comprehensive security measures to protect your data:

4.1 Local Data Security

  • AsyncStorage Encryption: Local data encrypted on your device
  • Secure Key Storage: Authentication tokens stored securely
  • Offline Protection: Data remains secure even when offline

4.2 Cloud Data Security

  • Firebase Security: Data encrypted in transit and at rest
  • Authentication: Secure token-based user authentication
  • Access Controls: Role-based permissions and data isolation
  • Regular Backups: Secure data backup and recovery procedures

4.3 App Security Measures

  • Code Obfuscation: App code protected against reverse engineering
  • API Security: Secure communication with all external services
  • Permission Management: Minimal required permissions with clear explanations
  • Regular Updates: Security patches and vulnerability assessments

4.4 Data Breach Response

In the unlikely event of a data breach, we will:

  • Notify affected users within 72 hours
  • Report to relevant authorities as required by law
  • Implement immediate security measures
  • Provide guidance on protective actions

5. Device Permissions

Our app requests the following permissions to provide full functionality:

5.1 Camera Permission

  • Purpose: Food scanning and barcode recognition
  • Usage: Process images locally when possible
  • Storage: Images not stored permanently unless you choose to save them
  • Control: You can revoke this permission in your device settings

5.2 Storage Permission

  • Purpose: Save images and enable offline functionality
  • Usage: Local data backup and offline access
  • Control: Manageable through app settings and device permissions

5.3 Network Access

  • Purpose: Cloud synchronization and API calls
  • Usage: Real-time data updates and food database queries
  • Offline Mode: App works offline with limited functionality

6. Your Rights & Controls

You have comprehensive control over your data:

  • Access Your Data: View all personal information we have about you
  • Update Information: Correct or modify your profile and preferences
  • Delete Account: Permanently remove your account and associated data
  • Export Data: Download your data in a portable format
  • Notification Control: Opt-out of push notifications and emails
  • Withdraw Consent: Revoke permissions for data processing
  • Data Portability: Transfer your data to another service

7. Children's Privacy

Our app is not intended for children under 13 years of age:

  • Age Restriction: We do not knowingly collect data from children under 13
  • Parental Supervision: Parents should supervise children's app usage
  • Data Deletion: If we discover child data, we will delete it immediately
  • Parental Rights: Parents can request deletion of their child's data

8. Data Retention

We retain your data according to the following schedule:

  • Account Data: Retained until account deletion
  • Local Data: Cleared when app is uninstalled
  • Backup Data: Retained for 30 days after account deletion
  • Analytics Data: Anonymized after 2 years
  • Crash Reports: Retained for 1 year for debugging purposes

When retention periods expire, we securely delete or anonymize your data.

9. International Data Transfers

Your data may be processed in the United States and other countries:

  • Firebase/Google: Data stored in US-based Google Cloud servers
  • API Services: Edamam and OpenAI may process data in various locations
  • Protection Measures: Standard contractual clauses and adequacy decisions
  • EU Users: Additional rights under GDPR for European users

10. App Store Compliance

Our app complies with platform-specific requirements:

10.1 iOS App Store

  • Privacy Labels: Complete privacy information in App Store
  • Data Collection: Transparent about all data collection practices
  • User Control: Clear permission requests and controls

10.2 Google Play Store

  • Data Safety: Comprehensive data safety section
  • Permissions: Minimal required permissions with clear purposes
  • Transparency: Open about data sharing and usage

11. Updates to Privacy Policy

We may update this policy periodically. You will be notified of changes through:

  • App Updates: In-app notifications about policy changes
  • Email Notifications: Direct communication about significant changes
  • App Store Updates: Updated privacy information in app stores

Continued use of the app after changes constitutes acceptance of the updated policy.

12. Contact Information

Privacy Questions & Data Requests

For privacy-related inquiries, data requests, or to exercise your rights:

Email: admin@micropantry.org

Response Time: We respond to all requests within 30 days

Address: MicroPantry Privacy Team
6440 Large Street
Philadelphia, PA

Data Subject Request Process

To request access, correction, or deletion of your data:

  1. Email us at admin@micropantry.org with "Data Request" in the subject
  2. Include your account email and specific request details
  3. We will verify your identity before processing
  4. You will receive confirmation within 30 days

13. Legal Compliance

This Privacy Policy complies with applicable data protection laws:

13.1 GDPR Compliance (EU Users)

  • Legal Basis: Consent and legitimate interest for data processing
  • Data Controller: MicroPantry is the data controller for your information
  • Data Protection Officer: Contact admin@micropantry.org for DPO inquiries
  • Right to Complain: You can lodge complaints with your local supervisory authority

13.2 CCPA Compliance (California Residents)

  • Right to Know: Request information about data collection and use
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt-out of sale of personal information (we don't sell data)
  • Non-Discrimination: We won't discriminate for exercising your rights

13.3 Other Regulations

  • COPPA: Children's Online Privacy Protection Act compliance
  • PIPEDA: Personal Information Protection and Electronic Documents Act (Canada)
  • Local Laws: Compliance with applicable local privacy regulations