Legal
Privacy Policy
Effective Date:April 2, 2026 · Last Updated: April 2, 2026
1. Introduction
PantryPilot (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use the PantryPilot mobile application (“App”).
By using PantryPilot, you consent to the data practices described in this policy. If you do not agree, please do not use the App.
2. Information We Collect
2.1 Information You Provide Directly
| Data Category | Specific Data | Purpose |
|---|---|---|
| Account Information | Phone number, name, email address | Account creation and authentication |
| Profile Information | Display name, avatar photo, dietary preferences (e.g., Vegan, Keto, Gluten-free), lifestyle goals (e.g., Weight Loss, Muscle Gain) | Personalization and recipe recommendations |
| Pantry Data | Food item names, brands, quantities, unit types, expiry dates, storage locations (Fridge, Freezer, Pantry, Other), categories, purchase prices, product photos | Core pantry management functionality |
| Barcode Data | Scanned UPC/EAN barcodes | Product identification via USDA and OpenFoodFacts |
| Meal Plans | Planned meals with dates, meal types, titles, descriptions, servings, calorie estimates, recipe associations | Meal planning functionality |
| Shopping Lists | Item names, descriptions, completion status | Shopping list management |
| Body Metrics (Pro only) | Weight, body fat percentage, activity level, fitness goals | Advanced macro calculation |
| Support Data | Bug reports (with optional screenshots), feature requests, feedback messages | App improvement and customer support |
2.2 Information Collected Automatically
| Data Category | Specific Data | Purpose |
|---|---|---|
| Device Information | Device type, operating system, app version | Compatibility and debugging |
| Usage Analytics | Screen views, feature usage patterns, session duration | App improvement and UX optimization |
| Authentication Tokens | JWT tokens (stored locally on device) | Session management and API authentication |
| IP Address | Client IP address (from API requests) | Rate limiting, security, and fraud prevention |
2.3 Information from Third-Party Services
| Source | Data Received | Purpose |
|---|---|---|
| Google Sign-In | Google account email, display name, profile photo URL | Account authentication |
| Apple Sign-In | Apple ID email (may be relay address), display name | Account authentication |
| Twilio | SMS delivery status | OTP verification confirmation |
| RevenueCat | Subscription status, entitlements, purchase receipts | Pro subscription management |
| USDA FoodData Central | Nutritional information for food items | Item detail auto-population |
| OpenFoodFacts | Product name, brand, nutritional data from barcode | Barcode scanning feature |
3. How We Use Your Information
3.1 Core App Functionality
- Creating and managing your user account.
- Storing and organizing your pantry items, meal plans, and shopping lists.
- Tracking expiry dates and sending freshness alerts.
- Providing barcode lookup and image-based item recognition.
3.2 AI-Powered Features
- Recipe Suggestions: Your pantry items (names and master ingredient IDs) are sent to our AI service to generate personalized recipe recommendations. Your dietary preferences and lifestyle goals are used as search filters.
- Semantic Search: Pantry item names are converted into vector embeddings (numerical representations) using Google Gemini AI to enable intelligent ingredient matching against our recipe database.
- Health Insights: Aggregated pantry composition data (categories and nutritional profiles) is analyzed by Google Gemini AI to generate personalized health recommendations.
- Image Recognition: Photos you take of food items are processed by Google Gemini AI to extract ingredient details. The image is uploaded to Supabase storage and the URL is stored with your pantry item.
- Macro Calculation: If you use the Advanced Macros feature, your weight, body fat percentage, and activity level are processed locally on our servers using the Katch-McArdle formula. This data is used solely for calculating your personalized macronutrient targets.
3.3 Security and Fraud Prevention
- SMS OTP verification to protect your account.
- Rate limiting API requests (per IP and per authenticated user) to prevent abuse.
- Cloud Armor WAF protection to block malicious traffic.
- JWT token-based authentication for all API calls.
3.4 App Improvement
- Analyzing usage patterns to improve features and UX.
- Reviewing bug reports and feedback to fix issues.
- Monitoring error logs for system stability.
3.5 Communications
- Sending OTP codes via SMS for account verification (via Twilio).
- In-app notifications about expiring items (if enabled by you).
- We do not send marketing emails or promotional SMS messages.
4. Data Storage and Security
4.1 Where Your Data Is Stored
| Data Type | Storage Location | Provider |
|---|---|---|
| User accounts, pantry items, meal plans, shopping lists, recipes | PostgreSQL database | Supabase (AWS us-east-1) |
| Item photos and avatar images | Object storage (S3-compatible) | Supabase Storage |
| Vector embeddings (for AI search) | PostgreSQL with pgvector extension | Supabase |
| Application backend | Google Cloud Platform (us-central1, Iowa) | Google Cloud GKE |
4.2 Security Measures
We implement the following security measures to protect your data:
- Encryption in Transit: All API communication uses TLS 1.2+ encryption (enforced via Google Cloud SSL policy).
- Encryption at Rest: Database storage is encrypted at rest by Supabase (AES-256).
- Authentication: JWT (HS512) token-based authentication for all API endpoints.
- Rate Limiting: Three-layer rate limiting architecture: Cloud Armor WAF: 100 requests/minute per IP (global), 5 requests/minute for OTP endpoints. Application-level: 120 requests/minute per authenticated user, 30 requests/minute per anonymous IP.
- Non-Root Containers: All backend services run as non-root users in Docker containers.
- Password Hashing: Account passwords (where applicable) are hashed using BCrypt.
- Database Role Separation: The application connects to the database using a restricted role (pantrypilot_app) with only the permissions necessary for operation.
- Secret Management: All sensitive credentials (API keys, database passwords, JWT secrets) are stored as Kubernetes secrets and injected as environment variables — never hardcoded in source code or Docker images.
- HSTS: HTTP Strict Transport Security headers are enforced with a 1-year max-age.
4.3 Data Retention
| Data Type | Retention Period |
|---|---|
| Active account data | Retained while your account is active |
| Deleted account data | Permanently deleted within 30 days of account deletion |
| Activity history | Retained for the lifetime of the account |
| Shopping list (completed items) | Visible for 24 hours after completion, then hidden from view (data retained in database) |
| Server logs and error logs | Retained for 90 days, then automatically deleted |
| OTP codes | Expire after 10 minutes, deleted after verification |
5. Data Sharing and Disclosure
5.1 We Do NOT Sell Your Data
PantryPilot does not sell, rent, or trade your personal information to third parties for marketing or advertising purposes.
5.2 Third-Party Service Providers
We share limited data with the following service providers, solely for the purpose of delivering the App's functionality:
| Provider | Data Shared | Purpose |
|---|---|---|
| Supabase | All user data (stored in their infrastructure) | Database hosting, storage, and auth |
| Google Cloud | API traffic and server logs | Backend hosting and infrastructure |
| Google Gemini AI | Pantry item names, recipe queries, food images (for AI features only) | AI processing for suggestions, search, and insights |
| Twilio | Phone number (for OTP delivery only) | SMS OTP verification |
| RevenueCat | User ID, subscription status | Subscription management |
| Apple | Apple ID credentials (during sign-in) | Authentication |
| Google account credentials (during sign-in) | Authentication |
5.3 Legal Requirements
We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of PantryPilot, our users, or the public.
5.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction. We will notify you before your data becomes subject to a different privacy policy.
6. Your Rights and Choices
6.1 Access and Portability
You have the right to:
- View all your personal data within the App (profile, pantry items, meal plans, etc.).
- Request a copy of your data by contacting us at privacy@pantrypilot.net.
6.2 Correction
You can update your personal information at any time through:
- Profile editing in Settings → Edit Profile.
- Pantry item editing by tapping on any item.
- Dietary preferences in Settings → Dietary Preferences.
6.3 Deletion
You can request deletion of your account and all associated data by:
- Contacting us at privacy@pantrypilot.net.
- We will process deletion requests within 30 days.
6.4 Opt-Out Choices
| Feature | How to Opt Out |
|---|---|
| Push notifications | Device Settings → PantryPilot → Notifications |
| AI-powered features | Do not subscribe to Pro (AI features are Pro-only) |
| Image uploads | Do not use the camera/photo feature when adding items |
| Barcode scanning | Do not use the barcode scanner; add items manually |
| Phone number auth | Use Google Sign-In or Apple Sign-In instead |
6.5 California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act:
- Right to Know: You may request what personal information we collect, use, and disclose.
- Right to Delete: You may request deletion of your personal information.
- Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
- No Sale of Personal Information: We do not sell personal information.
To exercise CCPA rights, contact us at privacy@pantrypilot.net.
6.6 EU/EEA Privacy Rights (GDPR)
If you are in the European Economic Area, you have additional rights:
- Right of Access: Request a copy of your data.
- Right to Rectification: Correct inaccurate data.
- Right to Erasure: Request deletion of your data.
- Right to Restrict Processing: Limit how we use your data.
- Right to Data Portability: Receive your data in a machine-readable format.
- Right to Object: Object to processing based on legitimate interests.
- Right to Withdraw Consent: Withdraw consent at any time.
To exercise GDPR rights, contact us at privacy@pantrypilot.net.
7. Children's Privacy
PantryPilot is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that we have collected data from a child under 13, we will delete that data promptly. If you believe a child under 13 has provided us with personal information, please contact us at privacy@pantrypilot.net.
8. Cookies and Tracking
PantryPilot is a native mobile application and does not use browser cookies. We do not use any third-party advertising trackers, analytics SDKs (such as Google Analytics or Firebase Analytics), or behavioral tracking tools.
9. International Data Transfers
Your data may be processed in the United States (where our servers are hosted). If you are located outside the United States, your data will be transferred to and processed in the U.S. By using the App, you consent to this transfer. We ensure that appropriate safeguards are in place to protect your data in compliance with applicable data protection laws.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes:
- We will update the “Last Updated” date at the top.
- We may notify you via in-app notification.
- Your continued use of the App after changes constitutes acceptance of the revised policy.
We encourage you to review this Privacy Policy periodically.
11. Contact Us
For any privacy-related questions, concerns, or requests, please contact us:
- Privacy Email: privacy@pantrypilot.net
- General Support: support@pantrypilot.net
- In-App: Settings → Support → Send Feedback