1. INFORMATION WE COLLECT

1.1 Information You Provide Directly

Account Information: When you create an account, we collect your email address, password (stored in hashed form), display name, and username. If you register using Apple Sign-In or Google Sign-In, we receive basic profile information as permitted by those services.

Profile Information: You may optionally provide a profile photo/avatar, biographical information, location, and phone number. You can choose to make your profile public or private.

User Content: We collect recipes, photographs, videos, reviews, comments, stories (24-hour ephemeral content), and other content you submit to the Service.

Direct Messages: Messages you send to other users are end-to-end encrypted using TweetNaCl encryption. We cannot read the content of your encrypted messages; we only store the encrypted data and metadata necessary for delivery.

Dietary and Health Information: You may provide dietary preferences, restrictions, allergies, macro tracking goals, and nutritional targets. This information is considered sensitive and is used solely to personalize your experience.

Financial and Shopping Information: We collect shopping list data, budget limits, estimated and actual shopping costs, savings calculations, and cost-splitting information for Gatherings.

Pantry Information: Ingredient inventory, expiration dates, and nutritional data you enter for pantry management.

Gatherings and Circles: Information about collaborative cooking events, participant lists, member roles in groups (Circles), and shared recipe collections.

Communications: We collect information when you contact us for support, provide feedback, or interact with the AI Budget Coach.

1.2 Information Collected Automatically

Usage Data: We automatically collect information about your interactions with the Service, including recipes viewed, saved, created, and shared; features used; time spent on the application; navigation patterns; search queries; story views; engagement metrics (likes, comments, saves); and cooking behavior analytics.

Device Information: We collect device identifiers, operating system type and version, device model, app version, platform (iOS/Android), mobile network information, and connectivity state.

Push Notification Tokens: When you enable push notifications, we collect device tokens to send you message notifications, reminders, and Gathering invitations.

Log Data: Our servers automatically record information including your IP address, access times, app crashes, error logs, and system activity. Audit logs are maintained for security events.

Camera and Media Library Access: When you grant permission, we access your camera to take photos/videos for recipes and your media library to upload existing photos. We also use camera access for barcode/OCR scanning features.

1.3 Information from Third Parties

Authentication Providers: When you sign in using Apple or Google, we receive your name, email address, and account identifier as authorized by you.

Kroger API: If you use Kroger integration features, we receive real-time grocery pricing, product availability, and store location data. We share shopping list data with Kroger to provide pricing information.

Video Platforms: When you import recipes from YouTube, TikTok, or Instagram, we extract recipe information from those platforms. We do not receive your credentials for these services.

Pexels API: We use Pexels to provide stock photos for recipes. Pexels may collect certain information as described in their privacy policy.

1.4 Location Information

When you grant location permissions, we collect your device location to: (a) find nearby grocery stores and provide localized pricing via the Kroger API; (b) enable location-based Gathering discovery; and (c) provide location-based recommendations. You can disable location services at any time in your device settings. We may also infer your general location from your IP address for localized content.

1.5 AI and Machine Learning Data

AI Services: We use AI service providers to power our AI Budget Coach, recipe recommendations, and conversational assistance features. When you interact with AI features, your queries and relevant context (such as dietary preferences and shopping history) are processed by our AI providers. Their use of this data is governed by their privacy policies and our data processing agreements.

Computer Vision Services: We use computer vision services for OCR (optical character recognition) to scan barcodes and extract text from images. Images processed through these services are subject to our providers' privacy practices.

2. LEGAL BASES FOR PROCESSING (GDPR)

For users in the European Economic Area ("EEA"), United Kingdom, or Switzerland, we process personal information under the following legal bases pursuant to the General Data Protection Regulation ("GDPR"):

• Contractual Necessity (Article 6(1)(b)): Processing necessary to provide the Service and fulfill our agreement with you, including account management, recipe sharing, shopping list features, and social networking functionality.
• Legitimate Interests (Article 6(1)(f)): Processing for purposes such as improving our Service, preventing fraud, ensuring security, conducting analytics, and providing customer support, where such interests are not overridden by your rights.
• Consent (Article 6(1)(a)): Processing based on your explicit consent, including location services, push notifications, AI-powered features, and marketing communications. You may withdraw consent at any time.
• Legal Obligation (Article 6(1)(c)): Processing necessary to comply with applicable laws and regulations.

Special Category Data: Dietary and health-related information (such as allergies and dietary restrictions) may constitute special category data under Article 9 of the GDPR. We process this data based on your explicit consent (Article 9(2)(a)) for the purpose of personalizing recipes and meal planning.

3. HOW WE USE YOUR INFORMATION

We use your information for the following purposes:

• Service Provision: To create and manage your account, authenticate your identity, provide and personalize the Service, deliver features you request, process shopping lists, and manage Gatherings and Circles.
• AI-Powered Features: To provide recipe recommendations, AI Budget Coach assistance, conversational help, and intelligent meal planning.
• Personalization: To generate recipe recommendations, create meal plans, tailor content based on your preferences, dietary restrictions, cooking history, and usage patterns.
• Social Features: To enable the community feed, stories, direct messaging (encrypted), following/followers, Circles, and Gatherings functionality.
• Smart Shopping: To provide real-time grocery pricing, price comparison, budget tracking, savings calculations, and shopping list management via grocery partner integrations.
• Notifications: To send push notifications for messages, reminders, Gathering invitations, and expiration alerts.
• Communication: To send service-related communications, respond to inquiries, and provide customer support.
• Analytics: To power your personal savings dashboard, track cooking statistics, award achievement badges, and analyze engagement metrics.
• Improvement: To analyze usage patterns, diagnose technical issues, and improve the Service's functionality and user experience.
• Content Moderation: To review and moderate user-generated content for compliance with our Community Guidelines.
• Safety and Security: To detect, prevent, and address fraud, abuse, security incidents, and violations of our Terms of Service. We maintain audit logs of security events.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, and governmental requests.

4. HOW WE SHARE YOUR INFORMATION

We do not sell your personal information.

We may share your information in the following circumstances:

4.1 Service Providers

We share information with third-party vendors who perform services on our behalf:

• Cloud Infrastructure Providers: Authentication, database, storage, and serverless computing for backend infrastructure.
• AI Service Providers: AI-powered features including the Budget Coach and recipe recommendations.
• Computer Vision Providers: OCR and barcode scanning functionality.
• Push Notification Providers: Delivery of push notifications to your device.
• Analytics and Monitoring Providers: Error tracking and application performance monitoring.
• Media Service Providers: Stock photo services for recipe imagery.

These providers are contractually obligated to protect your information and use it only for specified purposes.

4.2 Third-Party Integrations

Apple and Google: Authentication data is processed by Apple and Google in accordance with their privacy policies.

Kroger: If you use Kroger integration features, we share shopping list data and receive pricing, product, and store information. Your use of Kroger services is subject to Kroger's privacy policy.

Video Platforms: When importing recipes from YouTube, TikTok, or Instagram, we interact with these platforms to extract recipe content. These platforms have their own privacy policies.

4.3 User Content and Social Features

Recipes, reviews, comments, stories, and other content you choose to make public will be visible to other users of the Service. Your profile information (display name, avatar, bio) is visible according to your privacy settings. Followers and following lists may be visible to other users. Content shared in Circles is visible to Circle members. Gathering information is visible to Gathering participants.

Direct Messages: Direct messages are end-to-end encrypted. We cannot access the content of these messages; only the sender and recipient can read them.

4.4 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal process, including subpoenas, court orders, or government requests. We may also disclose information to: (a) enforce our Terms of Service; (b) protect our rights, privacy, safety, or property; (c) protect the rights, privacy, safety, or property of you or others; or (d) detect, prevent, or address fraud, security, or technical issues.

4.5 Business Transfers

In connection with any merger, acquisition, sale of assets, financing, or transfer of all or a portion of our business, your information may be transferred to the acquiring entity. We will notify you via email or prominent notice on the Service of any change in ownership or uses of your personal information.

4.6 Aggregated or De-Identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you for any purpose, including research, analytics, and improving the Service.

5. DATA RETENTION

We retain your personal information for as long as your account is active or as needed to provide the Service. Specific retention periods include:

• Account Data: Retained while your account is active.
• User Content: Retained while your account is active; deleted upon account deletion except where shared with or copied by other users.
• Stories: Automatically deleted 24 hours after posting.
• Direct Messages: Retained in encrypted form until you or the recipient deletes them.
• Audit Logs: Retained for 2 years for security purposes.
• Error Logs: Retained for 90 days.
• Analytics Data: Retained for 26 months in accordance with our analytics provider retention policies.

Upon account deletion:

• Personal data is deleted within thirty (30) days with cascading removal across all related data
• Backup copies are purged within ninety (90) days
• Anonymized, aggregated data may be retained indefinitely
• Data subject to legal holds or preservation requirements will be retained as required

6. DATA SECURITY

We implement technical and organizational security measures designed to protect your personal information, including:

• Encryption of data in transit using TLS/SSL protocols
• Encryption of sensitive data at rest
• End-to-end encryption for direct messages
• Secure authentication mechanisms including OAuth 2.0 for Apple and Google Sign-In
• Password hashing using industry-standard algorithms
• Access controls limiting employee access to personal data
• Database security rules governing data access
• Audit logging for security events
• Regular security assessments and monitoring
• Incident response procedures

Despite these measures, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security of your information.

7. YOUR PRIVACY RIGHTS

7.1 General Rights

Subject to applicable law, you have the right to:

• Access: Request information about the personal data we hold about you and receive a copy of your data.
• Correction: Request correction of inaccurate personal data.
• Deletion: Request deletion of your personal data, subject to certain exceptions. We provide account deletion functionality with cascading data removal.
• Portability: Request a copy of your personal data in a structured, machine-readable format. We provide data export functionality within the app.
• Restriction: Request restriction of processing in certain circumstances.
• Objection: Object to processing based on legitimate interests.
• Withdraw Consent: Withdraw consent where processing is based on consent, including location services, push notifications, and AI features.

To exercise these rights, contact us at privacy@gruby.app or use the privacy controls within the application settings.

7.2 California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, "CCPA"), Cal. Civ. Code Sections 1798.100-1798.199.100:

• Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected, the sources of collection, the purposes for collection, and the categories of third parties with whom we share personal information.
• Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
• Right to Correct: You may request correction of inaccurate personal information.
• Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information for cross-context behavioral advertising as those terms are defined under the CCPA.
• Right to Limit Use of Sensitive Personal Information: You may request that we limit our use of sensitive personal information (such as dietary restrictions and health information) to purposes necessary to provide the Service.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

Categories of Personal Information Collected:

• Identifiers (name, email, username, device identifiers)
• Personal information under Cal. Civ. Code Section 1798.80(e) (name, telephone number)
• Protected classification characteristics (dietary restrictions that may indicate religious practices or health conditions)
• Commercial information (shopping history, budget information)
• Geolocation data (when permission granted)
• Audio, visual, or similar information (photos, videos you upload)
• Internet or network activity (usage data, browsing history within the app)
• Inferences drawn from collected information (recipe preferences, cooking patterns)
• Sensitive personal information (dietary restrictions, health-related preferences)

To submit a verifiable consumer request, contact us at privacy@gruby.app. You may designate an authorized agent to submit requests on your behalf. We will verify your identity before responding to requests.

7.3 Virginia, Colorado, Connecticut, Utah, and Other State Privacy Rights

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), and other states with comprehensive privacy laws have similar rights to access, correct, delete, and obtain a copy of their personal data, as well as the right to opt out of targeted advertising and profiling. To exercise these rights, contact us at privacy@gruby.app. You may appeal any decision regarding your request by emailing privacy@gruby.app with "Privacy Appeal" in the subject line.

7.4 European Privacy Rights (GDPR)

If you are in the EEA, UK, or Switzerland, you have rights under the GDPR including the rights described in Section 7.1 above. You also have the right to lodge a complaint with your local data protection authority.

Data Controller: Gruby is the data controller for purposes of the GDPR.

Data Transfers: Your information may be transferred to and processed in the United States. We rely on Standard Contractual Clauses (SCCs) approved by the European Commission and supplementary measures for such transfers.

8. CHILDREN'S PRIVACY

The Service is not directed to children under the age of thirteen (13). We do not knowingly collect personal information from children under 13 in compliance with the Children's Online Privacy Protection Act ("COPPA"), 15 U.S.C. Sections 6501-6506, and its implementing regulations at 16 C.F.R. Part 312.

If we become aware that we have collected personal information from a child under 13 without verifiable parental consent, we will take steps to delete such information within a reasonable time. If you believe we have collected information from a child under 13, please contact us immediately at privacy@gruby.app.

Users between the ages of 13 and 18 (or the age of majority in their jurisdiction) should have parental or guardian consent to use the Service and to the collection and use of their personal information as described in this Privacy Policy.

9. TRACKING AND ADVERTISING

9.1 Analytics

We use analytics services to understand how users interact with the Service. These tools may collect information about your device and usage patterns.

9.2 Apple App Tracking Transparency

We comply with Apple's App Tracking Transparency framework. We will request your permission before tracking your activity across other companies' apps and websites for advertising purposes. You may change your tracking preferences at any time in your device Settings under Privacy and Security, then Tracking.

9.3 Do Not Track

We do not currently respond to "Do Not Track" browser signals as there is no industry standard for compliance.

9.4 Global Privacy Control

We honor Global Privacy Control (GPC) signals as a valid opt-out request under applicable state privacy laws.

10. THIRD-PARTY LINKS

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

11. INTERNATIONAL DATA TRANSFERS

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where our servers and service providers are located. These countries may have data protection laws that differ from those in your country. By using the Service, you consent to such transfers. We implement appropriate safeguards for international transfers, including Standard Contractual Clauses where required by law.

12. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service and updating the "Effective Date" above. For material changes, we will provide additional notice, such as email notification or in-app alert, at least 30 days before the changes take effect. Your continued use of the Service after the effective date of the revised policy constitutes acceptance of the changes.

13. CONTACT US

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Gruby Privacy Team
Email: privacy@gruby.app

For general inquiries:
Email: support@gruby.app

For GDPR-related inquiries:
Email: dpo@gruby.app