Legal

Privacy Policy

How we collect, use, and protect your information โ€” including sensitive allergy data.

Last updated: April 2026

Contents

  1. Information We Collect
  2. How We Use Your Information
  3. Food Allergy Data
  4. AI Processing
  5. Data Storage and Security
  6. Data Sharing
  7. Your Rights
  8. Children's Privacy
  9. Changes to This Policy
  10. Contact Us

01Information We Collect

1.1 Information you provide - **Account information:** Email address used to create your account - **Profile information:** Display name, cuisine preferences, fitness goals, dietary preferences, food allergies, and cooking time preferences you set during onboarding - **Scan data:** Photos you submit for ingredient scanning and the resulting ingredient lists - **Recipe interactions:** Recipes you save, rate, or mark as cooked - **Meal plans:** Weekly meal plans you create - **Shopping lists:** Items you add to your shopping list

1.2 Information collected automatically - **Usage data:** Features you use, screens you view, and actions you take in the app - **Device information:** Device type, operating system version, and app version - **Crash reports:** Technical error data collected via Sentry to help us fix bugs

1.3 Information we do NOT collect - We do not store the photos you scan beyond what is needed to process your request - We do not access your camera roll outside of the specific photos you choose to share - We do not sell your data to third parties

02How We Use Your Information

We use your information to:

  • Provide the core service โ€” ingredient scanning and recipe generation
  • Personalise recipe suggestions based on your cuisine preferences, fitness goals, and dietary restrictions
  • Enforce allergen safety โ€” your allergy data is included in every AI recipe generation request to prevent unsafe suggestions
  • Track your scan quota and subscription status
  • Send you service-related notifications (dinner reminders you set yourself)
  • Improve the app through aggregated, anonymised analytics
  • Respond to support requests

03Food Allergy Data

We treat your allergy and dietary restriction data as sensitive health information.

  • Your allergen list is transmitted to our AI systems solely to exclude unsafe ingredients from recipe suggestions
  • It is not used for advertising, analytics profiling, or shared with third parties
  • You can update or delete your allergy data at any time from your profile settings

04AI Processing

Frittu uses Anthropic's Claude AI to analyse food photos and generate recipes. When you submit a photo or request recipes:

  • Your photo (compressed and processed locally on your device) is sent to our secure servers
  • Your profile data, including allergens and dietary preferences, is included in the request
  • Anthropic processes this data under their own privacy policy and data processing agreement
  • We do not instruct Anthropic to train on your personal data

05Data Storage and Security

  • Your data is stored in Supabase (PostgreSQL), hosted in Australia and the United States
  • All data is encrypted in transit (TLS) and at rest
  • Access to your data is restricted by row-level security โ€” only you can read or modify your own data
  • We use industry-standard security practices including authentication tokens and rate limiting

06Data Sharing

We do not sell your personal information. We share data only with:

  • Supabase โ€” database and authentication infrastructure
  • Anthropic โ€” AI processing of ingredient photos and recipe generation
  • RevenueCat โ€” subscription and payment management (no payment card data is stored by us)
  • PostHog โ€” anonymised product analytics
  • Sentry โ€” crash reporting (no personal data in error reports)

07Your Rights

Under Australian Privacy Act 1988 and, where applicable, GDPR, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Delete your account and all associated data
  • Export your data in a portable format
  • Object to processing in certain circumstances

To exercise these rights, contact us at privacy@frittu.app or use the "Delete Account" option in the app.

Account deletion: Deleting your account permanently removes all your personal data, saved recipes, scan history, and meal plans from our systems within 30 days.

08Children's Privacy

Frittu is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, contact us immediately at privacy@frittu.app.

09Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via the app or email. The "Last updated" date at the top of this page reflects the most recent revision.

10Contact Us

For privacy questions, data requests, or concerns:

Email: privacy@frittu.app Website: frittu.app Location: Australia