Last updated: March 2026
We collect information you provide directly, such as account details when you sign in (name, email address) via our authentication provider. We also collect information about your use of the Service, including search queries, features accessed, and interaction patterns. We may collect anonymized, aggregated usage data — such as the most frequently searched food items, commonly flagged toxic ingredients, and search trends — to understand how the Service is used and to improve it. We do not sell or share personally identifiable information with third parties for marketing purposes.
We use the information we collect to provide and improve the Service, personalize your experience (such as saving allergen preferences), respond to support requests, and analyze usage patterns. Anonymized and aggregated data — for example, which ingredients are most commonly flagged as toxic or which food categories are searched most often — may be used to improve search results, prioritize database updates, and guide product development. This aggregated data cannot identify you personally.
User data, including account information and saved preferences (such as allergen lists and inventory), is stored in a PostgreSQL database hosted by Neon, a serverless database platform. Data is stored on secure servers with encryption at rest and in transit. We implement reasonable technical and organizational measures to protect your data, but no method of transmission or storage is 100% secure.
The Service integrates with several third-party APIs and services, including: USDA FoodData Central (food ingredient and nutritional data), OpenFDA (drug and supplement information, recall data), CDC Food Safety feeds (recall alerts), and Clerk (authentication). These services have their own privacy policies, which we encourage you to review. We are not responsible for the privacy practices of these third parties.
We retain your account information and saved preferences for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymize your personal data within a reasonable period, except where retention is required by law. Aggregated, anonymized analytics data may be retained indefinitely as it cannot be linked to individual users.
Depending on your location, you may have rights regarding your personal data, including the right to access, correct, or delete your data. To exercise these rights or ask questions about your data, please contact us. We will respond to reasonable requests within a reasonable timeframe. Note that some data may be required to provide the Service and cannot be deleted while your account remains active.
The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately and we will take steps to delete it.
We may update this Privacy Policy from time to time. Changes will be posted to the Service with an updated effective date. Your continued use of the Service after any changes constitutes your acceptance of the updated policy. We encourage you to review this policy periodically to stay informed about how we protect your information.