Privacy Policy

Legal

Privacy Policy

Last Updated: May 1, 2026 ·  Effective Date: May 1, 2026

This Privacy Policy describes how Snapfine Tech LLC, a Delaware limited liability company ("Snapfine Tech," "we," "us," or "our"), collects, uses, stores, and discloses information in connection with your use of the JustEatSmart application and related services (the "Service"). This Policy is incorporated into and subject to our Terms of Service. By using the Service, you consent to the practices described in this Privacy Policy.

1Information We Collect

1.1 Information You Provide Directly

  • Account Information: When you authenticate via Google or Apple OAuth, we receive your name, email address, and profile picture as provided by that identity provider.
  • Pantry Data: Ingredient names, quantities, units, storage locations, expiration dates, and status flags you enter into your digital pantry.
  • Meal Planning Data: Weekly meal schedules, assigned recipes per day and meal slot, serving size adjustments, and notes you add to your meal plans.
  • Grocery Lists: Items, quantities, purchase status, estimated prices, and store preferences in your grocery lists.
  • Saved Recipes & Preferences: Recipes you save, cuisine preferences you indicate, and interaction history within the Service.

1.2 Information Collected Automatically

  • Usage Data: Pages viewed, features used, recipes clicked, search queries, filter selections, time spent on pages, and navigation patterns.
  • Device Information: IP address, browser type and version, operating system, device type, screen resolution, and time zone.
  • Cookies & Similar Technologies: Session cookies for authentication, persistent cookies for preferences, and analytics cookies. See Section 7 for details.
  • Log Data: Server logs including access times, referring URLs, error logs, and API request metadata.

1.3 Information from Third Parties

  • Google OAuth: Profile name, verified email address, and profile image. We do not receive your Google account password. For information on how Google processes your data, see Google's Privacy Policy.
  • Apple Sign In: Name (which you may choose to hide) and email address (which may be a relay address). For information on how Apple processes your data, see Apple's Privacy Policy.
  • YouTube API Services: We interact with the YouTube API to retrieve public video metadata (titles, descriptions, thumbnails, view counts, publication dates) for display purposes. We do not access your personal YouTube account, viewing history, or subscriptions. Data retrieved from YouTube is subject to Google's Privacy Policy.

2How We Use Your Information

We use the information we collect for the following purposes:

  • Service Provision: To create and manage your account, authenticate your identity, and provide all features of the Service including pantry management, meal planning, grocery list generation, and the zero-waste engine.
  • Personalisation: To rank and order recipe recommendations based on your saved recipes, cuisine preferences, pantry contents, and interaction history.
  • Zero-Waste Engine: To cross-reference your pantry contents and planned meals against our recipe database in order to suggest recipes that use leftover ingredients.
  • Service Improvement: To analyse aggregate usage patterns, diagnose technical issues, and improve the Service's features and performance.
  • Communications: To send you service-related notices, security alerts, and, with your consent, promotional communications.
  • Legal Compliance: To comply with applicable laws, regulations, legal processes, and lawful government requests.
  • Advertising: To serve contextual and interest-based advertisements through Google AdSense and similar platforms. See Section 7.
  • Safety & Security: To detect, prevent, and investigate fraud, abuse, security incidents, and violations of our Terms of Service.

3Legal Bases for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process your personal data on the following legal bases under the General Data Protection Regulation (GDPR) and applicable UK/Swiss data protection law:

  • Contractual Necessity (Art. 6(1)(b) GDPR): Processing required to provide the Service, including account management, pantry storage, meal planning, and grocery list generation.
  • Legitimate Interests (Art. 6(1)(f) GDPR): Fraud prevention, security, analytics, and Service improvement, where our interests are not overridden by your rights.
  • Consent (Art. 6(1)(a) GDPR): Marketing communications and certain advertising cookies, where required. You may withdraw consent at any time.
  • Legal Obligation (Art. 6(1)(c) GDPR): Compliance with applicable laws and regulations.

4How We Share Your Information

We do not sell your personal information. We may share your information with:

  • Service Providers: Third-party vendors who assist in operating the Service, including cloud hosting (Render), database services (Neon), and analytics providers. These vendors are contractually obligated to use your data only to provide services to us.
  • Advertising Networks: Google AdSense and similar platforms receive data necessary to serve advertisements, including anonymised usage signals and cookie data.
  • Legal Authorities: When required by applicable law, court order, or government authority, or to protect the rights, property, or safety of Snapfine Tech LLC, our users, or the public.
  • Business Transfers: In connection with any merger, acquisition, sale of assets, or bankruptcy, your information may be transferred to the acquiring entity.
  • With Your Consent: For any other purpose with your express consent.

We do not share your pantry contents, meal plans, or grocery lists with any third party for marketing purposes.

5Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. Specifically:

  • Account & Profile Data: Retained until you delete your account, plus 30 days thereafter for backup and recovery purposes.
  • Pantry, Meal Plan & Grocery Data: Retained for the duration of your account. Deleted within 30 days of account deletion.
  • Usage & Analytics Data: Retained in anonymised, aggregated form for up to 24 months.
  • Log Data: Retained for up to 90 days.
  • Legal Hold: We may retain data longer if required by applicable law or for the establishment, exercise, or defense of legal claims.

6Data Security

We implement commercially reasonable technical and organisational security measures designed to protect your personal information against unauthorised access, disclosure, alteration, and destruction. These include encrypted data transmission (TLS/SSL), database access controls, and regular security reviews. However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security and shall not be liable for unauthorised access resulting from factors outside our reasonable control.

7Cookies, Tracking & Advertising

We and our third-party partners use cookies and similar tracking technologies. Categories of cookies we use:

  • Strictly Necessary: Required for authentication and core Service functionality. Cannot be disabled.
  • Analytics: Help us understand how users interact with the Service. Used in anonymised, aggregated form.
  • Advertising: Google AdSense uses cookies (including the __gads cookie) to serve interest-based advertisements. You can opt out of personalised advertising via Google's Ad Settings or AboutAds.info.

Most browsers allow you to control cookies through browser settings. Disabling certain cookies may affect the functionality of the Service.

8California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

  • Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: You may request deletion of personal information we have collected, subject to certain exceptions.
  • Right to Correct: You may request correction of inaccurate personal information.
  • Right to Opt-Out of Sale/Sharing: We do not sell your personal information. We do share limited data with advertising partners; you may opt out via our cookie settings.
  • Right to Limit Use of Sensitive Personal Information: We do not collect sensitive personal information as defined by the CPRA.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise these rights, submit a verifiable consumer request to privacy@snapfine.tech. We will respond within 45 days as required by law.

9EEA, UK & Swiss Data Subject Rights (GDPR)

If you are located in the EEA, UK, or Switzerland, you have the following rights under applicable data protection law:

  • Right of Access (Art. 15): Request a copy of the personal data we hold about you.
  • Right to Rectification (Art. 16): Request correction of inaccurate or incomplete data.
  • Right to Erasure (Art. 17): Request deletion of your personal data ("right to be forgotten").
  • Right to Restriction (Art. 18): Request restriction of processing of your data.
  • Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format.
  • Right to Object (Art. 21): Object to processing based on legitimate interests or for direct marketing.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw at any time without affecting prior lawful processing.

To exercise these rights, contact us at privacy@snapfine.tech. We will respond within 30 days (extendable by 2 months for complex requests).

International Transfers. Your data is stored on servers in the United States. Transfers of personal data from the EEA/UK to the US are made pursuant to Standard Contractual Clauses or other appropriate safeguards as required by applicable law.

Supervisory Authority. You have the right to lodge a complaint with your local data protection supervisory authority.

10Children's Privacy

The Service is not directed to individuals under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If we become aware that a child has provided personal information, we will take immediate steps to delete such information. If you believe a child has provided us with personal information, please contact us at privacy@snapfine.tech.

11Third-Party Links & Services

The Service contains links to third-party websites, including YouTube, creator websites, and advertiser landing pages. This Privacy Policy does not apply to those third-party sites. We encourage you to review the privacy policies of any third-party services you access through the Service. Snapfine Tech LLC is not responsible for the privacy practices of third parties.

12Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last Updated" date at the top of this Policy and, where appropriate, by sending you an email notification. Your continued use of the Service after any update constitutes acceptance of the revised Privacy Policy. We encourage you to review this Policy periodically.

13Contact Us

Snapfine Tech LLC

Incorporated in Delaware, USA

Privacy enquiries: privacy@snapfine.tech

Legal enquiries: legal@snapfine.tech

General: hello@snapfine.tech

© 2026 Snapfine Tech LLC. All rights reserved. Incorporated in Delaware, USA.

Terms of Service →