Privacy Policy

Last Updated: November 1, 2025 | Effective Date: November 28, 2025 (Thanksgiving Launch)

Disclaimer: This is a general privacy policy template. While we've made efforts to ensure accuracy, this document should be reviewed by a qualified attorney to ensure compliance with GDPR, CCPA, and other applicable privacy laws.

Table of Contents

1. Introduction

Welcome to SuddenPlate ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and web platform (the "Service").

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use the Service.

2. Information We Collect

2.1 Information You Provide to Us

We collect information you voluntarily provide when using the Service:

  • Account Information: Email address, password, display name, profile photo
  • Profile Data: Dietary preferences, allergies, nutrition goals, weight management targets
  • Pantry Data: Food items, quantities, expiration dates, purchase locations
  • Meal Logs: Foods consumed, portion sizes, meal times, nutrition data
  • Recipe Content: Recipes you create, save, or share, including ingredients and instructions
  • Photos: Food photos, meal photos uploaded for scanning or logging
  • Shopping Lists: Items you add to shopping lists, purchase history
  • Social Interactions: Likes, shares, comments, recipe ratings, challenge participation
  • Communication Data: Messages you send to support, feedback, survey responses

2.2 Automatically Collected Information

When you use the Service, we automatically collect:

  • Device Information: Device type, operating system, unique device identifiers, mobile network information
  • Usage Data: Features used, pages viewed, time spent, click patterns, search queries
  • Location Data: Approximate location (city/region) based on IP address (we do not track precise GPS location)
  • Log Data: IP address, browser type, access times, referring pages, crash logs
  • Analytics Data: App performance metrics, error reports, feature usage statistics

2.3 Information from Third Parties

We may receive information from:

  • Authentication Providers: If you sign up using social login (Google, Apple, etc.)
  • Analytics Services: Aggregated usage data from analytics providers
  • AI Services: Processed food recognition data from Anthropic AI (Claude) for photo scanning

3. How We Use Your Information

We use your information for the following purposes:

3.1 Provide and Improve the Service

  • Create and manage your account
  • Track your pantry inventory and expiration dates
  • Log meals and calculate nutrition information
  • Generate personalized recipe recommendations
  • Process food photos using AI for automatic meal logging
  • Provide shopping list functionality
  • Enable social features (recipe sharing, leaderboards, challenges)
  • Send notifications about expiring food, meal reminders, and challenges

3.2 Personalization

  • Customize content based on your dietary preferences and restrictions
  • Suggest recipes based on pantry contents and eating habits
  • Track progress toward your nutrition and health goals
  • Provide tailored meal plans and shopping suggestions

3.3 Analytics and Improvement

  • Understand how users interact with the Service
  • Identify and fix bugs, errors, and performance issues
  • Analyze trends to improve features and user experience
  • Develop new features and functionality

3.4 Communication

  • Respond to your inquiries and support requests
  • Send you account-related notifications and updates
  • Send promotional emails about new features (you can opt out)
  • Conduct surveys to gather feedback

3.5 Legal and Security

  • Comply with legal obligations and law enforcement requests
  • Enforce our Terms of Service and Community Guidelines
  • Detect, prevent, and address fraud, abuse, and security issues
  • Protect the rights, property, and safety of SuddenPlate and our users

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We may share data with third-party service providers who perform services on our behalf:

  • Supabase: Database hosting and authentication
  • AWS S3: Cloud storage for photos and files
  • Anthropic (Claude AI): AI-powered food recognition and recipe generation
  • Vercel: Application hosting and deployment
  • Email Providers: Transactional and marketing emails
  • Analytics Providers: Usage analytics and performance monitoring

These service providers are contractually obligated to protect your data and use it only for the purposes we specify.

4.2 Other Users

When you use social features:

  • Recipes you share publicly are visible to all SuddenPlate users
  • Your display name, profile photo, and XP level are visible to other users
  • Leaderboard rankings show your display name and points
  • Challenge participation may show your username and progress

4.3 Legal Requirements

We may disclose your information if required by law or in response to:

  • Subpoenas, court orders, or legal process
  • Law enforcement requests
  • National security or public safety concerns
  • Protection of our rights, property, or safety

4.4 Business Transfers

If SuddenPlate is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information is transferred and becomes subject to a different privacy policy.

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our Service. Types of cookies we use:

  • Essential Cookies: Required for authentication and core functionality
  • Preference Cookies: Remember your settings and preferences
  • Analytics Cookies: Understand usage patterns and improve the Service
  • Marketing Cookies: Track campaign effectiveness (you can opt out)

You can control cookies through your browser settings. However, disabling certain cookies may limit your ability to use some features of the Service. See our Cookie Policy for more details.

6. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption in transit (HTTPS/TLS) and at rest
  • Secure password hashing using bcrypt
  • Regular security audits and vulnerability assessments
  • Access controls limiting employee access to personal data
  • Automated backups and disaster recovery procedures
  • Row Level Security (RLS) policies in our database

However, no method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for keeping your password confidential and notifying us immediately of any unauthorized access.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

7.1 General Rights

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data
  • Portability: Export your data in a machine-readable format
  • Opt-Out: Unsubscribe from marketing communications

7.2 GDPR Rights (European Users)

If you are in the European Economic Area (EEA), you have additional rights under GDPR:

  • Right to object to processing
  • Right to restrict processing
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority

7.3 CCPA Rights (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (we do not sell data)
  • Right to non-discrimination for exercising your rights

How to Exercise Your Rights

To exercise your privacy rights:

  • Email us at privacy@suddenplate.com
  • Use the in-app account settings to update or delete your data
  • Click "Unsubscribe" in marketing emails

We will respond to verified requests within 30 days (or as required by applicable law). We may ask for additional information to verify your identity before processing your request.

8. Children's Privacy (COPPA Compliance)

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are under 13, please do not use the Service or provide any information.

If we learn we have collected personal information from a child under 13 without parental consent, we will delete that information immediately. If you believe we may have information from or about a child under 13, please contact us at privacy@suddenplate.com.

Users between 13 and 18 should have parental or guardian permission before using the Service.

9. Third-Party Services

The Service integrates with third-party services that have their own privacy policies:

We are not responsible for the privacy practices of third-party services. We encourage you to review their privacy policies before providing them with your information.

10. International Users

SuddenPlate is based in the United States. If you access the Service from outside the US, your information will be transferred to, stored, and processed in the United States.

The US may have different data protection laws than your country. By using the Service, you consent to the transfer of your information to the US and processing in accordance with this Privacy Policy.

If you are in the EEA, we rely on Standard Contractual Clauses approved by the European Commission for data transfers to the US.

11. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy. Specific retention periods:

  • Account Data: Retained until you delete your account
  • Meal Logs and Pantry Data: Retained for the life of your account
  • Usage Data and Analytics: Retained for up to 24 months
  • Legal/Compliance Data: Retained as required by law
  • Marketing Data: Retained until you opt out

When you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention, backup systems).

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by:

  • Posting the updated policy on this page
  • Updating the "Last Updated" date
  • Sending you an email notification
  • Displaying an in-app notification

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes are posted constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

SuddenPlate Privacy Team

Email: privacy@suddenplate.com

Support: support@suddenplate.com

For GDPR requests: gdpr@suddenplate.com

For CCPA requests: ccpa@suddenplate.com