Privacy Policy (iOS)

Chopa Chef — Privacy Policy for iOS

Last updated: March 2, 2026

This Privacy Policy explains how the Chopa Chef iOS application and its related backend services (together, the “Service”) collect, use, disclose, and protect information about you.

Quick summary (high level)

  • We collect account info (like email), settings, and content you choose to upload or create (recipes, meal logs, images).
  • We use data to provide features (sync, meal logging, AI-assisted analysis), keep the Service secure, and support subscriptions.
  • We share data with vendors needed to run the Service (hosting/storage, AI providers, subscriptions via RevenueCat), or when required by law.
  • You control permissions in iOS Settings (camera, photos) and can request access, export, or deletion of your data by contacting us.

1) Who we are

For purposes of privacy laws, the operator of the Service (the “Company,” “we,” “us,” or “our”) is the developer/publisher of the Chopa Chef iOS app. If you need our legal entity name and address, contact us and we will provide it.

2) Scope

This Privacy Policy applies to the iOS app and the backend APIs that power the app. It does not apply to third parties you may access through the Service (for example, Apple, Google, or third-party websites linked from content you import). Third parties have their own privacy policies and terms.

3) What information we collect

3.1 Information you provide directly

  • Account information: email address, login credentials for email/password sign-in (passwords are not stored in plain text), and identifiers from Sign in with Apple or Google Sign-In (such as Apple/Google user IDs).
  • Profile and preferences: display name, language, app language, measurement units, region/country, favorite cuisines, unwanted ingredients, and similar settings.
  • User content: recipes, cookbooks, meal logs, grocery lists, and any other information you enter or save in the app.
  • Images and media: photos you take in the app (for example, meal photos) or select from your device (for example, product photos) when using scanning/import features.
  • Support communications: if you contact us, we may collect the content of your message and contact details you provide.

3.2 Information we collect automatically

When you use the Service, our servers and infrastructure may automatically receive information such as your IP address, approximate location inferred from IP (country/region), request timestamps, device and app information (for example, iOS version, app version), and diagnostic data needed to operate and secure the Service (for example, logs related to authentication, abuse prevention, and error handling).

3.3 Information from third parties

  • Sign in with Apple / Google Sign-In: we receive data needed to authenticate you (for example, tokens and stable identifiers). The exact data depends on the provider and your settings with them.
  • RevenueCat: if you purchase or restore a subscription, RevenueCat and Apple provide subscription status and related identifiers (for example, entitlements, purchase/renewal state). Payment details are handled by Apple and are not directly processed by us.

4) iOS permissions and device access

The iOS app may request permissions at runtime (for example, camera and photos). You can grant or revoke permissions at any time via iOS Settings. If you do not grant certain permissions, some features may not work.

  • Camera: used to take photos for scanning products and meals and for image-based features.
  • Photos: used to let you select existing images for scanning/import features.
  • Local storage: used to store cached app data on your device and store authentication tokens securely using iOS secure storage mechanisms.

5) How we use information

We use information for purposes such as:

  • Providing the Service: creating accounts, authenticating users, syncing your content, and showing your data across sessions/devices.
  • AI-assisted features: analyzing images you choose to upload (for example, meal images for nutrition estimates) and generating or improving recipe content where you request it.
  • Subscriptions: enabling purchases, entitlement checks, restoring purchases, and syncing subscription status with our backend.
  • Security and integrity: detecting, preventing, and investigating fraud, abuse, security incidents, and unauthorized access.
  • Operations: troubleshooting and improving the Service.
  • Legal compliance: complying with applicable laws and enforcing our policies.

6) AI processing, photos, and nutrition information (important)

Some features involve processing images and food-related information. When you upload a meal image for analysis, the image may be stored and referenced by a URL, and the Service may send that image (or its URL) to third-party AI providers to produce results.

Please do not upload sensitive images

Images you upload may be stored using cloud object storage and may be accessible via their URL. While we take reasonable measures to protect data, no system is perfectly secure. Avoid uploading images that include sensitive personal information (for example, IDs, payment cards, medical documents, faces of minors, or other sensitive content).

Nutrition-related outputs are estimates and may be inaccurate. The Service is provided for informational and organizational purposes only and is not medical advice. If you have medical conditions, allergies, or dietary needs, consult a qualified professional.

7) How we share information

We do not sell your personal information. We may share information with service providers needed to run the Service (for example, cloud hosting/storage, AI processing providers, and subscription infrastructure), or when required by law.

8) Data retention

We retain information for as long as necessary to provide the Service and for other legitimate purposes such as complying with legal obligations, resolving disputes, and enforcing agreements.

9) Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information from loss, misuse, unauthorized access, disclosure, alteration, and destruction. However, no security measure can guarantee absolute security.

10) Your choices and controls

  • Permissions: manage camera and photos access in iOS Settings.
  • Subscriptions: manage your subscription through the App Store and, where available, through RevenueCat’s customer center experience.
  • Access, export, and deletion requests: contact us to request access to, export of, correction of, or deletion of your personal information.

11) Children’s privacy

The Service is not directed to children under 13 (or under the age required by local law). We do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact us so we can take appropriate action.

12) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will take reasonable steps to notify you (for example, by updating the “Last updated” date and/or providing in-app notice where appropriate).

13) Contact us

For privacy questions or requests, contact us at privacy@chopa.app. You can also contact support@chopa.app.