Privacy Policy
This Privacy Policy describes how Flavr ("Flavr," "we," "us," or "our") collects, uses, discloses, and otherwise processes personal information in connection with our website, mobile applications, and related services (collectively, the "Services"). By accessing or using the Services, you acknowledge this Privacy Policy. Your use of the Services is also subject to our Terms of Use.
Quick summary: We collect information you provide, limited device and usage data, and service diagnostics to run and improve Flavr. We may share data with service providers that help operate the app. We do not sell personal information.
1. Information We Collect
Depending on your interactions with the Services, we may collect the following categories of information:
- Account and profile data: Name, email address, username, account credentials (stored in protected form), and optional profile attributes.
- User-submitted content: Recipes, collections, comments, favorites, media, and other content you choose to create, upload, or share.
- Support and correspondence data: Communications with us, support tickets, attachments, and related metadata.
- Device, network, and diagnostics data: IP address, device identifiers, operating system details, app version, crash information, and reliability metrics.
- Usage and event data: Feature usage, interaction timestamps, session-level technical logs, and similar telemetry reasonably necessary for operation and improvement.
- Permission-dependent data: Data accessed through device permissions you grant (for example camera access), limited to the relevant feature scope.
We do not intentionally request special categories of sensitive personal information. If you voluntarily submit such information through content or support channels, you acknowledge that we may process it as reasonably necessary to provide requested services or respond to your communication.
2. How We Use Information
We may process personal information for the following business and commercial purposes:
- To provide, operate, and improve the Services, including account administration and core product functionality.
- To maintain safety, integrity, and security of the Services, including fraud prevention, incident response, and abuse detection.
- To communicate with you regarding support matters, operational notices, and updates to our terms or policies.
- To comply with legal obligations, protect our legal rights, and enforce applicable agreements and policies.
3. Legal Bases for Processing
Where required under applicable law, we rely on one or more of the following legal bases:
- Performance of a contract: Processing necessary to provide requested Services.
- Legitimate interests: Including service administration, product improvement, fraud prevention, and security protection.
- Consent: Where consent is required by law, and subject to withdrawal as permitted by law.
- Legal obligations: Processing necessary to comply with applicable legal and regulatory requirements.
4. Sources of Information
We obtain personal information from: (a) information you provide directly; (b) automated collection generated by use of the Services; and (c) third parties you elect to use in connection with the Services (for example third-party identity providers and app marketplace platforms).
5. Disclosure of Information
We may disclose personal information to the following categories of recipients, as reasonably necessary for the purposes described in this Policy:
- Vendors and service providers: Including infrastructure, hosting, customer support, communications, analytics, and security providers acting on our behalf.
- Platform and payment ecosystem participants: Such as Apple App Store and Google Play, where relevant to subscriptions, purchases, distribution, or billing support.
- Professional advisors and legal recipients: Auditors, counsel, regulators, law enforcement, courts, or other competent authorities where required or appropriate under law.
- Corporate transaction counterparties: In connection with mergers, financings, reorganizations, acquisitions, bankruptcy proceedings, or sale of assets.
For in-app subscriptions and purchases, payment processing is handled by the applicable app marketplace (for example, Apple App Store or Google Play). We do not receive or store full payment card numbers or payment security codes.
We use service providers to support subscription infrastructure, authentication, database and cloud storage operations, backend orchestration, hosting, service reliability, analytics, fraud prevention, and security. In the course of providing these services, such providers may process personal information on our behalf, and they are contractually restricted from using or disclosing personal information except as necessary to provide services to us and as otherwise permitted by applicable law.
We do not sell personal information or share personal information for cross-context behavioral advertising, as those terms are defined under applicable U.S. state privacy laws.
6. Cookies and Similar Technologies
We do not currently use cookies for analytics or advertising on our website.
7. AI Features
Flavr may provide AI-enabled features. Inputs, outputs, and related contextual data may be processed by third-party AI providers strictly for feature operation, quality assurance, abuse prevention, and service improvement consistent with applicable law and contractual controls. You are solely responsible for evaluating whether to include sensitive information in AI prompts.
8. Authentication Methods
You may access Flavr using username/password credentials or a supported third-party identity provider. If you choose third-party authentication, we receive only the account information the provider is authorized to share with us based on your provider settings and permissions (for example, your name, email address, and provider account ID).
We use authentication data solely to create, authenticate, secure, and maintain your Flavr account. We do not receive your third-party provider password. Information received from third-party providers is also subject to each provider's own privacy policy and terms.
9. Data Retention
We retain personal information for as long as reasonably necessary to fulfill the purposes described in this Policy, including service delivery, account administration, legal compliance, dispute resolution, security, fraud prevention, and enforcement of legal rights. Applicable retention periods may differ by data category and legal requirement.
10. Data Security
We implement administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, disclosure, alteration, and destruction. While we work to protect your information, no transmission or storage system can be guaranteed to be fully secure.
11. Children's Privacy
The Services are not directed to children under 13 years of age (or older age thresholds where required by local law), and we do not knowingly collect personal information from children in those age groups. If we become aware that such information has been collected, we may delete it and take additional account-level actions as appropriate.
12. International Data Transfers
Personal information may be processed in jurisdictions other than the jurisdiction in which you reside. Where required, we implement legally recognized transfer mechanisms and safeguards for cross-border transfers.
13. Your Privacy Rights
Subject to applicable law, you may have rights to request access, correction, deletion, restriction, objection, and data portability, and to withdraw consent where consent is the legal basis for processing. These rights are not absolute and may be limited by legal exceptions.
If you created an account, you can request account deletion from within the app through the account settings. When processed, we delete or de-identify your account and associated personal information, subject to limited retention required for legal compliance, security, fraud prevention, dispute resolution, and enforcement of legal rights.
To submit a request, contact us as described in Section 18. We may require identity verification and additional information before processing requests and may deny or limit requests as permitted by law.
14. State Privacy Rights
Residents of certain U.S. states may be entitled to additional rights, including rights to know, access, correct, delete, and opt out of certain processing activities, subject to statutory limitations and exceptions. Where required, you may also designate an authorized agent to act on your behalf, subject to verification procedures.
Where required by applicable law, if we deny your request, you may appeal by contacting us as described in Section 18 and indicating your message is an appeal. We will review and respond within the timeframe required by law.
15. Do Not Track
Some browsers offer a "Do Not Track" (DNT) setting. Because no industry-standard DNT protocol has been adopted, the Services do not currently respond to DNT signals.
16. Third-Party Links and Services
The Services may include links to third-party websites, applications, or services that we do not operate. Their privacy and security practices are governed by their own policies and terms. We encourage you to review those policies, as this Privacy Policy applies only to Flavr Services.
17. Policy Updates
We reserve the right to modify this Privacy Policy at any time. Changes become effective upon posting unless otherwise required by law. Where legally required, we will provide additional notice for material changes.
18. Contact Us
If you have questions regarding this Privacy Policy or wish to submit a privacy request, contact . Communications to this inbox do not create any contractual obligation beyond obligations imposed by applicable law.