Skip to content
Pre-launch draft. This is a summary of our intended privacy practices. The full, lawyer-reviewed policy will be published at launch and will supersede this page.

Privacy Policy

Effective date: to be set at launch

What we collect and why

Account

Email address and authentication ID, used for sign-in (magic link / 6-digit code). No password is stored.

Household & members

Names, whether a member is a child, and their allergens, dietary preferences, and school lunch rules — the core data that makes plans safe and personalised.

The loop

Inventory, recipes, meal plans, shopping lists, and lunchboxes you create inside the app.

Receipts

Receipt photos and the line items and prices read from them. Prices are anonymised before being added to the community price index (Presyo). We do not retain personally identifiable receipt data.

Subscription status

Your Listahan Pro subscription status, managed through RevenueCat with Apple or Google. We never receive your payment card details.

Diagnostics

Privacy-preserving analytics (PostHog) and crash data (Sentry). We collect no food content and no PII in diagnostics. You can opt out at any time in Settings → Privacy → Share diagnostics.

What we don't collect

We do not collect your location or GPS coordinates. We do not receive payment card details (Apple and Google handle those through their secure systems). We use no advertising identifiers or tracking pixels. We do not sell your data to any third party, ever.

Sensitive data — allergens

Allergen and dietary information is health-adjacent data. We treat it as a special category: processed only with your explicit consent, used only to keep your family's meals safe, and always presented with the in-app reminder that allergen checks are automated guidance — not medical advice. Read product labels yourself; the app is a tool to help, not a guarantee.

Who we share it with

We share your data only with vetted processors, each limited to what they need for their specific job:

  • Supabase Hosting, database, authentication, and file storage.
  • Google Gemini, Anthropic Claude, OpenAI AI processing of meal suggestions, recipe parsing, receipt scanning, and voice content. Only the content you submit is sent; no persistent user profile is shared with these providers.
  • RevenueCat + Apple / Google Subscription management and payments.
  • PostHog Privacy-preserving analytics (opt-out available in Settings).
  • Sentry Crash reporting and error diagnostics.

Children's data

Listahan is designed for adults — the household account holder. A parent or guardian may enter information about their children (such as a first name and allergens) to make meals safe. That data is entered by the adult, not collected directly from children. You can edit or delete any child profile at any time in Settings → Family, or by deleting the household entirely.

Your rights

Depending on where you live, you may have rights to access, correct, export, or delete your personal data, and to withdraw consent for analytics. Here's how to exercise them:

  • Export / delete Settings → Account → Delete Account (permanent removal of all your data)
  • Opt out of analytics Settings → Privacy → Share diagnostics
  • Any other request Email support@listahan.co

Data retention

We retain your data for as long as your account is active. When you delete your account, personal data is removed from our primary systems within 30 days. Anonymised price index data (derived from receipts) may remain as part of the community dataset, as it is not linked to your identity.

Questions about your privacy or this policy? support@listahan.co