Privacy Policy
1 Who We Are
MealSwipe: Recipe Finder ("MealSwipe", "we", "us", "our") is a mobile application published on the Apple App Store by Alpdigital (alpdigital.io). The app helps users discover recipes through a swipe-based interface.
This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information when you use the MealSwipe iOS application (the "App").
2 Data Collected On Your Device
The following data is generated and stored exclusively on your device using Apple's standard UserDefaults and file system APIs. It is never transmitted to our servers (we operate no backend servers).
| Data Type | Purpose | Where Stored | Shared? |
|---|---|---|---|
| Dietary preferences, allergen filters, cuisine choices | Personalise recipe results | On-device only | No |
| Swipe history (liked / disliked recipe IDs) | Improve recommendations | On-device only | No |
| Saved recipes & cooking history | Favourites & Flavor DNA feature | On-device only | No |
| Premium status flag | Unlock premium features | On-device only | No |
| Anonymous device ID (UUID) | Crashlytics user identification (non-personal) | On-device + Firebase Crashlytics | Firebase (Google) only |
3 Data Collected via Firebase (Analytics & Crashlytics)
MealSwipe integrates Firebase Analytics and Firebase Crashlytics, services provided by Google LLC. These services automatically collect certain technical data to help us understand how the App is used and to fix crashes.
| Firebase Service | What It Collects | Purpose |
|---|---|---|
| Firebase Analytics | Anonymous app usage events (screen views, swipe actions, feature taps), device type, OS version, app version, approximate country/region (not precise location) | Understand which features are used, improve the app |
| Firebase Crashlytics | Crash reports, stack traces, device model, OS version, anonymous device ID (UUID we generate — not your Apple ID or IDFA) | Detect and fix app crashes |
Firebase data is processed by Google LLC under Google's Privacy Policy: policies.google.com/privacy
Google acts as a data processor on our behalf under a Data Processing Agreement. Firebase data may be stored on Google's servers located in the United States and other countries.
Opt-out: You can reset or limit advertising identifiers on your iPhone via Settings → Privacy & Security → Tracking. This limits Firebase Analytics' ability to aggregate data across sessions.
4 Data We Do NOT Collect
We explicitly do not collect, access, or process:
- Your name, email address, phone number, or any contact information
- Precise GPS location or location history
- Camera, microphone, or photo library access
- Device contacts or calendar data
- Health or fitness data (HealthKit)
- Advertising identifiers (IDFA) — we do not use ad networks
- Behavioural tracking across other apps or websites
- Payment card or financial information (handled exclusively by Apple)
- Your actual dietary health conditions, medical diagnoses, or allergen test results
5 In-App Purchases & Apple
MealSwipe offers optional premium features through In-App Purchases processed exclusively through Apple's App Store and StoreKit framework.
- We never see, store, or process your payment details — Apple handles all transactions.
- Apple's Privacy Policy governs purchase data: apple.com/legal/privacy
- Your premium status is stored only on your device after Apple confirms the purchase.
- Restore Purchases uses Apple's receipt validation — no personal data is sent to us.
6 Third-Party Services
MealSwipe uses only the following third-party services:
| Service | Provider | Purpose | Privacy Policy |
|---|---|---|---|
| Firebase Analytics | Google LLC | Anonymous usage analytics | policies.google.com/privacy |
| Firebase Crashlytics | Google LLC | Crash reporting | policies.google.com/privacy |
| App Store / StoreKit | Apple Inc. | App distribution, IAP | apple.com/legal/privacy |
7 Children's Privacy (COPPA)
MealSwipe is rated 4+ on the App Store and is suitable for all ages. We do not knowingly collect personal information from children under 13 (or the minimum age required in your jurisdiction).
Firebase Analytics is configured to not collect data from users who have enabled "Limit Ad Tracking" on their devices. Parents may disable analytics data collection by enabling this setting on their child's device.
If you believe a child has provided personal information through the App, please contact us at [email protected] and we will take immediate steps to delete such information.
8 Your Rights (GDPR / CCPA / KVKK)
European Economic Area & UK (GDPR): Our legal basis for processing Firebase Analytics data is legitimate interest (improving app quality and stability). You have the right to object to this processing. On-device data is under your full control. To exercise any GDPR right, contact us at [email protected]. We will respond within 30 days.
California (CCPA / CPRA): MealSwipe does not sell personal information. We do not share personal information with third parties for cross-context behavioural advertising. California residents have the right to know, delete, and opt-out — contact us at [email protected].
Turkey (KVKK — 6698 Sayılı Kanun): Bu Gizlilik Politikası, 6698 sayılı Kişisel Verilerin Korunması Kanunu (KVKK) kapsamındaki yükümlülüklerimizi de kapsamaktadır. Uygulama, kişisel veri olarak nitelendirilebilecek bilgileri (Firebase aracılığıyla anonim kullanım verisi) yalnızca uygulama kalitesinin iyileştirilmesi amacıyla işlemekte olup bu veriler üçüncü kişilerle paylaşılmamaktadır. KVKK kapsamındaki haklarınız için [email protected] adresine yazabilirsiniz.
All users: You can delete all on-device data at any time by using Profile → Clear All Data in the app, or by uninstalling MealSwipe.
9 Data Retention & Deletion
On-device data is retained until you uninstall the app, use "Clear All Data", or reset your device.
Firebase Analytics data is retained for 14 months by default, after which it is automatically deleted by Google. Aggregated reports may be retained longer but cannot be linked to individual users.
Firebase Crashlytics data is retained for 90 days.
To request deletion of Firebase data associated with your anonymous device ID, contact us at [email protected] with your device ID (visible in app debug logs). We will submit a deletion request to Firebase on your behalf.
10 Security
We implement appropriate technical and organisational measures to protect data:
- On-device data is protected by iOS device encryption (enabled by default with a passcode).
- Firebase data is transmitted over HTTPS (TLS encryption).
- Firebase data is stored in Google's SOC 2 and ISO 27001 certified infrastructure.
- We do not operate any MealSwipe servers, eliminating server-side breach risks for personal data.
We recommend keeping your iOS software up to date to benefit from Apple's latest security improvements.
11 Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page and, for material changes, notify users via an in-app notice.
Continued use of MealSwipe after any changes constitutes acceptance of the updated Privacy Policy. We encourage you to review this page periodically.
12 Contact Us
For any privacy-related questions, data requests, or to exercise your rights:
- Email: [email protected]
- Website: alpdigital.io
- Response time: Within 30 days