Freya LogoFreya

Privacy Policy

Last updated: April 5, 2026

1. Introduction

Freya ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application ("App").

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, name (optional), and account preferences
  • Profile Data: Dietary preferences, allergies, household size, and nutritional goals
  • User Content: Custom recipes, meal plans, and grocery lists you create
  • Communications: Messages you send to our support team

2.2 Information Collected Automatically

  • Device Information: Device type, operating system, unique device identifiers
  • Usage Data: Features used, interactions, and time spent in the App
  • Log Data: Error reports and performance data
  • Purchase Information: Subscription status and transaction IDs (not payment details)

2.3 Information from Third Parties

When you import recipes from social media platforms, we receive the recipe content you choose to import. We do not access your social media accounts or personal information from those platforms.

3. How We Use Your Information

We use your information to:

  • Provide and improve our meal planning services
  • Generate personalized meal plans based on your preferences
  • Create grocery lists from your meal plans
  • Calculate nutritional information and track macros
  • Process subscriptions and manage your account
  • Send important updates about the App
  • Respond to your support requests
  • Analyze usage patterns to improve the App
  • Detect and prevent fraud or abuse

4. Data Storage and Security

Your data is stored securely using industry-standard encryption. We use Firebase/Google Cloud Platform for data storage, which provides robust security measures including:

  • Encryption in transit and at rest
  • Regular security audits
  • Access controls and authentication
  • Automatic backups

5. Data Sharing

We do not sell your personal information. We may share your data with the following categories of service providers (data processors):

5.1 Service Providers

  • Google Firebase (Google LLC): Authentication, cloud database, file storage, push notifications, and crash reporting (Crashlytics). Data processed: email, user ID, device identifiers, crash logs.
  • Firebase Analytics (Google LLC): Usage analytics to improve the App. Data processed: anonymous user ID, device type, screen views, feature interactions. No email or name is sent to Analytics.
  • PostHog (PostHog Inc.): Product analytics to understand feature usage. Data processed: anonymous user ID, event data (taps, screens, subscription events), device platform. No email or name is sent to PostHog.
  • Sentry (Functional Software, Inc.): Error tracking and performance monitoring to diagnose bugs. Data processed: user ID, email (for support correlation), error stack traces, device info. Email is only accessed by our engineering team for debugging user-reported issues.
  • OpenAI / OpenRouter / Google Gemini: AI-powered recipe generation and photo ingredient recognition. Data processed: recipe prompts, meal preferences, submitted photos. Your email, name, and account details are never sent.
  • Apple App Store / Google Play: Subscription processing and receipt validation. We never receive your payment card details.

Each processor is bound by a Data Processing Agreement and processes data only per our instructions.

5.2 Legal Requirements

We may disclose information if required by law, legal process, or to protect the rights, property, or safety of Freya, our users, or others.

6. Your Rights and Choices

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate data
  • Deletion: Request deletion of your account and data
  • Export: Download your data in a portable format
  • Opt-out: Disable optional data collection in App settings

To exercise these rights, contact us at [email protected]

7. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Upon account deletion:

  • Personal data is deleted within 30 days
  • Anonymized analytics data may be retained
  • Some data may be kept for legal compliance purposes

8. Children's Privacy

The App is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

9. International Data Transfers

Your data may be transferred to and processed in the United States and other countries where our service providers operate. For transfers from the European Economic Area (EEA), United Kingdom, or Switzerland to the United States, we rely on:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • The EU-U.S. Data Privacy Framework (DPF) where applicable (e.g., Google is DPF-certified)
  • Supplementary technical measures (encryption in transit and at rest)

You can request a copy of the safeguards by contacting [email protected].

10. Third-Party Links

The App may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the App or via email. The "Last updated" date at the top indicates when the policy was last revised.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act, including:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to say no to the sale of personal information
  • Right to equal service and price

We do not sell personal information. To exercise your rights, contact us using the information below.

13. European Privacy Rights (GDPR)

If you are in the European Economic Area, you have rights under the General Data Protection Regulation, including the rights listed in Section 6 above, plus:

  • Right to restrict processing
  • Right to object to processing
  • Right to lodge a complaint with a supervisory authority

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at:

Email: [email protected]

General Support: [email protected]

← Back to Home