Privacy Policy

1. Introduction

At Foodcamera, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our food photography service. Our service transforms food images using artificial intelligence and provides optimized outputs for commercial use.

2. Information We Collect

We collect:

• Account information from Google/Apple authentication
• Food images uploaded or captured through camera
• If you delete your account after having claimed a promotional offer, a salted hash of your email address is temporarily stored to manage a cooldown period for such offers.

3. How We Use Your Information

• Process food images using AI models (details on partners in Section 4)
• Provide image storage in EU-based cloud storage
• Secure authentication through Google/Apple SSO
• Showcase app functionality using generated content (as permitted by our Terms of Service)
• Manage cooldown periods for promotional offers: If you delete your account after redeeming a promotional offer, we use a salted hash of your email address for a limited time to prevent immediate re-signup for the same offer. This helps us prevent abuse of our promotional system.

4. Information Sharing

We share data with:

• Your image data with US-based AI processing partners (Replicate.com) andOpenAI. These transfers are necessary to provide the core AI features of our service.
• Your input form data with Google Gemini models, potentially involving data processing outside the EU.
• EU-based cloud storage providers (Cloudflare R2)
• Error tracking and performance monitoring data with Sentry. Sentry is configured not to capture any Personally Identifiable Information (PII) from your users.

5. Cookies and Tracking Technologies

Our website does not use cookies for tracking user behavior or for analytics purposes. We prioritize your privacy and have designed our service to function without the need for browser cookies or similar tracking technologies for these purposes.

We do utilize tools such as Sentry for application performance monitoring and error tracking. These tools help us improve the stability and performance of our service. Sentry is configured not to collect Personally Identifiable Information (PII) and does not use cookies to track individual user activity for analytics. You can find more information about Sentry in Section 4.

If we implement any analytics tools or other tracking mechanisms that use cookies in the future, this privacy policy will be updated accordingly, and you will be notified of the changes.

6. Data Retention Policy

We retain your account information and uploaded images until you explicitly request their deletion. There is no automatic expiration date for your data in our systems.

If you wish to have your data deleted, you can:

• Delete your account and all associated data directly within the application using the self-service feature (Settings > Delete Account).
• Request deletion of specific images through the application.
• Alternatively, contact us at foodiefilmapp@gmail.com to request complete account data deletion.
• Revoke OAuth permissions through Google/Apple settings, which will prevent further access but won't automatically delete existing data.

Upon receiving a deletion request, we will process it within 30 days and send confirmation once completed.

Please note: In cases where an account is deleted after a promotional offer (e.g., free credits) has been claimed, we retain a salted, non-reversible hash of the associated email address for a specific cooldown period (e.g., 90 days). This is solely for the legitimate interest of preventing abuse of our promotional offers. The original email address and all other personal data are deleted as per your request. This hashed identifier cannot be used to re-identify you or contact you, and is automatically purged after the cooldown period expires.

7. Data Security

We implement administrative, technical, and physical security measures compliant with GDPR/CCPA to help protect your personal information. Key measures include:

• Primary data storage within the European Union
• OAuth2 token validation for secure authentication
• Secure data transfer protocols
• Regular security assessments

While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.

8. International Transfers

Your primary account information and processed images are stored within the European Union. However, to provide our AI-powered image transformation features, we need to transfer your uploaded images to our processing partners, OpenAI and Replicate, which are located in the United States. We may also utilize Google Gemini models, which could involve data processing in various locations depending on Google's infrastructure.

We ensure these transfers comply with GDPR requirements by relying on appropriate safeguards, such as Standard Contractual Clauses (SCCs) or the EU-U.S. Data Privacy Framework, as implemented by our partners. You can find more information in their respective privacy policies linked in Section 4.

9. Your Rights

• Request access to the personal data we hold about you
• Request deletion of uploaded images or your entire account
• Export your processed images
• Revoke OAuth permissions

10. Children's Privacy

Our service requires users to be at least 16 years of age. By using our service, you represent that you are at least 16 years old.

We do not knowingly collect personal information from individuals under 16 years of age. If we discover that we have inadvertently collected personal information from someone under 16, we will promptly delete this information.

If you believe we might have collected information from a user under 16, please contact us at foodiefilmapp@gmail.com.

11. Policy Changes

Updates will be notified via email 30 days prior to changes.

12. GDPR Compliance

As an EU-based service, we adhere to GDPR requirements:

• Right to data portability (export in JPEG/PNG formats)
• Legal bases for processing:
  • Contractual necessity: Processing your images (including necessary international transfers for AI features) and account data to provide our core service
  • Consent: For authentication through Google/Apple services, which you can withdraw at any time
  • Legitimate interests: For security, fraud prevention, service improvement (including error tracking and performance monitoring), where not overridden by your rights
• Data Protection Officer: foodiefilmapp@gmail.com

13. Governing Law

This Privacy Policy is governed by German law.