Privacy Policy of Smart Pantry

Latest update: March 25, 2026

Short version: Smart Pantry helps you track pantry items and reduce food waste. We store your account info, pantry items, and product data on our servers. We use Firebase for authentication, analytics, and crash reporting. We use Google Gemini AI to detect expiry dates from label photos you choose to send. We do not show ads and we do not sell your data.

Owner and Data Controller

Ivan Morgillo

Official app name: Smart Pantry
Contact: [email protected]

Overview

Smart Pantry is a mobile application that helps you track pantry items, scan product barcodes, and receive expiry date reminders. Your account information, pantry items, and product data are stored on our backend servers to sync your data across sessions. We use third-party services for authentication, analytics, error monitoring, product data lookup, and AI-powered expiry date detection.

Types of Data Collected

Data stored on our servers

Account information: Basic profile information (email address, display name, and user ID) provided by your chosen sign-in method (Google or Apple).
Pantry data: Your pantry items, including product names, brands, categories, expiry dates, item status (stored, consumed, expired, discarded), and timestamps.
Product data: Product information retrieved from barcode scans (name, brand, category, image URL), cached on our servers to reduce repeated lookups.

Data you choose to send

Product label photos: If you use the AI expiry date detection feature, the photo you take is sent to our server and forwarded to Google Gemini AI for analysis. We do not store these photos after processing.

Data collected automatically by third-party services

Device information: e.g., device model, OS version.
Usage data: e.g., app opens, screen views, and crash reports.
Authentication tokens: Stored securely to maintain your session.

Purposes of Processing

Service provision: To store your pantry items, sync data across sessions, and send expiry reminders.
Authentication: To securely log you in using Firebase Authentication (Google Sign-In, Apple Sign-In).
AI features: To detect expiry dates from product label photos using Google Gemini AI, at your request.
Product lookup: To retrieve product information from barcodes via the OpenFoodFacts database.
Analytics: To understand app usage and improve the user experience (via Firebase Analytics).
Stability: To monitor app crashes and errors (via Firebase Crashlytics) to fix bugs.
Feature management: To manage feature availability via Firebase Remote Config.

Third-Party Services We Use

Authentication — Firebase Authentication (Google LLC)

Facilitates sign-in via Google and Apple. Personal Data processed: email address; display name; unique user identifier.

Backend and Data Storage — Custom API Server

Your pantry data is stored on our self-hosted server infrastructure (SQLite database). Data is transmitted over HTTPS.

Product Data — OpenFoodFacts

When you scan a barcode, we look up product information in the OpenFoodFacts open database. We send only the barcode number. OpenFoodFacts is a non-profit open data project.

AI Expiry Detection — Google Gemini API (Google LLC)

When you use the AI expiry date detection feature, your photo and product context (name, category) are sent to Google’s Gemini API. Google may process this data according to their API terms.

Analytics — Firebase Analytics (Google LLC)

Provides aggregated app usage measurement (e.g., app opens, session duration). Personal Data processed: usage data; device information.

Error Tracking — Firebase Crashlytics (Google LLC)

Identifies and reports app crashes in real time. Personal Data processed: device information; OS version; stack traces.

Feature Flags — Firebase Remote Config (Google LLC)

Used to manage feature availability (e.g., AI expiry detection rollout). May process: device information; app instance identifiers.

Data Retention

Account and pantry data: Retained as long as your account is active. You may delete your account and all associated data at any time from the app’s Settings screen.
Product label photos: Not stored. Photos are processed in memory and discarded after the AI expiry detection response is received.
Third-party data: Retained according to the retention policies of the respective third-party services (Google, OpenFoodFacts).

Your Choices and Controls

Account deletion: You can delete your account and all server-stored data directly from the Settings screen in the app.
AI features: The AI expiry date detection feature is opt-in. You choose when to take and send a photo. You can always enter expiry dates manually instead.
Notifications: Expiry reminders are scheduled locally on your device. You can disable them through your device’s notification settings or the app’s Settings screen.
Sign out: You can sign out at any time from the Settings screen.

International Transfers

Your data is processed on servers located in Germany (EU). Third-party services (Firebase, Google Gemini) may process data in multiple countries, including the United States. For details, see the respective service privacy policies linked above.

"Do Not Sell or Share" (US State Privacy Disclosures)

We do not sell or share your personal information with third parties for advertising or marketing purposes. Smart Pantry does not display ads.

Children’s Privacy

Smart Pantry is not directed to children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided personal data, please contact us so we can take appropriate action.

Security

We take reasonable measures to protect your data, including HTTPS encryption for all data in transit and restricted server access. No method of storage or transmission is 100% secure; you should keep your device secure (screen lock, OS updates).

Changes to This Policy

We may update this policy to reflect operational, legal, or platform changes. We will post the updated policy on this page and update the "Latest update" date at the top.

Contact Us

For questions about this Privacy Policy or your data, contact:

Ivan Morgillo — [email protected]