Get the App

Legal

Privacy Policy

This policy explains what NeatEat collects, why, who we share it with, and the choices and rights you have. NeatEat is a budgeting meal planner; we aim to collect only what we need to run it.

Last updated: June 19, 2026

Draft — this document is a draft pending legal review before launch. Bracketed values such as [LEGAL_ENTITY_NAME] are placeholders to be completed.

This Privacy Policy describes how [LEGAL_ENTITY_NAME] (“NeatEat,” “we,” “us”) handles personal information when you use the NeatEat mobile app and website (the “Service”). It applies to users in [JURISDICTION] and, where applicable, to users protected by the GDPR and CCPA/CPRA. Effective date: [EFFECTIVE_DATE].

1. Information we collect

Information you provide

  • Account details: your email address and name, and the OAuth identifiers we receive when you choose to sign in with Google or Apple (such as a unique account ID and the email you authorize).
  • Planning data: the meal plans you build, recipes you save, your weekly budget, and preferences (e.g. dietary preferences and allergens you set, household size, and the store you choose).
  • Communications: messages you send us for support or feedback.

Information collected automatically

  • Device & usage data: device type and operating system, app version, language, general interaction events, crash logs, and approximate (non-precise) location inferred from your IP address.
  • Advertising identifiers: because the app is supported by ads, we and our ad partners may process advertising identifiers (such as Apple’s IDFA or Google’s Advertising ID) where you permit it. See “Advertising” and “Your tracking choices” below.

NeatEat is a budgeting meal planner — not a fitness, nutrition, or medical app — so we do not collect health or nutrition metrics about you.

2. How we use your information

  • To create and maintain your account and sync your plans across devices.
  • To generate and suggest meal plans and build your grocery list.
  • To operate, secure, debug, and improve the Service.
  • To show ads and measure their performance (with your permission where required).
  • To respond to your support requests and send service-related notices.
  • To comply with legal obligations and enforce our Terms.

Where the GDPR applies, our legal bases are: performance of a contract (running the Service), our legitimate interests (securing and improving the Service), your consent (for non-essential analytics and tracking), and compliance with legal obligations.

3. Advertising and affiliate links

NeatEat is free to use and supported by advertising and affiliate links. Ads may be served by third-party ad networks that use advertising identifiers and similar technologies to show and measure ads. Some links to grocery or product partners are affiliate links, which means we may earn a commission if you make a purchase. This never changes the price you pay, and affiliate relationships do not let partners read your plans.

4. How we share information

We do not sell your personal information for money. We share data only with service providers and partners who help us run the Service:

  • Supabase — our backend host (authentication, database, storage), which stores your account and planning data on our behalf.
  • Google & Apple Sign-In — identity providers when you choose to sign in with them.
  • Our analytics provider — to understand aggregate usage (loaded only with your consent on the web; configurable in the app).
  • Our ad network — to serve and measure ads, which may involve advertising identifiers.
  • Affiliate partners — when you follow an affiliate link, that partner’s own privacy practices apply on their site.

Under certain privacy laws (e.g. the CCPA/CPRA), sharing data with ad partners for cross-context behavioral advertising may be considered a “sale” or “share.” You can opt out — see “Your tracking choices” and “Your rights” below. We may also disclose information to comply with law or protect rights, safety, and security.

5. Data retention

We keep your personal information for as long as your account is active or as needed to provide the Service. If you delete your account, we delete or de-identify your personal data within a commercially reasonable period (typically within 30 days), except where we must retain certain records to comply with legal, accounting, or security obligations. See our Account & Data Deletion page.

6. Your rights

Depending on where you live, you may have the right to access, correct, export (portability), or delete your personal data, to object to or restrict certain processing, and to withdraw consent. If you are in the EEA/UK (GDPR) or California (CCPA/CPRA), these rights apply to you, including the right not to be discriminated against for exercising them.

  • Access & export: request a copy of your data.
  • Deletion: delete your account in-app or by request — see Account & Data Deletion.
  • Opt out of ad tracking / “sale” or “share”: use your device tracking controls and the choices described below.

To exercise any right, email privacy@neateat.app. We may need to verify your identity first.

7. Children’s privacy

NeatEat is not directed to children. The Service is intended for users aged 13 and older, and we do not knowingly collect personal information from children under 13 (consistent with COPPA). If you believe a child under 13 has provided us personal information, please contact privacy@neateat.app and we will delete it.

8. App Tracking Transparency & tracking choices

On iOS, we ask for your permission through Apple’s App Tracking Transparency (ATT) prompt before tracking you across apps and websites owned by other companies for advertising. If you decline, we will not use the device’s advertising identifier to track you in that way. On Android, you can reset or limit your Advertising ID in system settings. On the web, non-essential analytics load only after you consent via our cookie banner.

9. International data transfers

We may process and store information in countries other than where you live, including the United States. Where required, we rely on appropriate safeguards (such as the EU Standard Contractual Clauses) to protect your information when it is transferred internationally.

10. Cookies and similar technologies

Our website uses essential cookies to function and, with your consent, analytics cookies. For details and your choices, see our Cookie Policy.

11. Security

We use reasonable technical and organizational measures to protect your information, including encryption in transit and access controls. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

12. Changes to this policy

We may update this policy from time to time. We will revise the “last updated” date above and, for material changes, provide additional notice where required.

13. Contact us

Questions or requests about privacy? Email privacy@neateat.app, or write to [LEGAL_ENTITY_NAME], [JURISDICTION].