Effective Date: 21 May 2026 |
Last Updated: 21 May 2026
Important: FoodHandi is a food discovery and meal tracking application. It is NOT a medical device, nutritionist service, dietitian, or doctor. FoodHandi does not provide medical, nutritional, or dietary advice for any health condition. Nutritional information displayed is sourced from public databases and is approximate. If you have a medical condition, pregnancy, allergy, medication concern, or health question, consult a qualified medical professional. FoodHandi is for general wellness information only.
1. Who We Are
FoodHandi ("we", "us", "our") is a mobile application based in Australia.
When we refer to "FoodHandi", "the Services", or "the App", we mean the FoodHandi mobile application available on Apple App Store and Google Play.
2. Our Commitment
We take your privacy seriously. We collect only the data we need to provide the Services. We do not sell your data to any third party. We store your data securely using industry-standard practices. You have the right to access, export, and delete your data at any time.
This Privacy Policy explains what information we collect, how we use it, and the rights you have regarding your data.
3. Information We Collect
3.1 Information you provide directly
Email address: used for account creation, authentication, and service communications
First name and last name: displayed in your profile and used for personalization
Dietary preferences: e.g. vegetarian, vegan, non-vegetarian, food allergies, chosen cuisines
Meal logs: food items, portions, meal times, and dates you log in the app
Recipe content: recipes you create or upload to the app, including ingredients, steps, titles, and descriptions
Photos: images of food you upload for meal logging, recipe upload, or visual reference
3.2 Information collected automatically
Device information: device type, model, operating system version, app version, language, time zone
Usage data: screens viewed, features used, app interaction events (for improving the app)
Crash reports: diagnostic information when the app encounters errors (no personal content)
Approximate location: country-level detection based on IP address (used for showing regional content)
We do NOT collect precise GPS location.
3.3 Subscription data
If you purchase a subscription through Apple App Store or Google Play:
Subscription status (active, expired, cancelled)
Subscription plan (monthly, annual, Family add-on)
Purchase date
Payment card and billing details are processed by Apple App Store or Google Play. We do not see, store, or have access to your payment card details.
3.4 Content moderation and safety
When you use the AI Chef feature (chat), we may temporarily process your message content to:
Generate responses through third-party AI services (see Section 5)
Detect harmful or prohibited content (per the Terms of Service)
Chat messages are stored in our database to maintain conversation context and for service improvement.
4. How We Use Your Information
We use your information for the following purposes:
Provide the Services: create your account, personalize your experience, deliver the features you use
Improve the app: understand how users interact with features, identify bugs, plan updates
Communicate with you: send account verification, password reset, subscription receipts, service updates, and respond to support requests
Ensure security: detect fraud, prevent abuse, comply with legal obligations
Comply with laws: respond to legal requests from competent authorities when required
We do NOT:
Sell your personal data to any third party
Share your personal data with advertisers for marketing purposes
Use your data for automated decision-making with significant impact
Use your data to train AI models (your personal recipes are not used for AI training unless you explicitly opt in)
5. Categories of Third Parties
We work with a small number of vetted, industry-standard service providers to operate FoodHandi. Each receives only the minimum data needed for their specific function, processes it on our behalf under written contracts, and is bound by confidentiality and security obligations consistent with this Policy and applicable data-protection laws.
Category
Purpose
Data shared
Cloud database & authentication
Storing your account, meal logs, and recipes in an encrypted cloud database
Account data, meal logs, recipes, app events
AI language model providers
Generating AI Chef responses, recipe creation, and food-related queries
Your text queries and recent chat context
Subscription management
Managing subscription status, renewals, and cancellations
Email, subscription plan, purchase history
Apple App Store
App distribution and subscription payments on iOS
Managed under Apple's Privacy Policy
Google Play
App distribution and subscription payments on Android
Managed under Google's Privacy Policy
Crash & diagnostic reporting
Diagnostic information when the app crashes, so we can fix bugs
Device model, OS version, stack trace (no personal content)
We will name a specific sub-processor in writing on request to [email protected]. We do not transfer your personal data to any third party that is not a sub-processor described above.
6. Data Retention
We retain your personal data only as long as needed to provide the Services:
Account data (email, name, preferences): retained while your account is active
Meal logs: retained while your account is active; exported/deleted on request
Recipes: retained while your account is active; deleted on account deletion
Photos: retained while your account is active; deleted on account deletion
Chat history: retained for up to 2 years for service improvement
Subscription records: retained as long as legally required for tax and accounting (typically 7 years in Australia)
Anonymized and aggregated usage data (no personal identifiers) may be retained longer for analytics and service improvement.
7. Your Rights
7.1 Under Australian Privacy Act, Indian DPDP Act, GDPR, and CCPA
You have the following rights regarding your personal data:
Right of access: request a copy of all personal data we hold about you
Right of rectification: update or correct your personal data
Right of erasure (right to be forgotten): delete your account and all associated personal data
Right of data portability: receive your data in machine-readable format
Right to object: object to certain processing of your data
Right to withdraw consent: withdraw consent for data processing at any time
7.2 How to exercise your rights
Delete your account: Profile → Settings → Data & Privacy → Delete Account. Account and personal data are permanently removed from our active systems within 30 days.
Export your data: Profile → Settings → Data & Privacy → Export My Data. Your data is provided in machine-readable format (JSON) within 14 days.
Access / correct data: Profile → Edit Profile for basic corrections. For specific requests, email [email protected].
Other requests: Email [email protected] with your request. We will respond within 14 days.
7.3 If you are in the European Union (GDPR)
In addition to the above rights:
You have the right to lodge a complaint with a supervisory authority
The legal basis for our processing is: (a) performance of a contract (to provide you the Services you have signed up for), (b) legitimate interest (to improve and secure the Services), and (c) your consent (where applicable)
If you do not provide required data, we may not be able to provide the Services
7.4 If you are in California, USA (CCPA + CPRA)
You have additional rights:
Right to know what personal information is collected, used, shared, or sold
Right to opt out of sale of personal information (note: we do not sell your personal information)
Right to non-discrimination for exercising your rights
Right to correct inaccurate personal information
To submit a CCPA request, email [email protected] with subject line "CCPA Request".
7.5 If you are in India (DPDP Act 2023)
You have the rights of access, correction, erasure, and grievance redressal. Our grievance officer contact:
We implement industry-standard security practices to protect your personal data, including:
Encryption of data in transit (HTTPS/TLS)
Encryption of data at rest using industry-standard encryption
Access controls to limit who can access user data
Regular security reviews
However, no method of electronic storage or transmission is 100% secure. In the event of a data breach that affects your personal data, we will notify you and the relevant authorities as required by law.
9. Data Transfers
FoodHandi is operated from Australia. Some of our third-party service providers are based in the United States, European Union, or other countries. When your data is transferred outside your country of residence:
For European users: we rely on Standard Contractual Clauses or equivalent safeguards
For Indian users: transfers are made under the Digital Personal Data Protection Act 2023
For Australian users: transfers comply with the Privacy Act 1988
10. Nutritional Data Sources
FoodHandi displays nutritional information calculated from public databases:
Indian Food Composition Tables (IFCT 2017): published by the Indian Council of Medical Research - National Institute of Nutrition (ICMR-NIN)
USDA FoodData Central: Standard Reference Legacy, Survey FNDDS, Foundation
AUSNUT 2023: published by Food Standards Australia New Zealand
CoFID 2021: published by Public Health England / UK Food Standards Agency
Open Food Facts: open community database (for packaged food barcode scanning)
Where a dish is not directly represented, FoodHandi uses AI estimation, clearly labeled "Chef's estimate" in the interface. Values are approximate and should not be relied upon for medical, clinical, or diagnostic purposes.
11. Children's Privacy
FoodHandi is intended for users 13 years of age or older, in line with the standard age floor for consumer food and nutrition apps. Users aged 13 to 17 should use the Services with the consent and supervision of a parent or legal guardian.
We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us immediately at [email protected] and we will delete such information.
The age rating displayed on the Apple App Store and Google Play reflects the type of content the app may show, including AI-generated text and user-recorded information. It is not the minimum age to create an account. Account creation remains restricted as set out in our Terms of Service.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The current version is always accessible from the App via Profile → Legal section, and at the URL where you are reading this document. We will notify registered users of material changes via email or in-app notification at least 30 days before the changes take effect.
Continued use of the Services after the effective date of updates constitutes acceptance of the revised Privacy Policy.
13. Legal Compliance
This Privacy Policy is designed to comply with:
Australia: Privacy Act 1988 (Cth) and Australian Privacy Principles
India: Information Technology Act 2000, Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011, and Digital Personal Data Protection Act 2023
European Union: General Data Protection Regulation (GDPR)
United States: California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
Other jurisdictions: applicable local privacy laws
14. Contact Us
For questions about this Privacy Policy or our data practices: