Privacy Policy

1. General Information

This Privacy Policy explains how personal data is processed when using the ReFridge mobile application and the associated website.
We take the protection of personal data seriously and process data exclusively in accordance with the General Data Protection Regulation (GDPR) and applicable European and German data protection laws.

2. Data Controller

Responsible entity pursuant to Art. 4(7) GDPR:

Janik von Dühren
Hamerweg 116
41068 Mönchengladbach
Germany

E-mail: contact.refridge@proton.me

3. Scope of Application

This Privacy Policy applies to:

• the ReFridge mobile application

• the associated website and related online services

4. Data Processing in the App

4.1 Local Data Storage

ReFridge is designed with a privacy-first approach.

All data entered by users is stored exclusively locally on the user’s device.
No personal data is stored on external servers or cloud systems operated by us.

This includes, in particular:

• food inventory entries

• expiration dates

• meal plans

• shopping lists

• app preferences (language, theme, settings)

4.2 Personal Data Processed

a) User-provided data

• App settings and preferences

• Food, shopping, and meal planning data

All such data remains locally on the device.

b) Automatically processed technical data

The app may process limited technical information that is technically necessary for operation, such as:

• device type and operating system

• app version

This data is not stored, analyzed, or linked to individual users by us.

5. App Permissions

Camera Access

The camera is used exclusively for barcode or receipt scanning.
No images or video data are stored or transmitted to external servers.

Push Notifications

Push notifications are used to provide reminders (e.g. expiration alerts).
Notifications are sent only after explicit user consent and can be disabled at any time in the device settings.

6. In-App Purchases and Subscriptions

For subscription and purchase management, ReFridge uses RevenueCat.

RevenueCat processes technically necessary data such as:

• anonymized user identifiers

• purchase and subscription status

This processing is required to provide in-app purchases and subscriptions.
No tracking, advertising, or profiling takes place.

For more information, please refer to RevenueCat’s privacy policy.

7. Third-Party Services

The app integrates the following external APIs for functional purposes only:

• OpenFoodFacts – product and food information

Only technically required requests are made.
No personal user data is transmitted to these services.

8. Website Data Processing

The website associated with ReFridge is hosted in Europe.

• No user accounts

• No tracking

• No analytics

• No advertising cookies

Only technically necessary cookies may be used by the hosting provider to ensure basic website functionality.

9. Legal Basis for Processing

Data processing is based on the following legal grounds:

• Art. 6(1)(a) GDPR – consent (e.g. camera access, notifications)

• Art. 6(1)(b) GDPR – performance of contract (use of the app)

• Art. 6(1)(f) GDPR – legitimate interests (technical operation and stability)

10. Data Retention

As all user data is stored locally on the device, retention depends on the user.

Data can be deleted at any time by:

• removing individual entries

• resetting the app

• uninstalling the app

No server-side deletion is required.

11. Data Transfers to Third Countries

No personal data is transferred to countries outside the European Union or the European Economic Area.

12. User Rights

Under the GDPR, users have the following rights:

• Right of access (Art. 15 GDPR)

• Right to rectification (Art. 16 GDPR)

• Right to erasure (Art. 17 GDPR)

• Right to restriction of processing (Art. 18 GDPR)

• Right to data portability (Art. 20 GDPR)

• Right to object (Art. 21 GDPR)

• Right to withdraw consent at any time (Art. 7(3) GDPR)

• Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

13. Supervisory Authority

The competent data protection authority is:

State Commissioner for Data Protection and Freedom of Information
North Rhine-Westphalia, Germany

14. Changes to this Privacy Policy

We may update this Privacy Policy to reflect legal requirements or changes to app functionality.
The latest version will always be available within the app and on the website.