Privacy Policy for MealQ

Last Updated: November 26, 2025

Introduction

MealQ ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use the MealQ mobile and desktop application.

Information We Collect

Account Information

  • Username and email address - Required for account creation and authentication
  • Password - Stored securely using industry-standard encryption (bcrypt hashing)
  • Registration code - Used during account creation for invitation-based registration

User-Generated Content

  • Meal information - Meal names, descriptions, recipes, ingredients, and tags
  • Meal plans - Your scheduled meals for specific dates and meal types
  • Shopping lists - Items you add to your shopping lists, including quantities and categories
  • Household data - Household names and membership information
  • Day tags and notes - Tags and notes you create for specific days
  • User preferences - Notification settings and other app preferences

Device Information

  • Device tokens - For push notifications (optional, only if you enable notifications)
  • Local storage data - Cached data stored on your device for offline functionality

Usage Information

  • API quota usage - For external recipe API features (Spoonacular integration)
  • Authentication tokens - Session tokens for maintaining your login state

How We Use Your Information

We use your information to:

  1. Provide core functionality - Enable meal planning, shopping list management, and recipe organization
  2. Enable collaboration - Share meal plans and shopping lists with household members
  3. Provide offline access - Cache data locally on your device for offline use
  4. Send notifications - Alert you to shopping list changes (only if you enable notifications)
  5. Maintain security - Authenticate your identity and protect your account
  6. Import external recipes - Search and import recipes from third-party services (Spoonacular) when you use this feature

Data Storage and Security

Cloud Storage

  • Your account data is stored securely on Cloudflare's infrastructure using D1 databases
  • All data transmission uses HTTPS encryption
  • Passwords are hashed using bcrypt and never stored in plain text

Local Storage

  • Data is cached on your device using secure localStorage for offline functionality
  • Cached data automatically expires after 14 days
  • You can clear cached data at any time through the app

Authentication

  • We use JWT (JSON Web Tokens) for session management
  • Tokens expire after a set period and can be refreshed
  • You can log out at any time to invalidate your session

Data Sharing and Third Parties

Third-Party Services

We integrate with the following third-party services:

  1. Spoonacular API - When you search for or import external recipes, your search queries are sent to Spoonacular. This is optional and only occurs when you use the external recipe feature. See Spoonacular's privacy policy at https://spoonacular.com/food-api/privacy-policy
  2. Cloudflare - Our API and database infrastructure is hosted on Cloudflare. See Cloudflare's privacy policy at https://www.cloudflare.com/privacypolicy/

No Selling of Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

No Analytics or Tracking

MealQ does not use analytics services, advertising networks, or tracking technologies to monitor your behavior.

Your Rights and Choices

You have the right to:

  1. Access your data - View all data associated with your account
  2. Update your information - Edit your profile, meals, shopping lists, and preferences at any time
  3. Delete your data - Request deletion of your account and associated data
  4. Export your data - Request a copy of your data in a portable format
  5. Control notifications - Enable or disable push notifications at any time
  6. Manage household access - Control who can access your shared meal plans and shopping lists

Data Retention

  • Active accounts - Data is retained as long as your account is active
  • Cached data - Local cache expires after 14 days of inactivity
  • Deleted accounts - Upon account deletion, your data will be permanently removed from our servers within 30 days
  • Logs - Server logs are retained for security purposes for a limited time period

Household Data Sharing

When you join or create a household:

  • Household members can view shared meal plans and shopping lists
  • You control which households you join and can leave at any time
  • Household administrators can manage member roles and permissions
  • Only members of your household can view your shared data

Push Notifications

If you enable push notifications:

  • We store device tokens to send notifications
  • Notifications are sent only for shopping list changes
  • You can control notification frequency and preferences
  • You can disable notifications at any time in Settings
  • Uninstalling the app automatically stops notifications

Children's Privacy

MealQ is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Updating the "Last Updated" date at the top of this policy
  • Displaying a notice within the app

Your continued use of MealQ after changes are posted constitutes acceptance of the updated policy.

Data Security Measures

We implement appropriate technical and organizational security measures, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure password hashing (bcrypt)
  • Role-based access control
  • Regular security updates
  • Invitation-based registration system to prevent unauthorized access

Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us at:

Email: [email protected] Website: https://mealq.plantolive.app

Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), our legal basis for collecting and using your personal information depends on the data and the context:

  • Contract performance - Processing necessary to provide the service you requested
  • Consent - When you explicitly agree (e.g., enabling push notifications)
  • Legitimate interests - For security, fraud prevention, and service improvement

You have additional rights under GDPR, including the right to object to processing, request data portability, and lodge a complaint with your supervisory authority.

California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information we collect and how we use it
  • Request deletion of your personal information
  • Opt-out of the sale of personal information (note: we do not sell personal information)
  • Non-discrimination for exercising your privacy rights

By using MealQ, you acknowledge that you have read and understood this Privacy Policy.

Logo mealQ

Organize meals, shopping lists, and recipes for the whole family

Privacy
© 2025 All rights reserved.