This privacy policy describes how the Shopping List application ("app", "we", "us") collects, uses, and protects your personal data. By using the app, you agree to this policy.
1. Data We Collect
1.1 Data You Provide
- Username – Name you choose for display in the app
- Avatar – Profile color and image (optional)
- Shopping lists – Content of your lists, including items, quantities and categories
- Purchase history – Locally stored data about past purchases (stored only on your device)
1.2 Data We Collect Automatically
- Firebase Authentication ID – Anonymous or Apple ID identifier for authentication
- Device information – Device model (e.g. "iPhone 14 Pro") for presence tracking
- Firebase Cloud Messaging Token – For sending push notifications
- Timestamp – When you joined a shared list
1.3 Device Permissions
The app may request access to:
- Contacts – To invite friends to shared lists (read-only access)
- Camera – For scanning QR codes and photographing recipes/lists
- Photos – To add recipe images from your photo library
2. How We Use Your Data
🔄 Sync and Sharing
Your shopping lists sync via Firebase Realtime Database to enable sharing with other users. When you join a shared list, your name and avatar are visible to other list members.
🤖 AI Features
We use OpenAI API to recognize recipes and shopping lists from photos and for automatic item categorization. Images are sent to OpenAI servers via Firebase Cloud Functions for processing. Images are not permanently stored on OpenAI servers.
🔔 Push Notifications
Firebase Cloud Messaging for sending notifications when a list is ready or when someone invites you to share.
💾 Local Storage
Purchase history and usage statistics are stored locally on your device using SwiftData. This data is not synced and remains only on your device.
3. Sharing Data with Third Parties
3.1 Google Firebase
- Firebase Authentication – For user authentication
- Firebase Realtime Database – For storing and syncing lists
- Firebase Storage – For storing images (avatars, item images)
- Firebase Cloud Messaging – For push notifications
Firebase uses standard security practices. More info: Firebase Privacy Policy
3.2 OpenAI
- OpenAI API – For AI image recognition and categorization
- Images are sent via Firebase Cloud Functions (proxy server)
- OpenAI API key is stored securely on Firebase server, not on your device
OpenAI does not permanently store your images. More info: OpenAI Privacy Policy
3.3 Apple
- Apple Sign In – If you choose to sign in with Apple ID, Apple provides your identity
- Apple does not share your data with us except the identifier you choose
More info: Apple Privacy Policy
3.4 StoreKit and Family Sharing
- We use Apple StoreKit for in-app purchases
- Apple handles all transactions – we do not see your payment information
- Family Sharing – Subscription supports Apple Family Sharing (up to 5 family members)
4. Data Security
- All data in Firebase is protected with authentication and security rules
- Communication with Firebase and OpenAI uses encrypted HTTPS connections
- Local data on your device is protected by iOS security mechanisms
- We do not store sensitive financial data or credit card information
5. Your Rights
5.1 Access and Deletion
- You can delete your shopping lists from the app at any time
- To delete your Firebase account, contact us at info@voalstudio.com
- Locally stored data (purchase history) can be deleted directly from the app
5.2 Permissions
- You can disable access to contacts, camera or photos in iOS settings at any time
- Disabling these permissions may limit app functionality
5.3 Sign Out
- If you sign out of a shared list, your data is removed from that list
- Your Firebase account remains active for other lists
6. Children's Data
The app is not intended for children under 13. We do not knowingly collect children's data. If we find that we have collected a child's data, we will delete it.
7. International Data Transfer
- Firebase servers may be located outside the European Union
- OpenAI servers are located in the USA
- By using the app, you consent to this transfer
8. Policy Changes
We may update this policy from time to time. We will notify you of significant changes via the app or email.