Privacy Policy

Last updated: 2026-04-28. Draft — pending lawyer review before public launch.

1. What we collect

To provide the Service, we collect:

• Account info: email, name, and profile image — received from Google, Facebook, or your email magic-link sign-in.
• Profile preferences: diet type, allergies, equipment, time caps, household size, weekly budget, and other settings you provide.
• Plan history: generated meal plans, recipe overrides, skipped meals, and grocery checkbox state (stored locally on your device for grocery items).
• Email-engagement metadata: whether weekly reminder emails were delivered (via Resend logs).
• Operational logs: IP addresses and basic request metadata for security and abuse prevention. Retained for 30 days.
• Error reports (when enabled): stack traces, request URLs, and browser/OS info via Sentry. No request bodies or authentication tokens are sent.
• Anonymous usage analytics: page views and referrers via Vercel Analytics. No personally-identifying information is recorded.

2. How we use it

• To generate meal plans and grocery lists tailored to your profile.
• To send weekly reminder emails (one per week, on Sunday).
• To investigate bugs, abuse, and security incidents.
• To improve the recipe library based on aggregate engagement (never sold to third parties).

3. Third-party services we share data with

We use the following processors. Each handles only what they need to provide their function:

• Supabase (Postgres database): stores account, profile, and plan data. Hosted in the US.
• Vercel (hosting): serves the app. Receives request metadata (URL, IP, user agent) for routing.
• Resend (email): sends authentication links and weekly reminders. Stores email addresses and delivery logs.
• Anthropic (recipe generation):recipe content is authored offline using Anthropic's Claude API. No personal data is sent at runtime.
• Google + Facebook (OAuth): when you sign in with them, they send us a token plus your email and name. They receive your sign-in event from us.
• Sentry (error monitoring, when enabled): stack traces and request metadata only. No request bodies.
• Vercel Analytics (usage analytics): aggregated, non-personally-identifying page views.

We do not sell your data, ever. We do not share it with advertisers.

4. Cookies and local storage

• Auth session cookie: set by Auth.js to keep you signed in. Required for the Service to work.
• Grocery checkbox state (localStorage):remembers which grocery items you've checked off. Stays on your device and is never sent to our servers.

We don't use third-party advertising or tracking cookies.

5. Security

The Service uses HTTPS exclusively. Auth tokens are signed and rotated. Database access is restricted to authenticated requests. But no service is 100% secure — if you suspect a security issue, email security@repast.app.

6. Retention

• Account, profile, and plan data: kept while your account is active. Deleted on request or 90 days after account deletion.
• Email delivery logs (Resend): 30 days.
• Operational logs: 30 days.
• Error reports (Sentry): 30 days.
• Analytics: aggregated only; raw events purged after 90 days.

7. Your rights

You can:

• Access the data we hold about you (request via email below).
• Correct it (most fields are user-editable on your profile).
• Delete it (delete your account from the profile page; deletion is permanent and not reversible).
• Export it in a machine-readable format (request via email).

California residents (CCPA) and EU/UK residents (GDPR) have additional statutory rights. Email privacy@repast.app to exercise them.

8. Children

Repast isn't directed at children under 13 and we don't knowingly collect data from them. If you believe a child has signed up, contact us and we'll delete the account.

9. Changes

We may update this policy. Material changes are communicated via email or in-app notice at least 30 days before they take effect.

10. Contact

Privacy questions: privacy@repast.app.
General contact: hello@repast.app.