Privacy Policy

Last Updated: 23 June 2026

1. Introduction

Welcome to Pantri. We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you about how we look after your personal data and tell you about your privacy rights and how the law protects you.

Please read this privacy policy carefully. If you have any questions or concerns about our privacy practices, please contact us using the details provided at the end of this policy.

2. The Data We Collect About You

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you, which we have grouped together as follows:

  • Identity Data: name, username, or similar identifier
  • Contact Data: email address, phone number (optional)
  • Technical Data: internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, device identifiers
  • Profile Data: dietary preferences, allergies, intolerances, cuisine preferences, disliked ingredients, cooking skill level, max prep time
  • Usage Data: information about how you use our app, features accessed, time spent, interactions with content
  • Household Data: pantry items, quantities, categories, shopping lists, meal plans, recipes you create and share
  • Marketing and Communications Data: your preferences in receiving marketing from us and our third parties and your communication preferences

3. How Is Your Personal Data Collected?

We use different methods to collect data from and about you, including:

  • Direct interactions: When you create an account, complete an onboarding questionnaire, upload a profile picture, or contact us directly
  • Automated technologies or interactions: As you interact with the app, we collect technical data about your device and usage patterns
  • Third parties or publicly available sources: For example, authentication providers may provide verification data

4. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Service Delivery: To provide and maintain our service, including account management and customer support
  • Service Improvement: To gather analysis or valuable information so that we can improve our service and user experience
  • Personalization: To generate personalized meal suggestions and recipes using AI based on your pantry and dietary preferences
  • Communication: To notify you about changes to our service, security updates, or important announcements
  • Technical Support: To detect, prevent and address technical issues and bugs
  • Security: To prevent, detect and address fraud, abuse, and other technical and security issues
  • Analytics: To understand how users interact with Pantri and which features are most valuable

5. Sharing Your Personal Data

We do not sell or rent your personal data. We may share your data in the following circumstances:

  • Household Members: When you join or create a household, your pantry items, shopping lists, meal plans, and some profile information are shared with other household members so you can collaborate effectively
  • Internal Access: A limited number of authorised Pantri administrators may view account information (such as your name, email address, and usage metadata) for support, security, and service-operation purposes. This access is logged
  • Service Providers: We may share your data with third-party service providers who perform services on our behalf, including:
    • Cloud hosting providers (Supabase)
    • Product analytics and session replay (PostHog, Microsoft Clarity) — collected with your consent to understand usage and diagnose problems; text you type and fields marked sensitive are masked
    • Error monitoring (Sentry)
    • Email delivery (Resend) — we record whether our emails are delivered, opened, or have a link clicked, to measure engagement and to maintain a suppression list (so we stop emailing addresses that bounce or complain). Open and click detection can be approximate (e.g. some mail apps pre-load images or scan links)
    • AI/LLM service providers for meal suggestions
  • Legal Requirements: We may disclose your data if required to do so by law, court order, or government authority
  • Business Transfers: If Pantri is involved in a merger, acquisition, bankruptcy, or sale of assets, your data may be transferred as part of that transaction

6. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. We use industry-standard encryption, secure authentication methods, and regular security audits.

All data transmitted between your device and our servers is encrypted using SSL/TLS. Sensitive data is encrypted at rest in our database.

However, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our app; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.

7. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including to satisfy any legal, accounting, or reporting requirements.

  • Account Data: Retained while your account is active and for a reasonable period after deletion (up to 90 days) for backup purposes
  • Household Data: Retained as long as the household exists and members are active
  • Usage and Session Replay Data: Analytics and masked session recordings are collected only with your consent and retained for up to 12 months for analytics and improvement purposes. You can decline or withdraw at any time via the cookie banner or Settings → Preferences → Share Usage Data
  • Cookies: Retained for the durations specified in our Cookie Policy

When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal or regulatory compliance.

8. Your Legal Rights

Under certain circumstances, you have rights under data protection laws (including GDPR if you are in the EU) in relation to your personal data:

  • Right to Access: The right to obtain a copy of the personal data we hold about you
  • Right to Rectification: The right to request that we correct inaccurate personal data or complete incomplete data
  • Right to Erasure: The right to request the deletion of your personal data in certain circumstances
  • Right to Restrict Processing: The right to request that we limit how we use your personal data
  • Right to Data Portability: The right to request your personal data in a portable format
  • Right to Object: The right to object to processing of your personal data for marketing or analytics purposes
  • Right to Withdraw Consent: Where we rely on your consent, you have the right to withdraw it at any time

9. Cookies and Similar Technologies

We use cookies and similar tracking technologies to track activity on our service and hold certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. Please see our Cookie Policy for detailed information.

10. AI and Automated Decision-Making

Pantri uses artificial intelligence to generate meal suggestions and recipes based on your pantry items, dietary preferences, and cooking preferences. This processing:

  • Happens in secure environments with encryption
  • Does not use your data to train general AI models
  • Is based on your explicit consent during onboarding
  • Can be disabled in your account settings at any time

11. Children's Privacy

Our service is not directed to anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13. If we become aware that we have collected personal data from a child under 13 without verifiable parental consent, we will delete such data promptly.

12. International Data Transfers

Your personal data may be transferred to, stored in, and processed in countries other than your country of residence, which may have data protection laws that differ from your home country. When we transfer personal data internationally, we implement appropriate safeguards, including standard contractual clauses approved by relevant authorities.

13. Changes to This Privacy Policy

We may update our Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, and other factors. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the \"Last Updated\" date. Your continued use of Pantri after such changes means you accept the updated Privacy Policy.

14. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal data, please contact us:

  • Through the app settings or support channels
  • By email using the contact form in the app
  • Through our support page

If you are in the European Union and have a complaint about how we handle your personal data, you also have the right to lodge a complaint with your local data protection authority.