Privacy Policy

Last updated: June 2, 2026

Grozi ("Grozi," "we," "us") is a shared grocery-list app for households. This policy explains what data we collect, why we collect it, who we share it with, and the rights you have over it. We've tried to keep it plain English — if anything is unclear, email us at allen07edwarddev@gmail.com.

1. The short version

• We collect the minimum needed to make the app work: your account (via Google Sign-In), the lists and items you create, and a device token so we can send push notifications.
• Your shopping lists are visible only to you and the household members you explicitly share them with.
• We don't sell your data. We do use third-party services (Supabase, Google, AdMob, OpenAI / Gemini, Open Food Facts) to run the app — each is listed below.
• You can delete your account at any time from the app. That removes your lists, items, and profile from our servers.

2. Data we collect

2.1 Account information

When you sign in with Google, we receive your Google account ID, email address, display name, and profile photo URL. We store these so other household members can see who added or checked off an item.

2.2 Lists, items, and stores

Anything you type into Grozi — list names, item names, quantities, prices, notes, store labels, photos you upload — is stored on our servers (Supabase) so it can sync across your devices and to members you share with.

2.3 Photos and images

Photos you attach to items are uploaded to Supabase Storage. Thumbnails the app fetches automatically (e.g. from Open Food Facts) are saved as URLs only — we don't re-host them.

2.4 Device & push token

Grozi registers a Firebase Cloud Messaging (FCM) token per device so we can notify you when a household member adds or checks off an item, or when a list reminder fires. The token is associated with your user ID.

2.5 Usage signals

We log a small number of events for product analytics: AI requests (prompt text capped at 500 characters, item count, which model answered, time-of-use), ad views (for ad-frequency capping), and anonymous crash reports. We do not build advertising profiles.

2.6 Region preference

The "Region & currency" setting in Profile is saved on your device only (via SharedPreferences). It never leaves the phone.

3. How we use it

• To run the core app — show your lists, sync changes across devices, deliver notifications.
• To estimate item prices in your local currency (when you enable the AI feature).
• To enforce a daily AI quota and ad-watch ceiling.
• To diagnose crashes and improve the product.

4. Third-party services

The following services receive a limited slice of your data:

• Google Sign-In — authenticates your account. See Google's privacy policy.
• Supabase (database + storage + realtime) — stores your lists, items, and uploaded photos. See Supabase's privacy policy.
• Firebase Cloud Messaging — delivers push notifications. See Firebase's policy.
• Google AdMob — serves banner and rewarded ads when you're not in an ad-free session. AdMob may use a device-level advertising ID per its own policy. See AdMob policy.
• Google Gemini / OpenAI (via our server) — generates AI suggestions, substitutes, and budget estimates. Your prompt text (capped) is sent to whichever model answers, along with your country code so prices estimate in your local currency. We do not send your account email, photos, or unrelated list contents to the AI providers.
• Open Food Facts — a public, free product database. Grozi sends only the ingredient name you're trying to look up; no personal data is included.

5. Sharing and household members

When you share a list, every member you invite can view, edit, check off, and add items to that list. Their actions are attributed to their name and photo on each row. Removing a member from a list revokes their access to it.

6. Children

Grozi is not directed at children under 13. We don't knowingly collect data from anyone under 13. If you believe a child has provided us data, email allen07edwarddev@gmail.com and we'll delete it.

7. Your choices

• Delete your account — Profile → Sign out is available immediately; full account deletion (including all lists, items, and uploads) is available on request to allen07edwarddev@gmail.com.
• Export your data — available on request.
• Disable push notifications — turn them off in Android system settings, or sign out.
• Reset your advertising ID — under Android settings → Privacy → Ads.

8. Retention

We keep your data for as long as your account is active. When you delete your account, lists/items/uploads are removed within 30 days. Aggregate analytics that cannot identify you may be kept longer.

9. Security

All traffic between Grozi and our servers is encrypted with TLS. Database rows are protected by row-level security so a user can only read or write the lists they own or were invited to.

10. Changes to this policy

We'll update the "Last updated" date above when this policy changes. Material changes will be announced in-app before they take effect.

11. Contact

Questions, requests, or complaints: email allen07edwarddev@gmail.com.