DinnerSorted
AI-powered weekly meal planner
Privacy Policy
Effective date: May 17, 2026
DinnerSorted ("we", "us", "our") is operated by Amit Sinha (doing business as DinnerSorted), based at 17 Gallant Rd, Point Cook VIC 3030, Australia. This Privacy Policy explains what personal information we collect through the DinnerSorted mobile app and website, how we use it, and the choices and rights you have. We respect your privacy and are committed to protecting it.
1. Who this policy covers
This policy applies to everyone who uses DinnerSorted, including users located in the United States, the European Economic Area (EEA), the United Kingdom, Australia, Canada, and elsewhere. References to "you" mean any user of our app or website.
2. Information we collect
2.1 Information you give us
- Account details: your name, email address, and a hashed password when you sign up. If you use Google Sign-In, we receive your name and email from Google.
- Household profile: household size, number of adults and kids, allergies, dietary restrictions, disliked ingredients, cooking methods, favourite cuisines, health goals, and planning preferences.
- Meal-plan content: the AI-generated meal plans associated with your account, your meal swaps, ratings, "cooked" logs, and the actual-time-to-cook labels you submit in Cook Mode.
- Optional fridge / pantry photos: if you use the fridge-scan feature, we send the photo(s) you choose to OpenAI for ingredient extraction. Photos are processed for that single request and are not retained by us afterwards.
- Feedback you submit through the in-app feedback form.
2.2 Information collected automatically
- Device and app data: device model, operating system, app version, language, time zone, and crash logs.
- Usage analytics: screens you visit, features you use, and aggregate engagement events (for example, "plan generated", "meal cooked"), via PostHog.
- Push-notification token: if you allow notifications, we store the token your device gives us so we can send weekly planning and meal reminders.
- Streak and achievement state: the dates you generated plans, the streak length, and any badges earned.
2.3 Information we do not collect
- We do not collect your precise or approximate location.
- We do not store your fridge / pantry photos after they have been analysed.
- We do not have access to your card or banking details — payments are handled directly by Apple or Stripe.
- We do not read your contacts, calendar, microphone, or other on-device data.
3. How we use your information
- To create and run your account and authenticate you.
- To generate personalised weekly meal plans, grocery lists, and recipe steps.
- To honour your allergies and dislikes as strict safety constraints during meal generation.
- To send you push notifications (planning reminders, tonight's meal, weekly report) if you opt in.
- To track your cooking streak and award achievement badges.
- To process subscription payments and manage your Pro trial / membership.
- To improve the app — fix bugs, monitor performance, and understand which features people use.
- To respond to your support requests and feedback.
- To comply with our legal obligations and enforce our Terms of Service.
4. Third-party service providers
We share information with the following service providers strictly so they can perform services on our behalf. Each operates under its own privacy policy.
| Provider | Purpose | What is shared |
|---|---|---|
| OpenAI | AI meal-plan generation and fridge-photo ingredient extraction | Household profile (anonymised where possible), optional fridge photos for a single inference request |
| PostHog | Product analytics and feature usage | Pseudonymous user ID, screen views, event names |
| Stripe | Subscription payments (web) | Email, subscription status (Stripe collects card data directly) |
| Apple (App Store / StoreKit) | In-app purchases on iOS | Apple handles the transaction; we receive only the subscription status |
| Google (Sign-In) | Optional authentication via Google account | Your name and email returned by Google when you sign in |
| MongoDB Atlas | Encrypted database hosting | All account, profile, and meal-plan data |
| Railway | Backend application hosting | API request and response data in transit |
| Vercel | Web app hosting (dinnersorted.vercel.app) | Web request logs |
5. We do not sell or rent your personal information
DinnerSorted does not sell, rent, or trade your personal information to any third party for money or other consideration. We also do not "share" personal information for cross-context behavioural advertising as defined under the California Privacy Rights Act (CPRA).
6. Legal bases for processing (EEA / UK users)
If you are in the EEA or UK, we process your personal data on one or more of these legal bases:
- Performance of a contract — to provide the DinnerSorted service you signed up for.
- Legitimate interests — to run, secure, and improve our service, where those interests are not overridden by your rights.
- Consent — for push notifications, marketing emails (if any), and processing optional fridge photos. You can withdraw consent at any time.
- Legal obligation — to comply with tax, accounting, and other laws that apply to us.
7. How long we keep your data
We keep your personal information for as long as your DinnerSorted account is active. When you delete your account we delete or anonymise your personal information within 30 days, except where we are required to keep it longer for legal, tax, fraud-prevention, or accounting reasons. Aggregate, fully anonymised analytics may be retained indefinitely.
8. Security
We use industry-standard measures to protect your data, including encryption in transit (HTTPS / TLS), encrypted storage at rest in MongoDB Atlas, hashed passwords (bcrypt), JWT session tokens, and the principle of least-privilege access for our team. No system can be 100% secure, but we take protecting your data seriously.
9. Your rights and choices
Depending on where you live, you have some or all of the following rights:
- Access a copy of the personal information we hold about you.
- Correct information that is inaccurate or incomplete.
- Delete your account and the personal information associated with it.
- Export a machine-readable copy of your data (data portability).
- Restrict or object to certain processing.
- Withdraw consent at any time, where processing was based on consent.
- Lodge a complaint with your local data-protection regulator.
To exercise any of these rights — including deleting your account — email aasinha@gmail.com from the address linked to your account. We respond within 30 days.
10. Push notifications
With your permission, we send push notifications such as the Sunday-evening planning reminder, tonight's meal reminder, and your weekly food report. You can turn these off at any time from your device's notification settings, or from inside the DinnerSorted app under Profile → Notifications. Turning them off does not affect anything else in the app.
11. Children's privacy
DinnerSorted is not directed at children under 13 (or under 16 in the EEA), and we do not knowingly collect personal information from them. If you believe a child has provided us personal information, please contact us at aasinha@gmail.com and we will delete it.
12. International data transfers
Our service providers (OpenAI, Stripe, MongoDB Atlas, Railway, Vercel, PostHog, Google, Apple) are based in the United States and other countries. When your data is transferred outside your home jurisdiction, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses, equivalent UK transfer mechanisms, and our providers' own certifications.
13. Notice to U.S. residents (CCPA / CPRA)
If you are a California resident, you have the rights described in section 9 above (access, deletion, correction, portability), plus the right to opt out of "sale" or "sharing" of your personal information. DinnerSorted does not sell or share your personal information as those terms are defined under the CPRA, so there is nothing to opt out of. We do not discriminate against users who exercise their privacy rights.
14. Notice to Australian residents
We comply with the Australian Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles (APPs). You may request access to or correction of your personal information, or make a complaint about how we have handled it, by emailing aasinha@gmail.com. If you are not satisfied with our response you may contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
15. Notice to Canadian residents
We comply with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws. You have the right to access, correct, and withdraw consent for the personal information we hold about you. Contact us at aasinha@gmail.com.
16. Changes to this policy
We may update this Privacy Policy from time to time. If we make material changes we will notify you in the app or by email before the changes take effect, and we will update the "Effective date" above. Your continued use of DinnerSorted after the change means you accept the updated policy.
17. Contact us
If you have any questions, requests, or complaints about this Privacy Policy or our handling of your personal information, please contact:
DinnerSorted (operated by Amit Sinha)
17 Gallant Rd, Point Cook VIC 3030, Australia
Email: aasinha@gmail.com