Privacy Policy for Plantry

App: Plantry

App slug: diet-planner

Last updated: TODO: INSERT DATE

This policy applies specifically to the diet-planning app available under the Oryen umbrella brand. It is an implementation-informed draft, not legal advice and not lawyer-approved. TODO: VERIFY WITH LAWYER.

Who Provides The App / Data Controller

Oryen is a product/publisher brand used by Orest Malinovskyi. The app is provided by Orest Malinovskyi, operating under działalność nierejestrowana under Polish law.

Data controller: Orest Malinovskyi. Contact: privacy@oryen.app.

No Account Requirement

The first version does not require user account creation. The app may use an anonymous or pseudonymous app installation/session identifier to provide functionality, keep local app state, and manage cached data.

What Data May Be Collected

app-generated anonymous or pseudonymous installation/session identifiers, including local user/job identifiers;
diet planning preferences entered by the user, including calorie and macro targets, meal count, language, cooking equipment, budget level, and planning period;
dietary restrictions, allergies, disliked or avoided ingredients, preferred ingredients, preferred supermarkets, pantry items, and meal history if entered by the user;
generated meal plans, shopping information, meal feedback, and meal history updates;
planning job/status/progress information, including job ids, timestamps, status, attempts, and safe request metadata;
Firestore plan job data in diet_planner_jobs where needed to generate and return requested plans;
generic ingredient alias cache records in exact_alias_cache; these are intended to contain ingredient/nutrition lookup data, not user profile data or directly identifying personal data;
technical logs, service metadata, usage, and cost information from Google Cloud Platform services;
paid entitlement or subscription status through Apple App Store or Google Play; payment account details are handled by the app-store provider, not by an Oryen account system.

Purposes Of Processing

generating diet plans and related shopping information;
saving or applying user preferences locally and, when needed, inside a backend plan job request;
temporarily caching generated plans and job results;
showing job and progress status;
providing app functionality, customer support, and troubleshooting;
security, abuse prevention, rate limiting, and service reliability;
legal obligations where applicable.

Legal Bases Under GDPR/RODO

Processing may rely on service provision or a contract-like relationship when needed to provide requested app functionality, consent where the app requests consent, legitimate interests for security, abuse prevention, service reliability, usage/cost monitoring, and service improvement where applicable, and legal obligation where required by law.

TODO: VERIFY LEGAL BASES WITH LAWYER.

Processors/Subprocessors

Providers identified from repository configuration and code include:

Google Cloud Platform / Firebase / Firestore: API Gateway, Cloud Run, Cloud Tasks, Firestore, Secret Manager, Cloud Logging, Artifact Registry, Cloud Build, Cloud Storage, Compute Engine, and Cloud NAT.
OpenAI API: configured for meal-planning and related model calls.
Google AI/Gemini API: configured for ingredient localization and macro repair/reproposal model calls.
USDA FoodData Central API: generic ingredient nutrition lookup.
Apple App Store and Google Play for app-store managed purchases/subscriptions.

No automatic app crash-reporting SDK is currently used. The only analytics-like data described here is Google Cloud Platform service metadata, usage, and cost information.

TODO: INSERT FINAL PROCESSOR LIST / VERIFY WITH LAWYER.

Data Retention

Device-local profile, preferences, pantry, meal plans, privacy choices, job history, and purchase-state placeholders remain until deleted in the app, reset by the user, or removed by the operating system, subject to device backup behavior.
Firestore plan job documents in diet_planner_jobs: production Terraform example sets job_ttl_days = 3 and job_ttl_field = "expires_at_timestamp"; Terraform enables Firestore TTL on diet_planner_jobs.expires_at_timestamp.
Backend request payload for a plan job: encrypted in Firestore until the job reaches terminal success/failure, then removed by the worker.
Backend generated result payload: encrypted until the app deletes the job using the deletion token or Firestore TTL removes the job document.
exact_alias_cache: generic ingredient alias cache records are retained indefinitely unless manually deleted or the cache policy changes. This cache is intended for non-user-specific ingredient/nutrition lookup data. TODO: VERIFY GDPR CLASSIFICATION WITH LAWYER.
Technical logs, service metadata, usage, and cost information: default GCP log retention.
Payment/tax records for paid features: app-store payment records are managed by Apple App Store or Google Play. Any records that must be kept by the service provider are expected to be retained for 5 years. TODO: verify działalność nierejestrowana tax/VAT/payment wording.

Data Deletion

Use Settings → Privacy → Delete my data in the app. This is intended to delete app-associated data linked to the current app installation/session/anonymous identifier, depending on implementation.

See Data Deletion for more details.

User Rights

Depending on applicable law, you may have rights of access, rectification, deletion, restriction, portability, objection, withdrawal of consent where applicable, and complaint to the Polish supervisory authority. TODO: VERIFY WITH LAWYER.

International Transfers

Some providers may process or access data outside the EEA depending on their configuration and terms. TODO: VERIFY INTERNATIONAL TRANSFER MECHANISMS.

Children

The app is not intended for children unless this is defined otherwise in a future release. TODO: VERIFY MINIMUM AGE / CHILDREN WORDING WITH LAWYER.

Contact

Privacy: privacy@oryen.app. Support: support@oryen.app.