Last updated: 2 July 2026
Plain English summary: We collect the minimum data needed to run Fridgym. Your fridge photos are sent to OpenAI for analysis and are not stored permanently by us. We do not sell your data. You can delete your account and all associated data at any time. As a user in the EU/EEA, you have full GDPR rights.
Fridgym ("we," "us," "our") is the controller of your personal data as described in this Privacy Policy. If you have questions or concerns, contact us at hello@fridgym.app.
| Category | What we collect | Why |
|---|---|---|
| Account data | Email address, hashed password | Authentication and account management |
| Profile data | Name, fitness goals, allergies, health conditions, training preferences | Personalising meal recommendations |
| Fridge photos | Photos you take in-app | Ingredient identification via AI |
| Meal data | Generated meals, logged meals, macro data | Progress tracking and personalisation |
| Usage data | App interactions, session timestamps | Service improvement and debugging |
| Waitlist data | Email address, signup timestamp | Launch notifications (waitlist only) |
We process your personal data for the following purposes:
When you scan your fridge, your photo is transmitted securely to OpenAI's API (GPT-4o Vision) for ingredient identification. This processing is subject to OpenAI's privacy and data usage policies. We do not store your fridge photos on our servers after the analysis is complete — only the list of identified ingredients is retained.
Nutrition data is cross-referenced with the USDA FoodData Central API. No personal data is sent to the USDA — only ingredient names.
If you are located in the EU/EEA, our legal bases for processing your personal data are:
We do not sell your personal data. We share data only with:
We retain your data for as long as your account is active. If you delete your account:
If you are in the EU/EEA, you have the following rights regarding your personal data:
To exercise any of these rights, contact us at hello@fridgym.app. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection authority (in France: CNIL).
We implement appropriate technical and organisational measures to protect your personal data, including:
However, no method of transmission over the internet is 100% secure. In the event of a data breach that affects your rights, we will notify you within 72 hours as required by GDPR.
Your data is stored in Supabase's EU-West-1 region (Ireland) within the EU. When data is sent to OpenAI (US-based), this constitutes a transfer outside the EEA. OpenAI participates in the EU-US Data Privacy Framework, which provides appropriate safeguards for such transfers.
Fridgym is not directed at children under 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected data from a child under 16 without parental consent, we will delete it promptly. Contact us at hello@fridgym.app if you believe this has occurred.
The Fridgym mobile app does not use advertising cookies or third-party tracking. Our website uses only essential cookies required for the site to function. We do not use any advertising networks or behavioral tracking services.
We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notice at least 14 days before they take effect. The date at the top of this page reflects the most recent update.
For any privacy-related questions or to exercise your rights, contact us at hello@fridgym.app.