Privacy Policy

Last updated: June 3, 2026

SafePlate ("we", "our", or "us") is operated by Finn Digital LLC. This privacy policy explains what information we collect, how we use it, which third parties receive it, and the choices you have. It applies to the SafePlate iOS app and the website finndigital.net/safeplate.

What stays on your device

• Barcode reads. Scanning a barcode happens on your device. Only the barcode number is used to look up the product — your camera frames are not uploaded.
• On-device scanning option. If you decline AI scanning, all food-photo analysis stays on your device and no image leaves your phone. (See "AI-powered scanning" below for the opt-in cloud option.)
• Family profiles + allergens. Names, allergens, and severity stay local in SwiftData on your iPhone. Sync to iCloud is your choice.
• EpiPen reminders. Stored in iOS local notifications.

What we collect (only if you opt in)

• Account ID. If you sign in with Apple, we receive an opaque user identifier and (optionally) a relay email so subscriptions and saved palettes can sync across devices.
• Saved scans. If you tap "Save to history," we store the resulting product reference, brand name, and the allergen-match summary in Firebase Firestore, scoped to your account. We do not store the raw camera image.
• Subscription status. Apple tells us whether you have an active SafePlate or PRO subscription. We never receive payment card or Apple ID details.
• Diagnostic data. Anonymous crash reports via Firebase Crashlytics.

AI-powered scanning (opt-in)

SafePlate offers optional AI-powered scanning that identifies the foods on a plate (Plate Intel) and reads packaged-food labels. When you turn it on:

• The photo you capture is sent to Google's Gemini models via Google Cloud Vertex AI to identify the foods or text in the image.
• It is opt-in: the first time it would run, SafePlate asks for your consent. Decline and scanning stays entirely on your device.
• The photo is used only to analyze that one scan and is not stored by SafePlate afterward.
• Under Google Cloud's terms, Vertex AI does not use your content to train its foundation models. The image is not linked to your identity and is never used for advertising or tracking.
• The allergen and health information shown after a scan is produced by SafePlate's own logic from your saved profiles. Results are informational and are not medical advice.

What we do not collect

• Outside the opt-in AI scan above, we do not upload, index, or store your camera frames as images.
• We do not train any model on your scans, family profiles, or saved cards.
• We do not sell your personal data to advertisers or data brokers.
• We do not use third-party advertising SDKs.
• We do not share your child’s allergens with any third party.

Children's data

SafePlate stores names, ages, and allergens for the children in your family at your direction, the parent or guardian. SafePlate is not intended for direct use by children under 13. Family-member data stays under your account and is removed when you delete your account or remove the family member.

Third-party services

• Apple StoreKit — subscription management.
• Firebase Auth, Firestore, Storage, Crashlytics (Google) — account auth, optional cross-device sync, crash reporting.
• Apple MapKit — restaurant finder map display. No personal data sent.
• OpenFoodFacts and FDA OpenFDA (public APIs) — product database and recall alerts. No personal data sent.
• Google Cloud Vertex AI (Gemini) — used only when you opt in to AI-powered scanning, to analyze the photo you capture. Photos are not stored and are not used to train Google's models.

Your rights

You can delete your account and all associated data via Profile › Settings › Delete Account. Data is permanently erased within 30 days. To request a data export, email [email protected].

Changes

We may update this policy. Material changes will be reflected in the "Last updated" date and announced in-app.

Contact

Privacy questions: [email protected] — Finn Digital LLC.

SafePlate is an informational tool for personal allergen tracking. It is not a medical device, is not FDA cleared, and is not a substitute for reading the manufacturer’s label or consulting a qualified medical professional. In an emergency, call 911.