Privacy Policy

Last Updated: February 14, 2026

This Privacy Policy describes how PrepCheck ("we", "us", "our") collects, uses, and protects your personal information when you use our meal planning and inventory tracking application (mobile app and web app).

            Your Privacy Matters: We are committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR) and applicable Norwegian data protection laws.
        

1. Controller Information

Data Controller: Kristoffer Tosbakken

Contact Email: info@prepcheck.no

Service: PrepCheck - Meal Planning & Inventory Management Application

2. Information We Collect

2.1 Account Information

Email Address: Required for account creation, authentication, and essential service communications
Password: Encrypted and stored securely (we never have access to your plaintext password)
Display Name: Optional name for household sharing features

2.2 Application Data

When you use PrepCheck, we store the following data you create:

Meal Plans: Your planned meals, recipes, and meal schedules
Inventory Data: Products you track, including names, quantities, categories, prices, and custom notes
Product Information: Barcode scans and associated product details from external databases
Usage Logs: Meal completion tracking, inventory consumption records, and auto-logging schedules
Shopping History: Purchase records including product names, quantities, and prices
Household Data: If you use household sharing, shared inventory and meal plans with other household members
User Preferences: App settings, language, currency, unit system, notification preferences, and theme choices

2.3 Location Information

Approximate Location: We detect your country/region to automatically set your language, currency, and units (metric vs imperial)
How We Collect It: Through your IP address or device settings
Precision: Country-level only - we do NOT collect precise GPS coordinates
Purpose: Localization and improved user experience only

2.4 Device & Technical Information

Device Information: Device type (iOS/Android), operating system version, app version
Push Notification Token: Device token for sending notifications about auto-logged meals, low stock alerts, and household updates
Authentication Tokens: Temporary tokens for maintaining your logged-in session
Browser/App Storage: Local storage data for offline functionality and performance

2.5 Advertising Data (Mobile App Only)

The PrepCheck mobile app displays advertisements through Google AdMob. This involves:

Advertising ID: A unique, resettable identifier used by AdMob to serve personalized ads
Ad Interaction Data: Whether you view or click on ads (collected by Google AdMob)
Device Information: Basic device info shared with AdMob for ad delivery
Remove Ads Option: You can pay a one-time fee to permanently remove all ads

Important: Advertising is provided by Google AdMob, a third-party service. Google may collect additional data for ad personalization. See Google's Privacy Policy and AdMob's Privacy Information for details.

2.6 Information We Do NOT Collect

We do NOT collect precise GPS location or track your movements
We do NOT access your camera, microphone, or contacts (except barcode scanning when you explicitly use that feature)
We do NOT use analytics or tracking beyond what's required for app functionality
We do NOT collect browsing history outside our application
We do NOT sell or rent your personal data to third parties

3. Legal Basis for Processing (GDPR)

Data Type	Legal Basis
Account Information	Contract: Necessary to provide the service you signed up for
Application Data	Contract Performance: Core functionality of the service
Location (Country/Region)	Legitimate Interest: Provide localized experience (language, currency)
Push Notifications	Consent: You enable notifications in app settings
Advertising Data	Consent & Legitimate Interest: Free app supported by ads; you can opt-out by purchasing ad removal
Service Emails	Legitimate Interest: Essential service communications (password resets, account verification)

4. How We Use Your Information

We use your information solely to:

Provide the Service: Enable meal planning, inventory tracking, auto-logging, and data synchronization across your devices
Account Management: Create and maintain your account, authenticate your identity, and handle password resets
Localization: Automatically set language, currency, and units based on your region
Push Notifications: Send notifications about auto-logged meals, low inventory, household activity, and engagement reminders
Product Database: Enhance barcode scanning accuracy by storing product information in a shared database (barcodes and product names only - not linked to your account)
Household Sharing: Enable real-time synchronization of inventory and meals between household members
Display Advertisements: Show ads in the free version of the mobile app (via Google AdMob)
Service Communications: Send essential emails (account verification, password reset, critical service updates)
Improve the Service: Fix bugs, improve performance, and develop new features
Legal Compliance: Comply with applicable laws and legal obligations

5. Data Storage and Security

5.1 Where Your Data is Stored

Primary Storage: Supabase (PostgreSQL database) hosted in EU-North-1 region (Stockholm, Sweden)
GDPR Compliance: All data is stored within the European Union, ensuring full GDPR protection
Local Storage: Optional offline data cached locally on your device for offline access

5.2 Security Measures

We implement industry-standard security practices to protect your data:

Encryption in Transit: All data transmission uses HTTPS/TLS encryption
Encryption at Rest: Database encryption provided by Supabase infrastructure
Password Security: Passwords are hashed and salted using bcrypt algorithm
Access Controls: Strict authentication and authorization controls; row-level security policies
Regular Security Updates: Infrastructure and dependencies are regularly updated

5.3 Third-Party Services

We use the following trusted third-party services to operate PrepCheck:

Supabase (Database & Authentication): EU-based, GDPR-compliant infrastructure. Supabase Privacy Policy
Netlify (Website Hosting): Compliant with GDPR and privacy regulations. Netlify Privacy Policy
Domene.no (Email Services): Norwegian email provider for transactional emails
Google AdMob (Mobile Ads): Ad serving platform for the free mobile app. Google Privacy Policy
Apple Push Notification Service (APNs): For iOS push notifications. Apple Privacy
Firebase Cloud Messaging (FCM): For Android push notifications (if applicable). Firebase Privacy
External Barcode APIs: When you scan a barcode, we may query third-party product databases to retrieve product information. Only the barcode number is transmitted - no personal data

6. Push Notifications

PrepCheck uses push notifications to enhance your experience. You can control these in app settings:

6.1 Types of Notifications

Auto-log Confirmations: "Frokost logged! ✓" when a meal is automatically tracked
Manual Reminders: "Remember to log your meals today!" (when auto-log is off)
Low Stock Alerts: "Running low on Chicken! Only 2 days left!"
Last Day Warnings: "This is your last day with: Eggs"
Household Updates: "Emma went shopping!" (if you use household sharing)
Engagement Reminders: "7 days without logging - miss you!" and weekly recaps

6.2 Managing Notifications

All notifications can be enabled/disabled in Settings → Notifications
You can also disable notifications in your device's system settings
We do NOT send marketing or promotional notifications

7. Advertising and Ad-Free Option

7.1 How Ads Work

The free version of the PrepCheck mobile app displays banner advertisements through Google AdMob:

Ads are displayed at the bottom of certain screens
Google may use your Advertising ID to show personalized ads
We do NOT have access to the specific ads shown to you
We receive revenue when you view or click on ads

7.2 Remove Ads

You can permanently remove all advertisements by purchasing the "Remove Ads" option:

One-time payment: 29 NOK (or local equivalent)
Permanent: Ads removed forever on your account
Privacy benefit: AdMob tracking stops when ads are removed

7.3 Advertising Privacy Controls

iOS: Settings → Privacy → Advertising → Limit Ad Tracking
Android: Settings → Google → Ads → Opt out of Ads Personalization
Reset Advertising ID: Available in device settings to get a fresh ID

8. Data Retention

Active Accounts: We retain your data for as long as your account remains active
Deleted Accounts: Upon account deletion, all personal data is permanently deleted within 30 days
Shared Product Database: Generic product information (barcode + product name) remains in shared database to help other users, but is NOT linked to your account
Legal Obligations: We may retain certain data longer if required by law (e.g., financial records for tax purposes if you purchase ad removal)
Advertising Data: Managed by Google AdMob according to their retention policies

9. Your Rights (GDPR)

Under GDPR and Norwegian data protection law, you have the following rights:

9.1 Right of Access

You can request a copy of all personal data we hold about you.

9.2 Right to Rectification

You can correct inaccurate or incomplete data directly in the app or by contacting us.

9.3 Right to Erasure ("Right to be Forgotten")

You can delete your account and all associated data at any time through the app settings or by contacting us.

9.4 Right to Data Portability

You can export your data in JSON format directly from the app (Settings → Export Data).

9.5 Right to Restrict Processing

You can request that we limit how we process your data in certain circumstances.

9.6 Right to Object

You can object to processing based on legitimate interests (e.g., advertising - by purchasing ad removal).

9.7 Right to Withdraw Consent

Where processing is based on consent (notifications, ads), you can withdraw it at any time through app settings.

            To Exercise Your Rights: Contact us at info@prepcheck.no. We will respond within 30 days as required by GDPR.
        

10. Data Sharing and Disclosure

We do NOT sell your personal data.

We only share your data in the following limited circumstances:

Service Providers: With Supabase, Netlify, and Google AdMob as necessary to operate the service (covered by data processing agreements)
Household Members: If you use household sharing, inventory and meal data is shared with other members you've invited
Legal Requirements: If required by law, court order, or governmental authority
Protection of Rights: To protect our legal rights, prevent fraud, or ensure user safety
Business Transfer: In the event of a merger, acquisition, or sale of assets, your data may be transferred (you will be notified in advance)

11. Children's Privacy

PrepCheck is intended for users aged 13 years and older. We do not knowingly collect personal information from children under 13. If we discover that we have collected data from a child under 13, we will delete it immediately.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at info@prepcheck.no.

12. International Data Transfers

All data is stored within the European Union (EU-North-1 region). If you access PrepCheck from outside the EU, your data will be transferred to and stored in the EU, which provides equivalent or stronger data protection than most other jurisdictions.

Third-Party Services Outside EU:

Google AdMob: May process data in the US under appropriate safeguards (Standard Contractual Clauses)
Apple APNs: Push notifications routed through Apple's infrastructure globally

13. Cookies and Local Storage

13.1 Essential Cookies

We use only essential cookies and local storage required for the application to function:

Authentication Token: Keeps you logged in
Session Management: Maintains your active session
Local App Data: Stores your data locally for offline access (optional)
Notification Settings: Remembers your notification preferences

13.2 Advertising Cookies (Mobile App Only)

Google AdMob may use cookies/identifiers for ad personalization
Managed by Google according to their privacy policy
Removed when you purchase "Remove Ads"

13.3 No Tracking Cookies

We do NOT use:

Analytics cookies (beyond basic app functionality metrics)
Social media cookies
Third-party tracking cookies (except AdMob in free app)

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

Posting the updated policy on this page with a new "Last Updated" date
Sending an email to your registered email address for significant changes
Displaying an in-app notification

Your continued use of PrepCheck after changes take effect constitutes acceptance of the updated Privacy Policy.

15. Supervisory Authority

If you are located in the EU/EEA and have concerns about how we handle your personal data, you have the right to lodge a complaint with your local data protection authority.

Norway: Datatilsynet (Norwegian Data Protection Authority)

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us:

Email: Email: info@prepcheck.no
Response Time: We aim to respond within 30 days as required by GDPR