This Privacy Policy describes how Meal Matchers ("we," "our," or "the app") collects, uses, shares, and protects information when you use our iOS application. We have written this policy to be as clear and concise as possible. If anything is unclear, please contact us using the details at the bottom of this page.
1. Information We Collect
1.1 Information you provide directly
- Sign in with Apple. When you sign in, Apple shares a unique user identifier with us. You may choose to share your name and email; if you choose to hide your email, Apple provides a relay address instead. We store this information on our backend to identify your account.
- Group and friend activity. When you create or join a group, send or accept friend requests, or invite someone through the app, we store the associated records (group code, membership, invite status, friendship status).
- Swipes and matches. We store which restaurants you mark with a "like" or "pass," both in solo sessions and in group sessions, so we can compute matches and show your history.
1.2 Information collected automatically
- Precise location. With your permission, we use your device's precise location to search for nearby restaurants. You can drop a manual search pin in Settings instead, and you can revoke location access at any time in the iOS Settings app.
- Device and advertising identifiers. Google AdMob may process device identifiers (e.g., IDFA, if you consent through Apple's App Tracking Transparency prompt) and SKAdNetwork attribution signals to measure and serve ads.
- App diagnostics. Standard crash and performance logs are generated locally by iOS and may be shared with Apple if you have opted in at the system level. We do not independently operate a crash-reporting service at this time.
1.3 Information stored only on your device
- Your search preferences (radius, cuisine filters, price range, dining style, open-status filter)
- Your bookmarks and hidden restaurants list
- A 24-hour local cache of recent Google Places search results (to reduce API calls)
- Guest-mode session data (for users who do not sign in with Apple)
This local data never leaves your device unless you explicitly sign in and enable the group, friends, or swipe-sync features.
2. How We Use Your Information
- Deliver the core features: find nearby restaurants, show you photos and details, let you swipe, detect matches in groups, and maintain your friend list.
- Authenticate you across devices using Sign in with Apple.
- Deliver and measure advertising through Google AdMob so the app can remain free to use.
- Send group invites via SMS, email, or the iOS share sheet โ these are sent through your device's own Messages, Mail, or other apps; we never transmit SMS or email on your behalf.
- Respond to your requests, troubleshoot issues, and improve the product.
3. Third-Party Services
The app relies on the following third parties to function. Each of these has its own privacy policy that governs how they handle data they receive.
| Service | Purpose | What they receive |
|---|---|---|
| Apple โ Sign in with Apple | User authentication | Your Apple ID sign-in request (handled on-device by Apple) |
| Supabase | Backend database and authentication | Your user record, group/friend records, swipes, and matches |
| Google Places API | Restaurant search, details, and photos | Your search location and filters (no user identifier is attached) |
| Google AdMob | Advertising | Advertising identifiers and SKAdNetwork attribution signals |
| Apple Maps | Displaying maps and navigation | Map tile requests (no user identifier is attached) |
Links to the privacy policies of these providers:
4. Advertising & App Tracking Transparency
The app includes advertisements served by Google AdMob. On first launch, iOS will present Apple's App Tracking Transparency prompt asking whether you allow tracking across apps and websites owned by other companies. Your choice is respected throughout the app:
- If you allow tracking: AdMob may use your device's advertising identifier (IDFA) to personalize ads and measure attribution.
- If you don't allow tracking: You will still see ads, but they will be non-personalized. Google AdMob will continue to receive contextual and SKAdNetwork-based signals as permitted by Apple.
You can change this preference at any time in iOS Settings โ Privacy & Security โ Tracking.
5. How Information Is Shared
We do not sell your personal information. We share data only in the limited cases below:
- With third-party service providers listed in Section 3, strictly to operate the app.
- With other app users you explicitly choose to interact with โ your display name and friend code are visible to users you have friended or are in a group with.
- When required by law, to comply with a valid legal process, or to protect the rights, property, or safety of users or others.
- In connection with a business transfer (e.g., merger or acquisition), subject to the acquirer continuing to honor this policy.
6. Data Retention
- Account data is retained for as long as your account exists.
- Swipes and matches are retained indefinitely unless you delete your account.
- Groups are retained until the host ends them or deletes their account.
- Local caches (restaurant search results) auto-expire after 24 hours and can be cleared anytime from the Settings screen.
- Ad-related signals are retained by Google AdMob according to their policies, typically in aggregated and de-identified form.
7. Your Rights & Choices
You have the right to:
- Access the personal information we hold about you.
- Correct inaccurate information (you can update your display name via your Apple ID; other data can be corrected by contacting us).
- Delete your account and associated server-side data. Contact us at the email below and we will process deletion within 30 days.
- Withdraw consent for location access or ad tracking at any time via iOS Settings.
- Export a copy of your data by request.
Depending on where you live, you may have additional rights under the GDPR (European Economic Area / United Kingdom) or CCPA/CPRA (California), including the right to lodge a complaint with your local data protection authority.
8. Security
We use industry-standard safeguards to protect your information, including:
- TLS encryption for all traffic between the app and our backend.
- Row-level security policies on our database, so each user can only read or write records they are authorized to access.
- Delegated authentication via Apple โ we never see or store your Apple ID password.
- API keys configured with least-privilege roles so client apps cannot bypass access controls.
No system is perfectly secure. If we become aware of a data breach that materially affects your personal information, we will notify affected users as required by applicable law.
9. Children's Privacy
Meal Matchers is not directed to children under 13 (or under 16 in the European Economic Area). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us so we can delete it.
10. International Users
Our backend infrastructure is hosted in the United States. By using the app, you consent to the transfer and processing of your information in the United States, which may have data protection laws different from those in your country.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. For material changes, we will provide an in-app notice or email notification where appropriate. Continued use of the app after changes take effect constitutes acceptance of the updated policy.
12. Contact Us
If you have questions about this Privacy Policy, want to exercise any of your rights, or would like to request account deletion, please contact:
Meal Matchers โ Privacy
Email: jamesleonbond@gmail.com
We will respond to verified requests within 30 days.