Zesto Privacy Policy
Welcome to Zesto ("we," "our," or "us"). We are committed to protecting your privacy and providing a safe and secure user experience. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our iOS application (the "App").
1. Information We Collect
We collect the following types of information:
- 1.1. Information you provide:
- Email address
- Name
- Birthday
- 1.2. Information collected through Firebase Analytics:
- Usage data and analytics as collected by Google Firebase
2. Legal Basis for Processing
We process your personal data on the following legal grounds:
- Consent: You have given clear consent for us to process your personal data for a specific purpose.
- Contract: The processing is necessary for the performance of a contract to which you are a party (i.e., to provide you with the App's services).
- Legitimate Interests: The processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those legitimate interests.
3. How We Use Your Information
We use the collected information for the following purposes:
- To provide and maintain the App
- To personalize your experience
- To communicate with you about the App and your account
- To improve our App based on usage data collected by Firebase Analytics
4. Data Storage and Security
We use Firebase Firestore for data storage, which maintains databases in the United States. The security of your data is managed by Firebase's built-in security measures. For more information on Firebase's security practices, please refer to Google's Firebase documentation.
5. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
6. Your Rights Under GDPR
If you are a resident of the European Economic Area (EEA), you have the following rights under GDPR:
- Right to Access: You have the right to request copies of your personal data.
- Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete any information you believe is incomplete.
- Right to Erasure: You have the right to request that we erase your personal data, under certain conditions.
- Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
- Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions.
- Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
To exercise these rights, please contact us using the information provided in the "Contact Us" section.
7. Third-Party Services and Data Processors
We use the following third-party services as data processors:
- Firebase: For analytics, app performance monitoring, and data storage
- RevenueCat: For managing subscriptions
- Algolia Search: For search functionality within the App
- AI Providers (ChatGPT, Claude, Flux): For generating recipes and images
We have ensured that all our data processors have committed to compliance with GDPR and other applicable data protection laws. These services may collect and process your data according to their own privacy policies. We encourage you to review their policies for more information.
8. International Data Transfers
As we use Firebase Firestore with databases in the United States, your information may be transferred to, stored, and processed in a country different from your country of residence. By using the App, you consent to such transfer and processing. We ensure that any international data transfers are done with appropriate safeguards in place, in compliance with GDPR requirements.
9. Data Protection Officer
While we have not appointed a formal Data Protection Officer, we have a designated point of contact for data protection issues. You can reach out to them at hi@zesto.app.
10. Data Breach Notification
In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority without undue delay, in accordance with GDPR requirements.
11. Children's Privacy
Our App is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe we may have collected information about a child, please contact us immediately.
12. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.
13. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us at:
Email: hi@zesto.app