What we collect
- Account data: email, tier, subscription status, locale preference.
- Usage data: chat turns, export counts (per daily quota), search queries, page views.
- Memory: conversational context you share with The Geist (user-scoped, RLS-enforced, never visible to other users).
- Billing: Stripe handles payment details; we only see the Stripe customer ID + subscription status.
- Technical logs: IP address + user-agent on click redirects and rate-limit events, retained 30 days.
What we never do
- We do not sell or rent your data. Ever.
- We do not train third-party AI models on your conversations or exports.
- We do not expose user memory across accounts (enforced at the database level via row-level security).
Cookies
We use strictly-necessary cookies for session auth (sb-access-token, Supabase), anti-abuse nonces, and locale preference (fg_lang). No advertising cookies.
Processors
Data is processed by Supabase (primary database), Vercel (hosting), Stripe (billing), and OpenRouter / Groq / Anthropic (AI inference). Each processor has independent privacy policies linked from their sites. We do not transmit personally identifiable information to AI providers beyond the message text you send to The Geist.
Your rights
You can export or delete all your account data at any time via your profile. Deletion is cascading and permanent within 30 days (Stripe retains transaction records per legal requirements).
Children
Foodgeist is not directed at children under 13. We do not knowingly collect data from them.
Export watermarking
Documents you generate via Ficha Técnica embed an HMAC-signed fragment derived from your user id + entity id + issue time. This allows Foodgeist to trace accidentally-public leaks back to the originating subscriber. It does not carry personally identifying information and is not readable by anyone else.
Contact
Data questions: privacy@foodgeist.app.