Privacy Policy

Privacy Policy

What’s For Dinner? — Silverback Enterprises LLC
Effective Date: May 5, 2026

Silverback Enterprises LLC (“we,” “us,” or “our”) operates the What’s For Dinner? mobile application (the “App”). This Privacy Policy explains what information we collect, how we use it, who we share it with, and your choices regarding your information.

By using the App, you agree to the collection and use of information as described in this Privacy Policy. If you do not agree, please do not use the App.

Contents

  1. Information We Collect
  2. How We Use Your Information
  3. Third-Party Services
  4. Data Storage and Security
  5. Data Sharing and Disclosure
  6. Data Retention
  7. Children’s Privacy
  8. Your Choices and Controls
  9. International Data Transfers
  10. California Privacy Rights
  11. European Economic Area (EEA) Rights
  12. Changes to This Policy
  13. Contact Us

1. Information We Collect

We designed the App with privacy in mind. We do not require you to create an account, and we do not collect your name, email address, phone number, or any other personal identifiers.

1.1 Information You Provide Directly

  • Camera images: When you use the ingredient-scanning or receipt-scanning features, the App captures photos using your device’s camera. These photos are transmitted to our servers for AI processing (see Section 3) and are not stored on your device or our servers after processing is complete. Only the extracted ingredient data is retained on your device.
  • Voice input: When you use voice commands to edit your inventory, audio is processed by your device’s built-in speech recognition service (Apple Dictation on iOS, Google Speech-to-Text on Android). Audio is not transmitted to our servers.
  • Dietary preferences: Allergens and food intolerances you configure within the App are stored locally on your device and transmitted to our AI service when generating recipes, so that recipes respect your dietary restrictions.
  • Pantry staples: Ingredients you mark as always on hand are stored locally on your device.
  • Custom storage locations: Names of storage areas you create (e.g., “Freezer,” “Garage”) are stored locally on your device.
  • Recipe feedback: When you rate a recipe with a thumbs up or thumbs down, that feedback is stored locally and may be sent to our AI service to improve future recipe suggestions within the same session.
  • Saved recipes: Recipes you bookmark are stored locally on your device.

1.2 Information Collected Automatically

  • Analytics data: We use Firebase Analytics to collect anonymous usage data, including: whether you have an existing inventory when opening the App, the number of items detected during scans, the number of storage locations scanned, general recipe interaction patterns (e.g., category selected, number of rounds viewed), whether notifications are enabled, and subscription-related events (paywall shown, subscription started or restored). Analytics data is not linked to any personal identifier.
  • Crash reports: We use Firebase Crashlytics to collect anonymous crash data, including stack traces, exception messages, your device model, operating system version, and app version. Crash reports do not contain your ingredient data, recipes, or dietary preferences.
  • Performance data: We use Firebase Performance Monitoring to collect anonymous performance metrics, including network request latency and app startup time.
  • App integrity tokens: We use Firebase App Check to verify that requests to our servers originate from a legitimate copy of the App. App Check tokens do not identify you personally or track your activity.
  • Configuration data: We use Firebase Remote Config to deliver app configuration values. This service does not collect or store personal information.
  • Anonymous Installation Identifier: To enforce our subscription limits and Fair Use Policy and to prevent abuse of our AI services, we generate and use two anonymous device identifiers:
    • An install identifier provided by Firebase Analytics, which is reset whenever you reinstall the App. We use this identifier to count your daily AI-powered actions against our fair use limits, alongside a daily counter that resets at 00:00 UTC.
    • persistent device identifier (a randomly generated string) that we create on first launch and store in your device’s secure storage (Keychain on iOS, Encrypted Shared Preferences on Android). On iOS, this identifier remains in the device Keychain across app uninstall and reinstall by design — this allows us to enforce monthly free-tier limits for non-subscribers consistently, even if the App is reinstalled. On Android, the identifier is restored from your Google Drive backup if Auto Backup is enabled, and otherwise is regenerated. We use this identifier to count your monthly free recipe generations against our subscription limits.

    Both identifiers are stored on our servers alongside their respective counters. Neither is linked to your name, email address, or any other personal information, and neither is used for advertising or cross-app tracking. You can erase both identifiers from our servers at any time using the Delete My Data option in Settings — note that on iOS, deleting the App alone will not erase the persistent device identifier from your Keychain. (See note on Delete My Data below.)

  • Apple Search Ads attribution (iOS only): When you install or open the App on iOS, your device may provide our App with an Apple Search Ads attribution token via Apple’s AdServices framework. We forward this token to RevenueCat (see Section 3.3), which queries Apple’s Ad Attribution API to retrieve campaign-level information (such as the campaign, ad group, or keyword associated with your installation). We use this data only to measure the effectiveness of our own marketing campaigns. The attribution token does not identify you personally and is not used to track you across other apps or websites. Apple classifies this collection as not requiring an App Tracking Transparency prompt.
  • SKAdNetwork (iOS only): The App supports Apple’s SKAdNetwork framework, which provides aggregate, anonymous information about ad campaign performance. SKAdNetwork postbacks are generated by the iOS operating system and do not identify individual users.

1.3 Information We Do NOT Collect

  • Name, email address, phone number, or mailing address
  • Precise or approximate geographic location
  • Contacts, calendars, or other personal data on your device
  • Browsing history or activity outside the App
  • Apple’s IDFA (Identifier for Advertisers) or Google’s Advertising ID
  • Health or fitness data
  • Photos from your photo library (the App only uses the live camera)

2. How We Use Your Information

We use the information described above for the following purposes:

Purpose Data Used
Identify ingredients from your photos Camera images (transmitted to AI service, not stored)
Generate personalized recipe suggestions Ingredient inventory, staples, allergens, meal preferences, recipe feedback
Edit inventory by voice Audio (processed on-device by platform speech service)
Manage your subscription Purchase transactions (handled by Apple/Google and RevenueCat)
Send you daily meal-planning reminders Notification preferences (processed entirely on your device)
Improve app stability and performance Crash reports and performance metrics (anonymous)
Understand how the App is used in aggregate Analytics events (anonymous, not linked to individuals)
Protect against abuse of our services App Check tokens, daily usage counters
Measure the effectiveness of our marketing campaigns Apple Search Ads attribution token, SKAdNetwork postbacks (iOS only)

We do not display advertising within the App, do not use your information for behavioral advertising or user profiling, and do not sell your information to third parties. We do measure the effectiveness of our own marketing campaigns using privacy-preserving frameworks (Apple Search Ads attribution and SKAdNetwork) as described above.

3. Third-Party Services

The App relies on the following third-party services, each of which has its own privacy policy governing its use of data:

3.1 Google Gemini API (AI Processing)

When you scan ingredients or generate recipes, your data is sent to Google’s Gemini API via our secure cloud functions. Specifically:

  • For ingredient scanning: Your compressed camera photos and storage-location labels (e.g., “Fridge”) are sent to Google Gemini for image analysis.
  • For recipe generation: Your ingredient list, pantry staples, allergens, meal preferences, and recipe feedback are sent to Google Gemini as text.

Under Google’s standard Cloud API terms, data submitted to the Gemini API may be used by Google to improve its products and services, including AI models. Google’s processing of this data is governed by the Google Privacy Policy and Google Cloud Service Terms.

No personal identifiers (name, email, device ID) are included in data sent to Google Gemini.

3.2 Firebase (Google)

We use several Firebase services provided by Google:

  • Firebase Analytics — Collects anonymous usage events as described in Section 1.2. Firebase Privacy Information
  • Firebase Crashlytics — Collects anonymous crash reports to help us fix bugs.
  • Firebase Performance Monitoring — Collects anonymous performance metrics.
  • Firebase App Check — Verifies that requests come from a legitimate app instance. Does not track users.
  • Firebase Remote Config — Delivers configuration values to the App. Does not collect personal data.

Firebase services are governed by the Firebase Terms of Service and the Google Privacy Policy.

3.3 RevenueCat (Subscription Management)

We use RevenueCat to manage in-app subscriptions. RevenueCat processes:

  • An anonymous app user identifier (not linked to your personal identity)
  • Purchase transaction data provided by Apple App Store or Google Play
  • Subscription status (active, expired, etc.)
  • Apple Search Ads attribution tokens and the resulting campaign-level attribution data returned by Apple’s Ad Attribution API (iOS only)

RevenueCat does not receive your ingredient data, photos, recipes, dietary preferences, or any personally identifiable information from us. RevenueCat’s handling of data is governed by the RevenueCat Privacy Policy.

3.4 Apple and Google Platform Services

  • Speech recognition: When you use voice input, audio is processed by Apple’s Dictation service (iOS) or Google’s Speech-to-Text service (Android) under the respective platform’s privacy policy. Audio is not sent to our servers.
  • In-app purchases: Subscription payments are processed by the Apple App Store or Google Play Store. We do not receive or store your payment information (credit card number, billing address, etc.).
  • App integrity: On iOS, App Attest is used; on Android, Play Integrity is used. These are security services and do not track individual users.

3.5 Apple Search Ads (iOS only)

When the App is installed via an Apple Search Ads campaign, Apple’s AdServices framework provides our App with an attribution token. The token is sent to RevenueCat (see Section 3.3), which forwards it to Apple’s Ad Attribution API to retrieve campaign-level information (such as campaign, ad group, and keyword identifiers). We use this information to measure which marketing campaigns drive installations and subscriptions.

This system does not link your activity across apps or websites operated by other companies and does not use Apple’s IDFA. Apple classifies it as not requiring an App Tracking Transparency prompt. Apple’s processing of this data is governed by Apple’s Privacy Policy.

You can limit Apple’s collection of personalized advertising data at any time on your iOS device: Settings → Privacy & Security → Apple Advertising → toggle off “Personalized Ads.”

4. Data Storage and Security

4.1 Local-First Architecture

The App follows a local-first design. All of your personal data — including your ingredient inventory, allergens, staples, saved recipes, recipe feedback, preferences, and notification settings — is stored exclusively on your device in an encrypted local database. We do not maintain a server-side database of user data and have no ability to access your locally stored information.

4.2 Data in Transit

When data is transmitted to our cloud functions for AI processing, it is sent over HTTPS (TLS encryption). All requests are authenticated using Firebase App Check to prevent unauthorized access.

4.3 Cloud Function Processing

Our cloud functions are stateless. Data sent for AI processing (photos, ingredient lists, preferences) is held in memory only for the duration of the request and is not logged, stored, or persisted on our servers. Once a response is returned, the data is discarded from memory.

4.4 Photos

Camera photos captured within the App are:

  1. Compressed in memory on your device
  2. Transmitted to our cloud function over HTTPS
  3. Forwarded to the Google Gemini API for analysis
  4. Discarded from our cloud function memory upon completion

Photos are never saved to your device’s photo library, our servers, or any persistent storage under our control.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your information to any third party.

We share data with third parties only as described in Section 3 (Third-Party Services) and in the following limited circumstances:

  • Legal requirements: We may disclose information if required to do so by law, regulation, legal process, or governmental request.
  • Safety: We may disclose information if we believe in good faith that it is necessary to protect the safety of our users, the public, or our rights.
  • Business transfers: If Silverback Enterprises LLC is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via an update to this Privacy Policy.

6. Data Retention

  • On-device data: Your locally stored data (inventory, preferences, saved recipes, etc.) remains on your device until you delete it within the App or uninstall the App. Uninstalling the App permanently deletes all locally stored data.
  • Camera photos: Not retained. Discarded from memory immediately after AI processing.
  • Analytics and crash data: Retained by Firebase according to Google’s standard retention policies (typically up to 14 months for analytics data and 90 days for crash reports).
  • Subscription data: Retained by RevenueCat according to their retention policy and as required by Apple and Google for transaction records.
  • Gemini API data: Retained by Google according to their Cloud API terms. Under standard terms, submitted data may be retained by Google for service improvement purposes.
  • Apple Search Ads attribution data: Retained by RevenueCat alongside subscription records according to RevenueCat’s retention policy. Campaign-level attribution data is not personally identifiable.

7. Children’s Privacy

The App is suitable for users of all ages. We comply with the Children’s Online Privacy Protection Act (COPPA), the Google Families Policy, and Apple’s guidelines for apps used by children.

We do not knowingly collect personal information from children under 13 (or the applicable age in your jurisdiction). The App does not require account creation, does not collect names, email addresses, or other personal identifiers from any user regardless of age, and does not contain behavioral advertising.

Camera photos are processed solely for ingredient identification and are not stored. Analytics data collected is anonymous, not linked to any individual, and cannot be used to identify a child.

If you are a parent or guardian and believe your child has provided personal information through the App, please contact us at contact@silverbackbiz.com and we will take steps to address the concern.

8. Your Choices and Controls

8.1 Camera and Microphone Access

The App will request your permission before accessing your camera or microphone. You can revoke these permissions at any time through your device’s Settings. Without camera access, the ingredient-scanning feature will be unavailable. Without microphone access, voice input will be unavailable.

8.2 Speech Recognition

On iOS, the App will request your permission for speech recognition. You can revoke this permission at any time through your device’s Settings.

8.3 Notifications

Daily meal-planning reminders are optional. You can enable or disable them within the App’s settings, or revoke notification permissions through your device’s Settings.

8.4 Deleting Your Data

Because all personal data is stored locally on your device, you have full control over it:

  • Delete individual items: You can remove specific ingredients, saved recipes, allergens, staples, and custom locations within the App.
  • Delete all data: Uninstalling the App permanently deletes all locally stored data, including your inventory, preferences, and saved recipes. This action cannot be undone.

8.5 Subscription Management

You can manage or cancel your subscription through the Apple App Store or Google Play Store settings on your device.

8.6 Limiting Analytics Collection

You can limit analytics data collection by enabling “Limit Ad Tracking” (iOS) or opting out of “Ads Personalization” (Android) in your device’s privacy settings. You may also disable analytics data sharing with Google through your device’s Google settings.

To limit Apple Search Ads attribution on iOS: open Settings → Privacy & Security → Apple Advertising and toggle off “Personalized Ads.” This setting will not affect any App functionality.

9. International Data Transfers

Our cloud functions and third-party services (Google, RevenueCat) may process data in the United States or other countries. By using the App, you consent to the transfer of information to countries outside your country of residence, which may have different data protection rules. We rely on our service providers’ compliance with applicable data transfer frameworks.

10. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

  • Right to know: You may request details about the categories and specific pieces of personal information we have collected. As described in this policy, we do not collect personally identifiable information.
  • Right to delete: You may request deletion of your personal information. Because your data is stored locally on your device, you can delete it at any time by removing items in the App or uninstalling the App.
  • Right to opt out of sale: We do not sell personal information.
  • Right to non-discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise these rights, contact us at contact@silverbackbiz.com.

11. European Economic Area (EEA) Rights

If you are located in the EEA, UK, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

  • Legal basis: Legal basis: We process anonymous analytics data and marketing-attribution data based on our legitimate interest in improving the App and measuring the effectiveness of our marketing campaigns. We process data sent for AI features based on your consent (by choosing to use those features).
  • Your rights: You have the right to access, rectify, erase, restrict processing, data portability, and to object to processing of your data. Since we do not collect personally identifiable information and all user data is stored locally on your device, these rights are effectively under your direct control.
  • Data Protection Authority: You have the right to lodge a complaint with your local data protection authority.

To exercise these rights, contact us at contact@silverbackbiz.com.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the “Effective Date” at the top of this page. If we make material changes, we will provide notice through the App or by other appropriate means. Your continued use of the App after changes are posted constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Silverback Enterprises LLC
Email: contact@silverbackbiz.com
Privacy Policy URL: https://silverbackbiz.com/apps/whats-for-dinner/privacy-policy/

This Privacy Policy was last updated on May 5, 2026.