Privacy Policy

1. Introduction

FoodShop ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application and services.

FoodShop is operated by Y.S.I.A. Software Solutions LTD., a company registered in Israel. For privacy inquiries, contact us at [email protected].

2. Information We Collect

Information You Provide

• Account information (name, email address, business name)
• Recipe data (ingredients, quantities, pricing)
• Order information (customer details, order items)
• Payment information (processed securely through Paddle, our payment processor)
• Custom ingredient data (names, nutrition information, allergen details)
• Ingredient pricing information (for your business use and community price suggestions)

Information Collected Automatically

• Device and browser information
• IP address and approximate location
• Usage data and analytics
• Cookies and similar technologies

3. How We Use Your Information

We use your information to:

• Provide and maintain our services
• Calculate recipe costs and suggest pricing
• Process orders and send notifications
• Generate community price suggestions from aggregated user data
• Provide nutrition information and allergen detection from USDA database
• Improve our services and develop new features
• Communicate with you about updates and offers
• Prevent fraud and ensure security

4. Community Pricing and Data Sharing

Community Price Suggestions

FoodShop aggregates pricing information from all users to provide helpful "What other bakers pay" suggestions. Here's how this works:

• Collection: When you enter ingredient prices, we collect and store this information
• Anonymization: Your pricing data is anonymized and aggregated with data from other users
• Display: We display average, minimum, and maximum prices that other users pay for the same ingredients
• Privacy: Individual prices and user identities are never disclosed to other users

Important: Community price suggestions are for reference only and should always be verified with your actual supplier prices. Prices may vary by location, supplier, quantity, and time.

USDA Nutrition Database

We integrate data from the USDA FoodData Central database to provide:

• Nutrition information for over 100,000 ingredients
• Branded product data (King Arthur, Pillsbury, etc.)
• Automatic allergen detection based on ingredient composition

This data is sourced from public USDA databases and is provided for informational purposes only. See our Terms of Service for important disclaimers about accuracy.

5. Information Sharing

We may share your information with:

• Paddle (UK/EU) - Our payment processor and Merchant of Record
• Amazon Web Services (AWS) - Cloud hosting infrastructure
• Other FoodShop Users - Aggregated, anonymized pricing data only (see Section 4)
• Analytics providers to improve our services
• Law enforcement when required by law

We do not sell your personal information to third parties. Community pricing features share only anonymized, aggregated data.

Where We Process Data

Your data is primarily stored and processed on servers located in the United States (AWS). Our payment processor Paddle processes payment data in the UK/EU.

6. Data Security

We implement appropriate technical and organizational security measures to protect your information, including encryption in transit and at rest. However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security of your data.

7. Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Export your data in a portable format
• Opt out of marketing communications

To exercise these rights, contact us at [email protected] or use the account settings in our application.

8. Information for European Economic Area (EEA) Residents

Legal Basis for Processing

We process your personal data under the following legal bases:

• Contract Performance: To provide the services you requested
• Legitimate Interests: To improve our services, prevent fraud, and ensure security
• Consent: For marketing communications (you may withdraw consent at any time)
• Legal Obligation: To comply with applicable laws

Your GDPR Rights

In addition to the rights listed in Section 7, EEA residents have the right to:

• Object to processing based on legitimate interests
• Restrict processing of your data
• Withdraw consent at any time
• Lodge a complaint with your local data protection authority

International Data Transfers

Your data may be transferred to and processed in Israel and other countries outside the EEA. Israel has received an adequacy decision from the European Commission. For transfers to other countries (such as the United States for AWS hosting), we use appropriate safeguards including Standard Contractual Clauses.

Data Controller

Y.S.I.A. Software Solutions LTD., located in Israel, is the data controller for your personal data. Contact us at [email protected] for data protection inquiries.

9. Information for California Residents

Under the California Consumer Privacy Act (CCPA), California residents have additional rights regarding their personal information:

• Right to Know: Request disclosure of personal information we collect, use, and share
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the sale of personal information (we do not sell your data)
• Right to Non-Discrimination: We will not discriminate against you for exercising these rights

Categories of Personal Information Collected: Identifiers (name, email), commercial information (orders, transactions, ingredient prices), internet activity (usage data), professional information (business name), and user-generated content (recipes, custom ingredients).

To exercise your CCPA rights, contact us at [email protected] or use the account settings in our application.

10. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. Specifically:

• Account data: Retained until you delete your account, plus 30 days for backup purposes
• Transaction records: Retained for 7 years for tax and legal compliance
• Usage analytics: Aggregated and anonymized after 24 months
• Support communications: Retained for 3 years

After account deletion, we may retain anonymized data for analytics purposes.

11. Cookies and Tracking Technologies

Types of Cookies We Use

• Essential Cookies: Required for the Service to function (authentication, security)
• Analytics Cookies: Help us understand how you use the Service
• Preference Cookies: Remember your settings and preferences

Managing Cookies

You can control cookies through your browser settings. Disabling essential cookies may affect Service functionality.

12. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page, updating the "Last updated" date, and sending an email notification for significant changes.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at: