Privacy Policy

Last updated: May 26, 2026

Fridge Game Plan is operated by Fn8 LLC ("Fn8 LLC," "we," "us," or "our"), a U.S. limited liability company, which acts as the data controller for personal information processed through this service (except payment data, where Paddle is the data controller — see "Payment processing" below). We keep this simple: we collect as little as possible, we don't sell your data, and you can use Fridge Game Plan without creating an account.

What we collect

  • Plan inputs: the information you enter into the builder (ingredients on hand, household size, budget amount and period, dietary preference).
  • Generated meal plans: when a plan is generated, we store the full plan (meals, ingredients, costs, and the inputs used to create it) so we can improve the service. Plans are tied to an anonymous session ID, not to your name.
  • Anonymous usage events: actions like "plan generated", "share clicked", "copy clicked", and "print clicked", along with a timestamp and anonymous session ID. No name, no account, no IP-based profile.
  • Email address (optional): only if you choose to submit it through the "Send my plan" form, sign up for a Pro account, or join the waitlist. We use it to send you your plan, account-related messages, and occasional product updates about Fridge Game Plan.
  • Receipt uploads (optional): if you upload a grocery receipt, we store the image and the extracted line-item data (store, items, prices, date). The image is sent to a third-party AI provider for text extraction (see "Third-party AI processing" below). Extracted prices may be used in anonymous form to improve cost estimates for everyone.
  • Deal submissions (optional): if you submit a deal, we store the deal details (store, item, price, location, expiry) along with your session ID and, if you're signed in, your account ID so we can attribute and moderate submissions. Public deal listings do not show your email or name.
  • Account and billing (Pro only): if you sign up for Pro, our payment processor Paddle collects and processes your name, email, billing address, country, and payment method to handle payment and sales tax/VAT. Paddle acts as the Merchant of Record and is the data controller for payment data; we receive limited subscription metadata (status, plan, renewal date, country) but do not see or store your full card details.

localStorage (browser storage)

We use your browser's localStorage (similar to cookies) to store:

  • An anonymous session_id so we can rate-limit abuse and tie events to a session without identifying you.
  • Your most recent generated plan so the results page works after a refresh.
  • A flag remembering whether you've already submitted your email, so we don't ask twice.

This data lives only in your browser. You can clear it any time through your browser's site data settings.

Third-party AI processing

To generate your meal plan, we send your inputs (ingredients, household size, budget, dietary preference) to a third-party AI provider via the Lovable AI Gateway, which routes requests to large language model providers (currently Google Gemini and/or OpenAI models). When you upload a receipt, the receipt image is also sent through the same gateway to extract store, items, and prices. These providers process the inputs/images to produce the output and are subject to their own privacy policies. We do not send your email address or any account/billing information to these providers.

Payment processing (Pro)

Paid Pro subscriptions are processed by Paddle, who acts as the Merchant of Record. Paddle collects and processes your name, email, billing address, country, and payment method to handle the transaction, sales tax, and VAT, and is the data controller for that information. See Paddle's Privacy Policy for details. We only receive limited subscription metadata (status, plan, renewal date, country) — never full card numbers.

How we use what we collect

  • To generate your plan and run the core service.
  • To improve recipes, costing, and the overall experience.
  • To prevent abuse (rate limiting by session and account).
  • To send your plan, account messages, and product updates if you provided an email.
  • To manage your Pro subscription, if you have one.

Legal basis for processing

Where applicable law (such as the GDPR or UK GDPR) requires a legal basis for processing personal data, we rely on the following:

  • Performance of a contract: to provide the core service you request — generating plans, running your account, processing your Pro subscription, and delivering plans or receipts you ask us to email.
  • Legitimate interests: to operate, secure, and improve the service — including rate limiting and abuse prevention, anonymized product analytics, improving recipes and cost estimates, and limited service-related communications. We balance these interests against your rights and only rely on them where they are not overridden by your interests or fundamental rights.
  • Consent: for optional product update emails and any analytics or marketing cookies that require consent under local law. You can withdraw consent at any time by emailing support@fridgegameplan.com or using the unsubscribe link in our emails.
  • Legal obligation: where we must process or retain data to comply with applicable laws (for example, tax, accounting, or responding to lawful requests).

How we protect your data (security)

We use reasonable technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption in transit via HTTPS/TLS for all traffic between your browser and our service.
  • Encryption at rest for our managed database and file storage, provided by our hosting and backend providers.
  • Access controls and least-privilege permissions so that only authorized personnel and services can access production data, with administrative access protected by strong authentication.
  • Row-level security policies in our database so that authenticated users can only access their own records.
  • Use of reputable infrastructure providers (including our backend, hosting, and payment processor Paddle) that maintain industry-standard security practices.
  • Regular dependency updates and security review of changes to the service.

No method of transmission or storage over the internet is 100% secure. While we work to protect your information, we cannot guarantee absolute security. If we become aware of a security incident that materially affects your personal data, we will notify affected users and authorities as required by applicable law.

How long we keep it

  • Plans and usage events: retained indefinitely in anonymous form for product improvement. You can request deletion (see below).
  • Email addresses: retained until you ask us to remove them.
  • localStorage: stays in your browser until you clear it.

What we don't do

  • We do not sell your data.
  • We do not require an account to use the product.
  • We do not knowingly collect data from children under 13.

Your data

You can contact us to request access to or deletion of any data tied to your email or session ID. Email support@fridgegameplan.com.

Changes to this policy

We may update this policy as the product evolves. The "Last updated" date above will reflect the most recent change.