Privacy
Policy

GoneUP is a grocery planning and personal price tracking app made by GoneUP LLC, based in Lebanon, Tennessee. You can reach us at hello@goneupapp.com.

Information you give us directly:

• Account information. If you create an account, we collect your email address and a password (stored as a secure hash via Supabase Authentication). You may optionally provide your name.
• Grocery and trip history. Items you add to your list, prices you log, stores you shop at, and meals you plan. This data is stored locally on your device. If you are signed in, it also syncs to our cloud infrastructure (Supabase) for backup and multi-device access.
• Receipt scanning. If you use the receipt scanning feature, the App uses on-device text recognition (OCR) to extract item names, prices, store names, and dates from photos of your receipts. Receipt images are processed entirely on your device and are never transmitted to any server. The extracted text data (item names and prices) may be saved as part of your trip history.
• App preferences. Your theme choice, store preferences, household size, and notification settings. These are stored locally on your device and, if you are signed in, synced to our cloud infrastructure.

Information we do not collect:

• Your precise location (we do not use GPS, IP geolocation, or any location services)
• Your contacts
• Any financial account information (credit cards, bank accounts, payment methods)
• Any data used to build an advertising profile
• Analytics or usage tracking (we do not use any analytics SDK)

When you use the receipt scanning feature, the App accesses your device camera or photo library to capture or select a receipt image. This image is processed on your device only and is not stored or transmitted.

We use the information we collect to:

• Authenticate your account and maintain your session
• Send you transactional emails you request (password reset, account confirmation)
• Sync your grocery data across your devices when you are signed in
• Provide price tracking, insights, and recommendations based on your personal trip history

We do not use your data to show you ads, build marketing profiles, or sell to data brokers. Ever.

Your grocery data is stored locally on your device. If you uninstall the app or clear app data, your local data is deleted with it.

Your account credentials (email and hashed password) are stored securely via Supabase Authentication. When you are signed in, your grocery data syncs to Supabase with encryption in transit (TLS) and at rest. Row-level security policies ensure only you can access your data.

Data retention. When you delete your account through the app or by contacting us, all your data is removed from our servers immediately. Database backups that may contain your data are purged within 30 days of deletion.

We do not sell, rent, or trade your personal information to any third party.

We use the following third-party services:

• Supabase. Account authentication and cloud sync. Supabase receives your email and hashed password when you create an account or sign in. When you are signed in, your grocery data syncs to Supabase for backup and multi-device access. Row-level security policies ensure only you can access your data. Supabase servers are located in the United States. Supabase Privacy Policy
• UPCitemdb. Barcode and product lookups. When you scan a barcode or search for a product, we may send the barcode number or search term to UPCitemdb to retrieve product information (name, brand, category). No personal data is transmitted. UPCitemdb Terms
• Open Food Facts. Barcode lookups. When you scan a barcode, we may send the barcode number to Open Food Facts to retrieve product information (name, category) as a fallback. No personal data is transmitted. Open Food Facts Terms
• On-device text recognition. Receipt scanning uses text recognition technology built into your device's operating system. All processing happens on your device. No receipt images or extracted text are sent to any external service.
• Resend. Transactional email delivery. When we send you a password reset or account confirmation email, Resend processes the delivery. Resend receives your email address for this purpose only. Resend Privacy Policy
• Apple App Store / Google Play. If we introduce paid features in the future, all billing will be handled directly by Apple or Google. We will never receive or store your payment method details (credit card, bank account, etc.). This policy will be updated before any paid features launch.

• Access. You can view all data stored by the app directly within the app.
• Delete. You can delete your account and all associated data using the Delete Account button in the app (Account tab). This immediately removes your data from our servers. You can also email us at hello@goneupapp.com and we will process your request within 30 days. Uninstalling the app or clearing app data removes all locally stored data.
• Export. You can request a copy of your data at any time by emailing us at hello@goneupapp.com.

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights regarding your personal information:

• Right to know. You have the right to request what personal information we have collected about you, the categories of sources, the business purpose for collecting it, and the categories of third parties with whom we share it.
• Right to delete. You have the right to request deletion of your personal information. You can do this instantly using the Delete Account button in the app, or by emailing hello@goneupapp.com.
• Right to opt out of sale. We do not sell your personal information. We have never sold personal information and have no plans to do so.
• Right to non-discrimination. We will not discriminate against you for exercising any of your CCPA rights.

To exercise these rights, contact us at hello@goneupapp.com. We will verify your identity using your account email address before processing your request.

If you are located in the European Economic Area (EEA) or the United Kingdom, the General Data Protection Regulation (GDPR) provides you with additional rights:

• Lawful basis. We process your personal data on the basis of contract (providing the service you signed up for) and your consent (when you create an account).
• Right of access. You can request a copy of the personal data we hold about you.
• Right to rectification. You can update your account information directly in the app.
• Right to erasure. You can delete your account and all associated data using the Delete Account button in the app, or by contacting us.
• Right to data portability. You can request your data in a portable format by emailing us at hello@goneupapp.com.
• Right to restriction and objection. You can request that we restrict or stop processing your personal data by contacting us.

Data transfers. Your data is stored on Supabase servers in the United States. We rely on Supabase's standard contractual clauses and data processing agreements to ensure appropriate safeguards for international data transfers.

To exercise these rights, contact us at hello@goneupapp.com. We will respond within 30 days.

If we become aware of a security breach that affects your personal data, we will notify affected users by email and through an in-app notice within 72 hours of confirming the breach, as required by applicable law. The notification will describe the nature of the breach, the data affected, and the steps we are taking to address it.

GoneUP is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us at hello@goneupapp.com and we will delete it promptly.

If we make material changes to this policy, we will notify you through the app or by email before the changes take effect. The date at the top of this page reflects the most recent update.

Questions about this policy or your data:

• Email: hello@goneupapp.com
• GoneUP LLC, Lebanon, Tennessee