Privacy Policy - Pantryverse App

Version: 1.0.0
Effective Date: December 23, 2025
Last Updated: December 23, 2025

1. Data Controller and Contact Information

Data Controller under GDPR

Torsten Hubertus Kunz
Sole proprietor (natural person)
Pistoriusstraße 9a
13086 Berlin
Germany

Commercial Register: n/a (natural person, beta phase)
Tax Number: n/a (natural person, beta phase)

Contact:
Email: statue-speer-4p@icloud.com
Website: https://pantryverse.com

Data Protection Officer

Not appointed (not required for a single-operator beta with limited processing).

2. Scope of This Privacy Policy

This privacy policy applies to the processing of personal data by the Pantryverse App on the following platforms:

iOS App

• App Name: Pantryverse - Smart Grocery Lists & Recipes
• Bundle ID: com.omnom
• Minimum Version: iOS 16.0
• Distribution: Apple App Store

Web Application

• URL: https://pantryverse.com
• Technologies: React, Firebase
• Browsers: Chrome, Safari, Firefox, Edge (current versions)

Geographic Scope: Germany and European Union
Languages: German (primary), English (secondary)
Beta tracking: No product analytics or Crashlytics enabled; only essential Firebase services (Auth, Firestore, Storage).

3. Types of Data Processed

3.1 Required Data for App Usage

This data is necessary for the core functions of the app:

Registration Data:

• Email address (as username)
• Encrypted password
• Registration timestamp
• Email verification status

Account Data:

• User settings and preferences
• Language settings
• Notification preferences
• App configuration

3.2 Application Data

Recipe Data:

• Recipe titles and descriptions
• Ingredient lists
• Cooking instructions
• Recipe images (uploaded by you)
• Creation and modification dates
• Ratings and notes

Grocery Lists:

• Grocery list contents
• Item categories and preferences
• Shopping history
• Category mappings
• List sharing permissions

Synchronization Data:

• Offline queue data
• Synchronization status
• Conflict resolution data

3.3 Special Categories of Personal Data

Biometric Data (optional):

• Face ID / Touch ID activation status
• Biometric authentication settings
• Device-specific security tokens

Legal Basis: Art. 9(2)(a) GDPR (explicit consent)

Important Note: Biometric templates never leave your device. They are stored and processed exclusively in the iOS Secure Enclave. Our servers only receive the authentication result (success/failure).

3.4 Technical and Device Data

Device Information:

• Operating system version
• App version
• Device type and model
• Region settings and time zone
• Device identifiers for security and abuse prevention

Access Data:

• IP address (anonymized)
• Access timestamps
• Features used (basic operational logs)
• Error messages (no crash reporting service during beta)

3.5 Analytics and Performance Data

Analytics and performance tracking are disabled during the beta.

4. Purposes of Data Processing and Legal Bases

4.1 Contract Performance (Art. 6(1)(b) GDPR)

Purpose: Providing the main functions of the app

Data Processed:

• Registration and account data
• Recipe and grocery list data
• Synchronization data
• Basic technical data

Duration: During the contract term

4.2 Legitimate Interests (Art. 6(1)(f) GDPR)

Purpose: Security, fraud prevention, and system stability

Data Processed:

• Technical and device data
• Access logs
• Security tokens and attestation data
• Anonymized performance data

Balancing of Interests: Our legitimate interest in the security and functionality of the app outweighs your interests because:

• Only technical, non-identifying data is processed
• Processing is necessary for security
• You benefit from improved security
• Appropriate protective measures are implemented

Right to Object: You can object to the processing (see Section 8).

4.3 Consent (Art. 6(1)(a) GDPR)

Purpose: Additional features and improvements

Data Processed (only with explicit consent):

• Extended analytics data
• Marketing communications
• Beta feature participation
• Biometric authentication (Art. 9(2)(a) GDPR)

Withdrawal: You can withdraw your consent at any time (see Section 8).

4.4 Legal Obligation (Art. 6(1)(c) GDPR)

Purpose: Compliance with legal retention requirements

Applicable Laws:

• Tax law retention periods (10 years)
• Consumer protection documentation (3 years)
• GDPR evidence requirements (3 years)

5. AI-Powered Data Processing and EU AI Act

5.1 AI Systems in the App

Recipe Analysis and Categorization:

• System: Third-party AI service providers
• Purpose: Automatic categorization of recipes and ingredients
• Risk Category: Minimal risk (Art. 6 EU AI Act)
• Transparency: You are informed about AI processing

Data Minimization:

• Only recipe content is sent to AI services
• No personal identifiers
• Anonymization before transmission
• Opt-out option available

5.2 Transparency and Explainability

Information about AI Decisions:

• Categorization results are traceable
• Manual correction options available
• No automated decisions with legal effect

Quality Assurance:

• Regular review of AI results
• Bias monitoring and correction
• Continuous model improvement

6. Retention Periods

6.1 Account Data

Duration: Until account deletion + 30 days
Reason: Account recovery and security

6.2 Application Data (Recipes, Lists)

Duration: Until account deletion + 90 days
Reason: Data backup and recoverability

6.3 Biometric Data

Duration: Until deactivation or account deletion
Location: Exclusively on your device (iOS Secure Enclave)

6.4 Analytics and Performance Data

Anonymized usage data: Not collected during beta
Technical performance data: Not collected during beta
Reason: Analytics are disabled; only essential operational logs are kept

6.5 AI Processing Data

Local processing: 90 days
Third-party AI provider logs: Minimization and time-limited retention per provider policies

6.6 Support Communications

Duration: 3 years after problem resolution
Reason: Quality assurance and legal protection

6.7 Legal Evidence

Consent records: 7 years after withdrawal
Compliance documentation: 3 years

Automatic Deletion: All periods are automatically monitored and enforced.

7. Recipients and Categories of Recipients

7.1 Data Processors

Google LLC / Google Ireland Limited (Firebase)

• Services: Authentication, Firestore, Storage, Hosting, security and abuse prevention
• Location: EU (Ireland), USA
• Safeguards: EU-US Data Privacy Framework, Standard Contractual Clauses
• Purpose: Backend infrastructure and data storage

Third-party AI service providers

• Services: AI processing for recipe analysis
• Location: USA
• Safeguards: Standard Contractual Clauses
• Purpose: AI-powered recipe categorization
• Data Minimization: Only anonymized recipe content

7.2 Platform Providers

Apple Inc.

• Services: iOS App Store, Biometric Authentication
• Location: USA, EU
• Purpose: App distribution and security features
• Special Note: Biometric data never leaves your device

7.3 Infrastructure and Development

No additional recipients beyond those listed above.

7.4 New Data Processors

Notification Obligation: 30 days in advance
Right to Object: You can object within 30 days

8. International Data Transfers

8.1 Adequacy Decisions

EU-US Data Privacy Framework

• Applicable to: Google LLC
• Status: Active (as of June 2025)
• Certification: https://www.dataprivacyframework.gov/

8.2 Standard Contractual Clauses (Art. 46 GDPR)

Version: Implementing Decision (EU) 2021/914
Applicable to: US-based processors as required

Additional Safeguards:

• End-to-end encryption for data transmission
• Data minimization and anonymization
• Regular security assessments
• Incident response procedures
• Technical access controls

8.3 Countries with Data Transfer

USA:

• Google (EU-US DPF)
• Third-party AI providers (SCC + safeguards)
• Apple (platform services)

Ireland (EU):

• Google Ireland Limited (GDPR-compliant)

9. Cookies and Tracking (TDDDG § 25)

9.1 Cookie Categories

Technically Required Cookies (no consent required):

• Firebase Authentication Session
• App state management
• Security tokens
• Purpose: Basic application functions
• Storage Duration: Session or until logout

Analytics Cookies (consent required under TDDDG § 25):
No analytics cookies are used during beta.

9.2 Consent Management

Cookie Banner: Not shown during beta because only essential cookies are used
Withdrawal: You can remove cookies via your browser settings

9.3 Local Storage and App Data (iOS)

Local Data Storage:

• UserDefaults for app settings
• Core Data for offline synchronization
• Keychain for security tokens

Purpose: Offline functionality and user experience
Access: Only by the Pantryverse App

10. Your Rights as a Data Subject

10.1 Right of Access (Art. 15 GDPR)

Content: Complete overview of your processed data
Format: Structured, machine-readable (JSON/CSV)
Timeframe: Within 30 days
Contact: statue-speer-4p@icloud.com

10.2 Right to Rectification (Art. 16 GDPR)

Option: Directly in the app or via email request
Timeframe: Without delay, at the latest within 30 days

10.3 Right to Erasure (Art. 17 GDPR)

"Right to be Forgotten":

• Complete account deletion in app settings
• Partial data deletion on request
• Automatic deletion after retention periods

Exceptions (no deletion):

• Ongoing contracts or legal obligations
• Legitimate interests (e.g., security)
• Consent-based processing until withdrawal

10.4 Right to Restriction of Processing (Art. 18 GDPR)

Cases: Accuracy disputed, processing unlawful, objection lodged
Effect: Data is "frozen" but not deleted

10.5 Right to Data Portability (Art. 20 GDPR)

Format: JSON, CSV, or other structured formats
Scope: All data provided by you
Direct Transfer: Technically possible to other providers

10.6 Right to Object (Art. 21 GDPR)

Against processing based on legitimate interests:

• At any time without giving reasons
• Processing within 30 days
• Processing will be stopped unless compelling grounds exist

Against direct marketing:

• At any time and unconditionally
• Immediate cessation of processing

10.7 Withdrawal of Consent (Art. 7(3) GDPR)

Withdrawal Options:

• In app settings
• Via email to statue-speer-4p@icloud.com
• By deactivating specific functions

Effect: For the future, already completed processing remains lawful

10.8 Legal Remedies

Complaint to Supervisory Authority (Art. 77 GDPR):

Federal Commissioner for Data Protection and Freedom of Information (BfDI)
Graurheindorfer Str. 153
53117 Bonn
Germany

Contact:

• Website: https://www.bfdi.bund.de/
• Email: poststelle@bfdi.bund.de
• Phone: +49 (0)228 997799-0
• Complaint form: https://www.bfdi.bund.de/SharedDocs/Downloads/DE/Beschwerde/BeschwerdeformularBfDI.html

Judicial Remedy (Art. 79 GDPR):

• Civil courts at the controller's location
• German law applicable

11. Security Measures

11.1 Technical Safeguards

Encryption and Transport Security:

• Encryption in transit and at rest where appropriate
• Secure connections for all data transfers

Access Controls:

• Restricted access to production data
• Regular access reviews and logging

Abuse Prevention:

• Measures to protect against misuse and automated attacks

11.2 Organizational Safeguards

Privacy by Design and Default:

• Minimal data collection by default
• Anonymization where technically possible
• Regular data protection impact assessments

Training and Awareness:

• Regular data protection training
• Security awareness for all employees
• Incident response training

Monitoring and Auditing:

• Continuous security monitoring
• Regular penetration testing
• Automatic vulnerability analysis
• Compliance audits

11.3 Data Protection Impact Assessment (DPIA)

Completed DPIAs:

• AI-powered recipe processing
• Biometric authentication
• International data transfers

Result: High level of protection, appropriate risk mitigation

12. Automated Decision-Making and Profiling

12.1 No Automated Decisions with Legal Effect

Clarification: The Pantryverse App does not make automated decisions that produce legal effects concerning you or similarly significantly affect you (Art. 22 GDPR).

12.2 AI-Powered Recommendations

Recipe Categorization:

• Automatic suggestions for categories
• Manual correction possible at any time
• No binding effect
• Transparency about decision logic

Grocery List Optimization:

• Suggestions based on your preferences
• Complete control over final decisions
• Opt-out possible at any time

12.3 Profiling (Limited)

Personalization of User Experience:

• Based on your app settings
• To improve user-friendliness
• No categorization or evaluation of your person
• Right to object under Art. 21 GDPR

13. Data Protection for Minors

13.1 Age Limit

Minimum Age: 16 years (Art. 8 GDPR)
Under 16 years: Consent from legal guardians required

13.2 Verification

Age Query: During registration
Parental Consent: Email verification required
Deletion: Within 30 days if consent is missing

13.3 Special Protective Measures

• No marketing communications to minors
• Limited data collection
• Enhanced transparency and control

14. Changes to This Privacy Policy

14.1 Amendment Procedure

Material Changes: 30 days advance notice via email
Minor Changes: Notification in the app
New Legal Bases: Renewed consent required

14.2 Version Control

Current Version: Always at https://legal.pantryverse.com/privacy/en
Previous Versions: Archived for 10 years
Changelog: Detailed change history available

14.3 Your Response Options

Objection: Within 30 days after notification
Termination: Account deletion for unacceptable changes
Consultation: Free support for questions

15. Contact and Data Protection Inquiries

15.1 Data Protection Contacts

General Data Protection Questions:
Email: statue-speer-4p@icloud.com
Response Time: Within 48 hours

Data Subject Rights:
Email: statue-speer-4p@icloud.com
Processing Time: Within 30 days (GDPR Art. 12)

Data Breaches:
Email: statue-speer-4p@icloud.com
Availability: 24/7

15.2 Required Information for Requests

Access Requests:

• Full name
• Email address of app account
• Copy of identity document (for identity verification)
• Specific information you desire

Deletion Requests:

• Account information
• Reason for deletion (optional)
• Identity confirmation

Rectification Requests:

• Data to be corrected
• Correct information
• Proof of accuracy (if required)

15.3 Processing Procedure

1. Acknowledgment: Within 24 hours
2. Identity Verification: Up to 7 days
3. Processing: Up to 30 days (GDPR-compliant)
4. Response: Structured and comprehensible
5. Follow-up Questions: Free support

15.4 Languages

German: Complete processing
English: Complete processing
Other Languages: Upon request

Appendix: Legal Foundations

Applicable Laws (as of June 2025)

• GDPR: Regulation (EU) 2016/679
• BDSG: Federal Data Protection Act (2018)
• TDDDG: Telecommunications-Telemedia Data Protection Act (2021)
• TMG: Telemedia Act (2007)
• EU General Data Protection Regulation: Primary law
• Digital Services Act: Regulation (EU) 2022/2065
• Data Governance Act: Regulation (EU) 2022/868
• Data Act: Regulation (EU) 2023/2854
• AI Act: Regulation (EU) 2024/1689

Jurisdiction and Applicable Law

Jurisdiction: Germany (Local Court at the controller's seat)
Applicable Law: German law
EU Law: GDPR and other EU regulations take precedence

Last Updated: December 23, 2025
Next Review: July 22, 2025

For questions about this privacy policy, please contact: statue-speer-4p@icloud.com