Your privacy matters

Privacy Policy

Last updated: March 4, 2026

Salt & Prepper ("we," "us," or "our") operates the website www.saltandprepper.com (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this privacy policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Personal Information You Provide

When you register for an account, subscribe to our Service, or contact us, we may collect:

  • Account Information: Your name, email address, and password (hashed and salted).
  • Profile Information: Household size, dietary preferences, storage goals, and location (optional).
  • Payment Information: When you subscribe to our Premium plan, payment details are collected and processed directly by Stripe, Inc. We do not store your full credit card number on our servers.
  • Inventory Data: Food items, quantities, expiration dates, and other information you enter into the Service.
  • Communications: Any messages or feedback you send to us through our contact form or support channels.

1.2 Information Collected Automatically

When you access the Service, we automatically collect certain information, including:

  • Usage Data: Pages visited, features used, time spent on pages, click patterns, and navigation paths.
  • Device Information: Browser type and version, operating system, device type, screen resolution, and language preferences.
  • Log Data: IP address, access times, referring URLs, and error logs.
  • Cookie Data: Information collected through cookies and similar tracking technologies (see Section 4 below).

1.3 Information from Third Parties

We may receive information from third-party services when you:

  • Sign in using Google OAuth (we receive your name, email address, and profile picture from Google).
  • Scan product barcodes (we query the USDA FoodData Central and Open Food Facts databases to retrieve nutritional information).

2. How We Use Your Information

We use the information we collect to:

  • Provide and Maintain the Service: Manage your account, process subscriptions, track your inventory, generate dashboards, and deliver personalized recommendations.
  • Improve the Service: Analyze usage patterns to enhance features, fix bugs, and optimize performance.
  • Personalize Your Experience: Tailor recommendations, meal plans, and product suggestions based on your inventory and preferences.
  • Process Payments: Facilitate subscription billing and manage plan changes through our payment processor, Stripe.
  • Communicate with You: Send account-related notifications (expiration alerts, billing confirmations), respond to support requests, and provide service updates.
  • Comply with Legal Obligations: Fulfill our legal and regulatory obligations, enforce our terms, and protect against fraud or misuse.
  • Display Advertising: Show relevant advertisements through Google AdSense and affiliate product recommendations through Amazon Associates.

3. Data Sharing and Third Parties

We do not sell your personal information. We may share your information with the following third parties only as necessary to operate the Service:

3.1 Service Providers

  • Stripe, Inc. — Processes subscription payments. Stripe receives your payment method details, billing address, and email. Stripe's privacy policy is available at stripe.com/privacy.
  • Google Cloud Platform — Hosts our infrastructure, including database and application servers. Data is stored in Google Cloud's U.S. data centers.
  • Anthropic — Powers our recommendation and meal planning features. We send anonymized inventory data to generate suggestions. Anthropic does not retain your data for training purposes.

3.2 Analytics and Advertising

  • Google Analytics — We use Google Analytics (Property ID: G-EX3033006K) to understand how users interact with our Service. Google Analytics collects anonymized usage data and uses cookies. You can opt out using the Google Analytics Opt-Out Browser Add-On.
  • Google AdSense — We display advertisements through Google AdSense (Publisher ID: ca-pub-2987233570389325). AdSense may use cookies to serve personalized ads based on your browsing activity. You can manage ad personalization at Google Ad Settings.
  • Amazon Associates — We participate in the Amazon Associates Program and may display affiliate product links. Amazon may use cookies to track purchases made through these links. See Amazon's Privacy Notice for details.

3.3 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate and improve the Service. For a detailed breakdown of the cookies we use, please see our Cookie Policy.

The types of cookies we use include:

  • Essential Cookies: Required for the Service to function (authentication, session management, CSRF protection).
  • Functional Cookies: Remember your preferences and settings (theme, layout preferences).
  • Analytics Cookies: Help us understand how users interact with the Service (Google Analytics).
  • Advertising Cookies: Used to display relevant advertisements (Google AdSense, Amazon Associates).

5. Data Retention and Deletion

We retain your personal information for as long as your account is active or as needed to provide the Service.

  • Active Accounts: Your data is retained for the duration of your account, whether free or Premium.
  • Account Deletion: When you delete your account or cancel your subscription, all of your personal data, inventory records, and associated content are permanently deleted from our servers within 30 days. This deletion is irreversible.
  • Subscription Cancellation: Upon cancellation, your account and all associated data are scheduled for immediate deletion. We do not retain data after cancellation as an archive.
  • Backup Retention: Encrypted backups may contain your data for up to 90 days after deletion, after which they are automatically purged.
  • Legal Obligations: We may retain certain information as required by applicable law (e.g., billing records for tax purposes) even after account deletion.

6. Data Security

We implement industry-standard security measures to protect your information, including:

  • TLS/SSL encryption for all data transmitted between your browser and our servers.
  • AES-256 encryption for sensitive data at rest.
  • Bcrypt hashing with individual salts for passwords.
  • HttpOnly, Secure, and SameSite cookie attributes for session tokens.
  • Rate limiting and brute-force protection on authentication endpoints.
  • Regular security audits and dependency vulnerability scanning.

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request that we correct inaccurate or incomplete personal information.
  • Deletion: Request that we delete your personal information. You can delete your account at any time from your profile settings.
  • Data Portability: Request an export of your data in a machine-readable format (JSON). This feature is available in your account settings.
  • Objection: Object to the processing of your personal information for certain purposes, including direct marketing.
  • Restriction: Request that we restrict the processing of your personal information under certain circumstances.
  • Withdraw Consent: Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at privacy@saltandprepper.com or through your account settings. We will respond to your request within 30 days.

8. California Privacy Rights (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights regarding your personal information:

  • Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purpose for collecting the information, and the categories of third parties with whom we share it.
  • Right to Delete: You have the right to request deletion of personal information we have collected from you, subject to certain exceptions.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
  • Right to Opt-Out of Sale: We do not sell your personal information. If this changes, we will provide a "Do Not Sell My Personal Information" link.

To submit a CCPA request, email us at privacy@saltandprepper.com with the subject line "CCPA Request." We will verify your identity before fulfilling your request and respond within 45 days.

9. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

  • Legal Basis for Processing: We process your personal data based on: (a) your consent, (b) the performance of our contract with you, (c) our legitimate business interests, or (d) compliance with legal obligations.
  • Data Protection Officer: For GDPR-related inquiries, contact us at privacy@saltandprepper.com.
  • Supervisory Authority: You have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.
  • Data Transfers: Your data may be transferred to and processed in the United States. We rely on Standard Contractual Clauses and other approved transfer mechanisms to ensure adequate protection.

10. Children's Privacy

The Service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that we have inadvertently collected personal information from a child under 13, we will promptly delete that information. If you believe a child under 13 has provided us with personal information, please contact us at privacy@saltandprepper.com.

11. International Data Transfers

Salt & Prepper is operated from the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States, where our servers are located and our central database is operated. By using the Service, you consent to the transfer of your information to the United States, which may have different data protection laws than your country of residence.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the "Last updated" date at the top of this page and, for material changes, we will notify you via email or a prominent notice within the Service. Your continued use of the Service after such changes constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

See also: Terms of Service | Cookie Policy | Affiliate Disclosure

Back to home