Privacy Policy

Last updated: May 2026

1. What we collect

• Name and email address (when you create an account)
• Shopping lists and items (synced to EU servers)
• Shopping session data (items, prices, timestamps)
• Group membership and invite tokens
• Push notification tokens (device-level, not personal)
• Anonymous usage analytics via Plausible — no personal data, no cookies

2. What we never do

• Sell your data to anyone
• Display advertising of any kind
• Store data outside the EU
• Keep your data after you delete your account

3. Where your data lives

• Supabase (Frankfurt, Germany) — lists, items, shopping sessions
• Cloudflare Workers (EU edge nodes) — API processing only
• Your camera and microphone are never recorded or stored. OCR price scanning is fully on-device.

4. Guest mode

• All guest data stays on your device only
• Nothing is sent to our servers until you choose to sign up
• If you never sign up, we hold no record of you

5. Your rights (GDPR)

• Export your data: email privacy@getso.app
• Delete your account: Profile → Delete Account in the app (data purged within 30 days)
• Rectification: update your name and email in your in-app Profile
• You have the right to lodge a complaint with the ICO (ico.org.uk)

6. Data retention

• Active accounts: your data is kept for as long as your account exists
• Deleted accounts: all data purged within 30 days
• Push notification tokens: deleted immediately on sign-out

7. Contact

Questions about your data? Email us at privacy@getso.app — we aim to respond within two working days.

Last updated: May 2026