Privacy Policy

This Privacy Policy explains how Brothly ("Brothly", "we", "us", or "our") collects, uses, shares, and protects information when you use the Brothly mobile application (the "App") and related services (together, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this Policy. If you do not agree, please do not use the Service.

1. Information We Collect

We collect only what we need to operate the Service. The categories below reflect the data types actually handled by the App and our backend.

1.1 Account Information

When you sign in with Sign in with Apple or Google Sign-In, we receive a unique identifier from the provider and, if you choose to share it, your email address, display name, and profile picture. You may also use the App as a guest without an account.

• Email address (optional, from your identity provider)
• Display name and profile picture (optional)
• Apple user identifier or Google subject identifier
• A device identifier used to distinguish your installation

1.2 Voice and Audio

Core features of the App rely on voice interaction. When you use hold-to-speak or Chef Mode, we capture audio from your microphone and process it to understand your request. Audio is transcribed to text and used to generate spoken responses.

Audio recordings are processed to fulfill your request and are not retained long-term. Transcripts may be stored temporarily to improve session continuity.

1.3 Camera and Photos

With your permission, the App uses your camera to scan your refrigerator or cookware and to verify cooking steps. Images captured for these features are sent to our backend and to Google Gemini Vision for analysis, then discarded after processing.

If you choose to save a Meal Memory card, we request permission to save the image to your Photo Library. We do not read photos that already exist in your library.

1.4 Preferences and User Content

We store preferences you set in the App so it can remember how to cook for you:

• Measurement system (metric or imperial)
• Selected agent voice
• Dietary preferences, cuisines, intolerances, and meal types
• Analytics opt-in preference
• Saved recipes, meal plans, and cooking session history
• Feedback you submit through the "A word from you" feature

1.5 Subscription and Purchase Data

Brothly offers paid subscription tiers (currently Brothly Plus and Brothly Pro) sold through the Apple App Store. Purchases are processed by Apple. We do not receive or store your payment card or Apple ID credentials. Through Apple and our billing provider RevenueCat we receive the receipt, transaction identifier, product identifier, entitlement status, renewal and expiration dates, trial eligibility, and subscription events (start, renew, cancel, refund) so we can grant access to paid features and keep entitlements in sync across your devices.

1.6 Usage and Diagnostics

To improve the App and detect problems, we collect limited usage events (for example, sign-in, paywall impressions, feature activation) and crash or error reports. You can disable usage analytics in the Profile screen. Crash reports do not include audio, images, or recipe content, and are used solely to fix bugs.

1.7 Time Zone and Regional Formatting

The App reads your time zone and regional formatting (such as metric vs. imperial defaults) from your device settings so it can show accurate dates and times, schedule meal plans correctly, and present units in the way you expect. The App does not request access to your location and does not collect or store your geographic location.

1.8 Push Notifications and Device Tokens

If you grant permission, the App registers a device token with Apple Push Notification service (APNs) so we can send notifications to your device. We store the token on our backend together with the locale and APNs environment (development or production), associated with your account or guest installation.

We use push notifications for purposes such as:

• Cooking-session reminders and time-sensitive cooking updates.
• Subscription, free-trial, and quota status (for example, before a trial ends or a quota resets).
• Occasional service updates or product news from Brothly.

You can grant or revoke notification permission at any time in iOS Settings -> Notifications -> Brothly. When you sign out or delete your account, the device tokens associated with that session are removed from our backend.

1.9 Information We Do Not Collect

• We do not track your precise location or movement history.
• We do not access your contacts, calendars, reminders, or health data.
• We do not sell your personal information.

2. How We Use Information

We use the information we collect to:

• Provide, maintain, and improve the Service, including voice-guided cooking, recipe generation, and image-based assistance.
• Authenticate you and keep your session secure.
• Process subscriptions and grant entitlements.
• Personalize recommendations based on your stated preferences.
• Diagnose crashes, investigate abuse, and improve reliability.
• Communicate with you about service-related matters when necessary.

3. Legal Bases for Processing (EEA and UK)

If you are in the European Economic Area or the United Kingdom, we rely on the following legal bases: performance of a contract (to provide the Service you request), legitimate interests (to keep the Service secure and improve it), consent (for microphone, camera, photo library, push notifications, and optional analytics), and compliance with legal obligations.

4. Third-Party Services

We use a small set of third-party providers to operate the Service. When information is shared with them, it is limited to what is necessary for that service.

• Apple - Sign in with Apple, App Store in-app purchases, and Apple Push Notification service (APNs).
• Google - Google Sign-In and Google Gemini for recipe and image understanding.
• ElevenLabs - text-to-speech for the agent voice.
• Spoonacular - recipe and ingredient reference data.
• RevenueCat - subscription management and receipt validation.
• Mixpanel - product analytics (can be disabled in Profile).
• Sentry - crash and error diagnostics.

5. Data Retention

We keep your account data for as long as your account exists. Subscription and billing records are retained as required by law and for fraud prevention. Diagnostic logs are retained for a limited period and then deleted.

When you delete your account, we revoke active sessions, remove your push device tokens, and remove your personal data from our active systems. We may retain a minimal record of the deletion (without identifying profile data) for a short recovery window so that re-authenticating with the same identity provider can restore your account; after that window, the record is purged. Subscription and billing records, and any data we are required to retain for legal, tax, or security purposes, are kept for the period required by law.

6. Security

We use industry-standard safeguards, including encryption in transit (TLS) and access controls on our backend, to protect your information. No method of transmission or storage is perfectly secure; we cannot guarantee absolute security.

7. Your Rights and Choices

Depending on where you live, you may have the right to access, correct, delete, port, or restrict use of your personal information, and to object to certain processing. You can exercise many of these rights directly in the App:

• Review and update your preferences in the Profile screen.
• Sign out at any time from Profile -> Account.
• Delete your account in-app; this revokes sessions and deletes your personal data on our servers. If you signed in with Apple, you may be asked to re-authenticate so we can revoke your Apple token.
• Revoke microphone, camera, or photo-library permissions in iOS Settings.
• Enable or disable push notifications in iOS Settings -> Notifications -> Brothly.
• Disable product analytics from the Profile screen.

8. Children's Privacy

The Service is available to all ages, including children under 13. We do not knowingly collect personal information beyond what is necessary to provide the Service. The App contains no mature, violent, or age-restricted content. If you believe a child has provided personal information that should be removed, please contact us and we will delete it.

9. International Transfers

Your information may be processed in countries other than the one where you live, including in the United States. Where required, we rely on appropriate safeguards such as standard contractual clauses to protect your information during transfer.

10. Changes to This Policy

We may update this Policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you in the App. Your continued use of the Service after an update constitutes acceptance of the revised Policy.

11. Contact Us

If you have questions about this Policy or want to exercise any of your rights, contact us at dustin.jia@outlook.com.