Privacy Policy
Effective date: 29 June 2026 Last updated: 3 July 2026
This Privacy Policy explains how Hungr, operated by Elijah Tan ("hungr", "we", "us", or "our") collects, uses, discloses, stores, and protects personal information when you use the hungr mobile app, website, and related services.
hungr is a food discovery app that helps people find food using a personal map, cuisine preferences, saved places, reviews, photos, friend and community activity, and optional provenance signals such as self-declared cuisine background or expertise.
This policy is drafted to cover current and planned hungr features. We only collect the information that applies to the features you use.
1. Who controls your information
The controller or responsible entity for your personal information is:
Hungr, operated by Elijah Tan Address: Unit 9, 37-43 Forest Road, Hurstville, New South Wales 2220, Australia Email: elijahtanshian@gmail.com Website: https://usehungr.app
If you are in the European Economic Area, United Kingdom, Switzerland, or another region that requires a local representative or data protection officer, we will publish those details here before making the service available in that region.
2. Summary
- We collect account, profile, app usage, location, food preference, saved place, review, photo, community, and device information.
- We may collect provenance and dietary information, including the languages you speak, your cuisine background or expertise, and dietary restrictions or allergies, but only if you choose to provide it and give any required consent. Some of this, such as religious or health-related dietary needs, may be sensitive information.
- These provenance and dietary fields are optional. You can use core hungr features without providing them.
- We do not collect ethnicity, race, heritage, or national origin, and we do not infer them from your name, photos, location, contacts, social graph, review language, Google data, or other indirect signals.
- We do not sell your personal information. We do not use or share your personal information for cross-context behavioral advertising unless we first update this policy and provide required notices and choices.
- We use Google Maps, Google Places, and Gemini Grounding to display third-party place information. Google content is fetched live through our backend and kept separate from hungr community content.
- We store first-party hungr content, such as your saved places, cuisine preferences, reviews, photos, tags, follows, and profile information, subject to your settings and deletion rights.
3. Information we collect
3.1 Account and authentication information
We collect information needed to create, secure, and operate your account, including:
- name or display name;
- email address;
- authentication identifiers from Supabase Auth, Google sign-in, Apple sign-in, or other login providers you choose;
- profile photo, username, home city, and account settings if you add them;
- login timestamps, account status, and security events.
We do not receive your Google password or Apple password.
3.2 Location information
hungr is built around finding food near you. Depending on your device settings and permissions, we may collect:
- approximate or precise foreground location while you are using the app;
- map region, search area, or city selected by you;
- place proximity information, such as distance from your current or selected location.
We use location to show nearby places, recenter the map, search for food near you, reduce irrelevant results, and prevent abuse or excessive API use.
We do not need background location for the current service. If we ever introduce a feature that collects background location, we will ask for separate permission and update this policy before using it.
3.3 Food preferences and personal map information
We collect the information you save or generate in the app, including:
- cuisines you prioritise, avoid, suppress, or filter;
- places marked as "want to go", "been", or "avoid";
- restaurants, cafes, home food businesses, stalls, or other food places you view, save, tag, or review;
- search queries, such as "food near me", "ramen", or a cuisine;
- ratings, dish preferences, price preferences, saved lists, notes, and map interactions.
3.4 Reviews, photos, tags, and other user-generated content
If you contribute content to hungr, we collect and store that content, including:
- reviews, comments, notes, ratings, and check-ins;
- food photos, dish labels, captions, and related metadata;
- place tags, cuisine tags, fact tags, and community corrections, such as "new management";
- creator submissions, recommendations, embedded content links, and attribution information;
- reports, moderation appeals, and support messages.
Depending on the feature and your settings, user-generated content may be visible to other users, friends, followers, creators, restaurants, or the public. Do not post information you do not want others to see.
3.5 Optional provenance and dietary information
hungr's provenance features may let users self-declare information that helps explain why a review may be relevant for a cuisine or community, such as:
- the languages you speak;
- cuisine background, cuisine expertise, cuisines you grew up eating, or cuisines you know well;
- home city, hometown, region, or country;
- dietary restrictions, allergies, religious dietary practices, or health-related food needs;
- creator credentials, food experience, or community affiliations.
Some of this information, such as religious or health-related dietary needs, may be sensitive personal information or special category data under privacy laws.
We process this information only where you provide it voluntarily and, where required, give explicit consent. Providing it is optional. You can decline, remove, or change it in your account settings, or contact us to withdraw consent. Withdrawing consent will not affect processing that already occurred lawfully before withdrawal, but we will stop using the withdrawn information for future provenance, ranking, recommendation, or display features.
We do not collect ethnicity, race, heritage, ancestry, or national origin, and we do not infer them from indirect signals. We do not use any provenance or dietary information to decide whether you may use hungr.
3.6 Friends, followers, social activity, and contacts
If you use social features, we may collect:
- follows, followers, friend connections, invitations, and blocked accounts;
- friend feed activity, such as check-ins, reviews, saved places, and places friends ate at;
- names, usernames, handles, or links you provide to find or invite friends;
- contact information you choose to provide for invitations.
With your device-level permission, hungr can help you find friends who already use the app. When you use this, contact identifiers such as email addresses and phone numbers are hashed on your device, and only those hashes are sent to our servers to check for matches. We do not receive or store your raw address book, and we do not upload your contacts. If you do not grant permission, we do not access your device contacts.
3.7 Device, log, and usage information
We collect technical information needed to operate, secure, improve, and debug the service, including:
- device type, operating system, app version, language, time zone, and general region;
- IP address, request timestamps, API calls, authentication events, and error logs;
- crash reports, performance diagnostics, and feature usage events;
- fraud, abuse, rate-limit, and security signals;
- cookie, local storage, or similar identifiers on web.
3.8 Information from third parties
We may receive information from:
- authentication providers, such as Google, Apple, or Supabase Auth;
- Google Maps, Google Places, and Gemini Grounding, for map, place, review, rating, photo, source link, and grounded response display;
- app stores, such as Apple App Store and Google Play;
- analytics, crash reporting, hosting, email, customer support, and security providers;
- creators, restaurants, partners, or other users who submit content about places.
Third-party place information remains subject to the relevant third party's terms and privacy policies.
4. Google Maps, Google Places, and third-party place content
hungr uses Google Maps, Google Places, and Gemini Grounding as a base place and map layer.
We may display Google place names, locations, ratings, review snippets, photos, attributions, source links, and grounded answers where permitted. We fetch Google content live through our backend. We do not store Google review text, Google photos, or Google AI summaries in our database. We may store durable place identifiers, such as Google place_id, as anchors for hungr's own first-party data.
hungr community content is separate from Google content. Our own reviews, tags, photos, ratings, summaries, and recommendations are based on first-party hungr data or content that users, creators, or partners have permission to provide.
We do not run our own AI models over Google reviews or use Google reviews to infer ethnicity, heritage, authenticity, expertise, or protected characteristics.
5. How we use information
We use personal information to:
- create, authenticate, and secure your account;
- show nearby food places, maps, search results, place details, and directions-related context;
- remember your saved places, cuisine filters, avoided cuisines, reviews, ratings, and tags;
- personalize recommendations, rankings, search results, alerts, and friend feed content;
- power provenance features, such as showing reviews from users who voluntarily self-identify as knowing a cuisine or having a relevant cuisine background;
- display, rank, summarize, or moderate first-party hungr community content;
- let users follow, invite, block, or interact with each other;
- operate creator, restaurant, or partner features if offered;
- provide customer support and respond to requests;
- send service messages, security notices, product updates, and optional marketing messages;
- detect, investigate, and prevent spam, fraud, scraping, abuse, safety issues, and security incidents;
- comply with law, enforce our terms, and protect rights, safety, and property;
- analyze and improve the service, including reliability, usability, and performance.
We use provenance and dietary information only for the purposes disclosed when you provide it, such as profile display, cuisine-relevance signals, provenance labels, taste-calibrated ranking, review context, creator credibility, or safety and compliance controls.
6. AI and automated processing
hungr may use AI or automated systems to:
- generate or display Google-grounded place information through Google's own grounding tools;
- summarize, rank, search, translate, moderate, or recommend first-party hungr content;
- detect abuse, spam, unsafe content, or policy violations;
- improve cuisine tagging and place discovery based on first-party content.
We do not use automated processing to make decisions that produce legal or similarly significant effects about you. Recommendations and rankings are food discovery features, not eligibility, employment, credit, housing, health care, insurance, or legal decisions.
We do not use provenance or dietary information to train a general-purpose AI model unless we first obtain any consent required by law and provide clear notice. We may use de-identified, aggregated, or consented first-party data to improve hungr's own food discovery features.
7. How we disclose information
We may disclose personal information to:
- Service providers and processors, such as Supabase, hosting providers, storage providers, analytics providers, crash reporting providers, email providers, customer support tools, security vendors, and payment providers if paid features are added.
- Map, place, auth, and AI providers, such as Google Maps, Google Places, Gemini, Google sign-in, Apple sign-in, and app store providers, where needed to provide the service.
- Other users, when you post reviews, photos, tags, profile information, friend activity, creator content, or other information that is visible under the relevant feature settings.
- Creators, restaurants, or partners, if you interact with partner features, redeem offers, make bookings, or choose to share information with them.
- Professional advisers, such as lawyers, auditors, accountants, insurers, and security consultants.
- Authorities and legal parties, if required by law, subpoena, court order, regulator request, or to protect rights, safety, security, or property.
- Business transfer parties, if we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, subject to appropriate confidentiality and privacy protections.
We require service providers to process personal information only for permitted purposes and to protect it appropriately.
8. Sale, sharing, advertising, and tracking
We do not sell personal information.
We do not share personal information for cross-context behavioral advertising or targeted advertising as those terms are used under applicable US state privacy laws, unless we first update this policy and provide legally required opt-out choices.
We do not use provenance or dietary information, precise location, or review content for third-party advertising profiles.
If we use analytics or attribution tools, we use them to understand and improve hungr. If an analytics or advertising practice legally counts as "sale", "sharing", or targeted advertising in your region, we will provide the required notice and opt-out mechanism before using it.
9. Your choices and controls
You can:
- decline location permission or change it in your device settings;
- use a selected city or map area instead of precise location where supported;
- edit or delete saved places, cuisine preferences, reviews, photos, tags, and profile fields;
- choose whether to provide provenance or dietary information;
- withdraw consent for optional provenance or dietary information;
- control whether certain profile, review, friend, or provenance information is visible to others, where the app provides visibility settings;
- unsubscribe from marketing emails;
- delete your account or request deletion by contacting us.
Some features may not work without certain information. For example, "food near me" needs a current or selected location, and provenance ranking needs voluntarily provided provenance signals.
10. Retention
We keep personal information only as long as needed for the purposes described in this policy, unless a longer period is required or permitted by law.
| Category | Typical retention |
|---|---|
| Account and profile information | Until account deletion or earlier edit/removal |
| Authentication and security logs | As needed for security, fraud prevention, audit, and legal compliance |
| Location used for live search | Used to process the request; not stored as location history unless a feature clearly says so |
| Search and API logs | Short operational periods where needed for debugging, rate limiting, security, and cost controls |
| Saved places and place states | Until you delete them or delete your account |
| Reviews, photos, tags, and community content | Until you delete them, delete your account, or we remove them under our policies |
| Provenance and dietary information | Until you remove it, withdraw consent, delete your account, or the purpose expires |
| Google review text, Google photos, and Google AI summaries | Not stored in our database |
| Backups | Deleted on a rolling schedule, usually within 7 days, unless retained for security or legal reasons |
| Legal records | As long as needed to comply with law, resolve disputes, and enforce agreements |
If you delete your account, we will delete or de-identify personal information associated with your account unless we need to retain it for legal, safety, security, fraud-prevention, or legitimate business reasons. Content you shared with others may remain visible if it has been copied, cached, aggregated, de-identified, or incorporated into another user's experience, but we will remove or de-identify it where required by law.
11. Security
We use administrative, technical, and organizational safeguards designed to protect personal information. These may include:
- encryption in transit;
- access controls and least-privilege permissions;
- row-level security for user-owned database records;
- server-side handling of secret API keys;
- rate limits and abuse controls;
- separation of third-party Google content from first-party hungr content;
- monitoring, logging, backups, and incident response procedures;
- vendor due diligence for service providers that process personal information.
No system is perfectly secure. You are responsible for keeping your login methods and devices secure and for promptly telling us about suspected unauthorized access.
12. International transfers
We may process and store personal information in Australia, the United States, and other countries where we or our service providers operate. Those countries may have privacy laws that differ from your country.
Where required, we use appropriate transfer safeguards, such as contractual protections, data-processing agreements, standard contractual clauses, or other lawful transfer mechanisms.
13. Children's privacy
hungr is not intended for children under 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided personal information to us, contact us and we will take appropriate steps to delete it.
If we ever offer features directed to younger users, we will update this policy and implement parental consent or other protections required by law.
14. Your privacy rights
Depending on where you live, you may have rights to:
- access personal information we hold about you;
- receive a copy of your personal information in portable form;
- correct inaccurate or incomplete personal information;
- delete personal information;
- restrict or object to certain processing;
- withdraw consent for optional or sensitive processing;
- opt out of sale, sharing, targeted advertising, or certain profiling;
- limit the use and disclosure of sensitive personal information;
- appeal our response to a privacy request;
- lodge a complaint with a privacy regulator.
To exercise rights, contact us at elijahtanshian@gmail.com. We may need to verify your identity before fulfilling a request. You may also use an authorized agent where applicable law allows it.
We will not discriminate against you for exercising privacy rights.
15. Australia privacy notice
If the Australian Privacy Act 1988 and Australian Privacy Principles apply, this section provides additional information for users in Australia.
We collect personal information only where reasonably necessary for our functions and activities. We collect sensitive information, such as religious or health-related dietary needs, only with consent unless another legal exception applies. We do not collect racial or ethnic origin.
You may request access to or correction of personal information we hold about you. You may complain about how we handle personal information by contacting elijahtanshian@gmail.com. We will respond within a reasonable period. If you are not satisfied, you may contact the Office of the Australian Information Commissioner.
16. EEA, UK, and Switzerland privacy notice
If GDPR, UK GDPR, or similar law applies, our legal bases may include:
| Purpose | Legal basis |
|---|---|
| Account creation, login, core app features, saved places, reviews, and support | Contract necessity |
| Location-based search and map features | Contract necessity or consent, depending on device permission and local law |
| Optional provenance and dietary information (languages, cuisine background, dietary or religious food needs) | Consent; for any special-category data, such as religious or health-related dietary needs, explicit consent or another applicable Article 9 condition only if clearly identified |
| Service improvement, security, fraud prevention, analytics, and abuse controls | Legitimate interests, balanced against your rights |
| Marketing emails | Consent or legitimate interests where permitted |
| Legal compliance, safety, and rights enforcement | Legal obligation or legitimate interests |
You may have rights to access, correct, delete, restrict, object, portability, withdraw consent, and complain to a supervisory authority. If we rely on consent, you may withdraw it at any time.
17. California and other US state privacy notice
This section applies where US state privacy laws, including the California Consumer Privacy Act as amended, apply to hungr.
Categories collected
In the past 12 months, depending on the features used, we may have collected:
| Category | Examples | Sources | Purposes |
|---|---|---|---|
| Identifiers | Name, email, username, account IDs, IP address | You, auth providers, device logs | Account, support, security, communications |
| Customer records information | Account contact details and support records | You | Support, legal, account operations |
| Protected classification or sensitive characteristics | Optional self-declared languages, cuisine background, and dietary or religious food practices | You only | Optional provenance, personalization, display, ranking, compliance |
| Commercial information | Saved places, restaurant interactions, creator or partner interactions, subscriptions if offered | You, app stores, payment providers | Service delivery, records, support |
| Internet or network activity | App usage, logs, feature interactions, diagnostics | Your device, service logs | Security, debugging, analytics, improvement |
| Geolocation data | Foreground location, selected map area, city, distance to places | Your device, your input | Nearby search, map, recommendations |
| Audio, electronic, visual, or similar information | Food photos, profile photos, submitted images, support messages | You | Community content, profile, support |
| Inferences | Cuisine preferences, taste profile, recommendation signals | Your app activity and first-party content | Personalization and food discovery |
| Sensitive personal information | Precise geolocation, account login information handled by auth providers, and optional dietary restrictions, religious food practices, or health-related allergy information if provided | You, device permission, auth providers | Service delivery, security, optional provenance |
Disclosures
We may disclose the categories above to service providers, processors, contractors, app stores, auth providers, map/place/AI providers, analytics and security providers, professional advisers, legal authorities, and other users according to your settings and feature choices.
No sale or sharing
We do not sell personal information or share it for cross-context behavioral advertising. We do not knowingly sell or share personal information of users under 16.
Sensitive personal information
We use sensitive personal information only for disclosed service purposes, optional provenance features you choose, security, legal compliance, and other purposes permitted by law. Where required, you may direct us to limit use and disclosure of sensitive personal information.
Rights
Subject to legal limits, California and other eligible US residents may request to know, access, correct, delete, obtain a portable copy, opt out of sale/sharing/targeted advertising, limit sensitive personal information use, and appeal certain decisions.
To exercise rights, contact elijahtanshian@gmail.com.
18. Do Not Track and Global Privacy Control
Some browsers send "Do Not Track" signals. There is no common industry standard for responding to those signals.
Where legally required, we will honor browser-based opt-out preference signals such as Global Privacy Control for sale, sharing, or targeted advertising. Because we do not currently sell or share personal information for cross-context behavioral advertising, such signals should not change the core service experience.
19. Communications
We may send service-related messages, such as account, security, privacy, policy, or transactional notices. You cannot opt out of essential service messages.
We may send marketing or product update messages where permitted. You can unsubscribe using the instructions in those messages or by contacting us.
20. Changes to this policy
We may update this policy from time to time. If changes are material, we will provide notice through the app, website, email, or another appropriate method. The updated policy will be effective when posted unless it says otherwise.
If a change materially affects how we use sensitive provenance information, precise location, or other sensitive information, we will obtain additional consent where required by law.
21. Contact
For privacy requests, questions, or complaints, contact:
Hungr, operated by Elijah Tan Email: elijahtanshian@gmail.com Website: https://usehungr.app