Privacy Policy

Last updated: March 15, 2026

Effective date: March 15, 2026

1. Company Information

This Privacy Policy is issued by:

Legal name: Bitefolio LLC

Identification code: 445786766

Email: info@bitefolio.app

Throughout this Privacy Policy, "Bitefolio," "we," "us," and "our" refer to Bitefolio LLC. "You" and "your" refer to any individual who accesses or uses the Bitefolio mobile application or website (collectively, the "Service").

2. Introduction

We are committed to protecting your privacy and ensuring you have full transparency and control over how your personal data is used. This Privacy Policy explains what information we collect, why we collect it, how we use and protect it, who we share it with, and what rights you have regarding your data.

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of the Service.

3. Information We Collect

We collect the following categories of personal data:

3.1 Information You Provide Directly

  • Account Information: Your name, email address, and profile picture when you register.
  • Recipe & Content Data: Recipes, photos, ingredient lists, instructions, and notes you create or upload.
  • Communications: Messages or requests you send to our support team.
  • Subscription Information: Records of your Pro subscription status and billing history (but not your full payment card details — see Section 6).

3.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, session duration, tap and interaction events, and in-app navigation patterns.
  • Device Information: Device type, operating system, OS version, unique device identifiers, and app version.
  • Log Data: IP address, timestamps, error logs, and crash reports used for diagnosing technical issues.

3.3 Information from Third Parties

  • Authentication Providers: If you sign in via a third-party provider (e.g., Google or Apple), we receive your name, email address, and profile picture from that provider, subject to your permissions.
  • Payment Processor (Flitt): We receive transaction status and confirmation data (e.g., payment success/failure, transaction ID) from our payment processor, Flitt. We do not receive your full card number or CVV — see Section 6 for details.

4. How We Use Your Data

We use the information we collect for the following purposes:

  • Providing the Service: Creating and managing your account, delivering Pro subscription features, and enabling recipe creation and sharing.
  • Payment & Billing: Processing subscription payments, maintaining billing records, and handling refund requests.
  • Personalization: Tailoring recipe recommendations and your in-app experience based on your preferences and usage.
  • Service Improvement: Analyzing usage patterns and crash reports to fix bugs, improve performance, and develop new features.
  • Communications: Sending transactional emails (e.g., subscription confirmations, payment receipts), responding to support requests, and — with your consent — sending product updates or newsletters.
  • Safety & Security: Detecting, preventing, and addressing fraud, unauthorized access, and other potentially prohibited or illegal activities.
  • Legal Compliance: Meeting our legal and regulatory obligations and enforcing our Terms of Service.

We do not sell your personal data to third parties. Ever.

5. Legal Basis for Processing

Where applicable under the General Data Protection Regulation (GDPR) or similar laws, we process your personal data on the following legal bases:

  • Contract performance: Processing necessary to provide the Service and fulfill your subscription (e.g., delivering Pro features after payment).
  • Legitimate interests: Improving and securing the Service, analyzing usage patterns, and preventing fraud, where our interests are not overridden by your rights.
  • Consent: Where you have opted in to receive marketing communications or newsletter updates. You may withdraw consent at any time.
  • Legal obligation: Processing required to comply with applicable laws and regulations.

6. Payment Data & Flitt Payment Processing

All payment transactions for the Bitefolio Pro subscription ($4.99 USD) are handled by Flitt, a certified third-party payment service provider that complies with PCI DSS (Payment Card Industry Data Security Standard) requirements.

When you complete a purchase, your payment card details (card number, expiry date, CVV) are entered directly into Flitt's secure payment form and are transmitted to and stored exclusively by Flitt. Bitefolio LLC does not receive, process, or store your full payment card information on its own servers.

The data we do receive from Flitt is limited to:

  • Transaction status (success, failure, pending)
  • Transaction reference ID
  • Subscription activation and renewal timestamps
  • Masked card information (e.g., last 4 digits, card type) for billing record purposes

This payment data is retained for as long as necessary to manage your subscription, handle refund requests, and comply with financial and legal record-keeping obligations.

By completing a purchase, you also agree to Flitt's Privacy Policy and Terms of Service. We recommend reviewing Flitt's privacy practices to understand how they handle your payment data.

7. Content Sharing & Collaboration

You have full control over the visibility of your recipes and profile content. You can choose to keep them:

  • Private: Visible only to you.
  • Friends Only: Visible to users you have connected with.
  • Public: Visible to the entire Bitefolio community and potentially discoverable on the web.

Please be mindful that content you mark as public may be seen, saved, or shared by other users. We are not responsible for how third parties interact with publicly shared content.

8. Third-Party Services & Disclosure

We may share your personal data with carefully selected third parties only as necessary to operate and improve the Service:

  • Flitt (Payment Processing): To process subscription payments securely. See Section 6.
  • Cloud Infrastructure Providers: To host and store application data and user content.
  • Analytics Providers: To help us understand app usage and improve performance. Analytics data is anonymized or pseudonymized where possible.
  • Authentication Providers: Such as Apple or Google, if you choose to sign in via those platforms.
  • Legal & Regulatory Authorities: When required by applicable law, court order, or governmental authority.

All third-party service providers are contractually required to handle your data securely, use it only for the purposes for which it was shared, and comply with applicable data protection laws.

We do not share your personal data with advertisers or data brokers.

9. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

  • Account data is retained for as long as your account is active. If you delete your account, your profile and personal information will be removed within 30 days, except where retention is required by law.
  • User Content you have made public may remain accessible to other users until explicitly deleted by you or removed by us.
  • Payment and billing records are retained for a minimum of 5 years to comply with financial and tax regulations.
  • Usage and log data is typically retained for up to 12 months and then anonymized or deleted.

You may request deletion of your personal data at any time (see Section 11 — Your Rights).

10. Data Security

We implement industry-standard administrative, technical, and physical safeguards to protect your personal information from unauthorized access, disclosure, alteration, or destruction. These measures include encrypted data transmission (TLS/HTTPS), access controls, and regular security reviews.

Payment data security is handled by Flitt using PCI DSS-compliant infrastructure. We do not store raw card data on our systems.

While we take every reasonable precaution, no method of electronic transmission or storage is 100% secure. In the event of a data breach that affects your rights and freedoms, we will notify you and the relevant authorities as required by applicable law.

11. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data, subject to legal retention obligations.
  • Right to Restriction: Request that we limit how we use your data in certain circumstances.
  • Right to Data Portability: Receive your personal data in a structured, machine-readable format.
  • Right to Object: Object to processing based on our legitimate interests, including for direct marketing.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

You can manage many of these preferences directly within the App settings. For formal data requests or to exercise rights not available in the app, please contact us at info@bitefolio.app. We will respond to verified requests within 30 days.

12. Children's Privacy

The Service is not directed at children under the age of 16, and we do not knowingly collect personal data from children under 16. If you believe we have inadvertently collected information from a child under 16, please contact us immediately at info@bitefolio.app and we will promptly delete such information.

13. Cookies & Tracking Technologies

Our website may use cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, and remember your preferences. You can control cookie settings through your browser. Note that disabling certain cookies may affect the functionality of the website.

The Bitefolio mobile application may use mobile analytics SDKs which collect anonymized usage data to help us improve the app experience. These do not track you across third-party apps or websites.

14. International Data Transfers

Your information may be processed and stored on servers located outside your country of residence. When we transfer personal data across borders, we ensure appropriate safeguards are in place — such as Standard Contractual Clauses (SCCs) or equivalent mechanisms — to ensure your data receives an adequate level of protection consistent with this Privacy Policy and applicable law.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you via email or through a prominent in-app notice at least 14 days before the changes take effect. The updated "Last updated" date at the top of this page will always reflect the most recent revision.

We encourage you to review this Privacy Policy periodically. Continued use of the Service after changes take effect constitutes your acceptance of the revised policy.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, please contact us:

Bitefolio LLC

Identification code: 445786766

Email: info@bitefolio.app

We also welcome feedback on our data practices and take all privacy concerns seriously. If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection supervisory authority in your country of residence.