Privacy Policy
Effective date: 19 April 2026 | Last updated: 19 April 2026
1. Who We Are
Stokkt is developed and operated by STOKK T (ABN: 89 917 199 626) ("we", "us", "our"), an independent app developer based in Australia. If you have any questions about this policy, you can contact us at hello@stokkt.com.au.
2. What Information We Collect
Account information
- Email address — used to create and secure your account
- Full name — collected during onboarding (optional)
- Dietary preference — e.g. vegetarian, vegan, gluten-free (optional, used to personalise recipes)
Pantry and food data
- Pantry items you add manually, via barcode scan, or via receipt scan — including ingredient names, quantities, and expiry dates
- Product information looked up by barcode (product name, category)
- Food packaging photos submitted for expiry date scanning — these are processed by our AI and are not stored
- Receipt photos submitted for pantry import — processed by our AI and not stored
Recipe and meal plan data
- Recipes you save to your account
- Meal plans you generate or create
- Shopping list items
- Cook history (recipes you have marked as cooked)
Usage data
- AI feature request logs — we record when you use AI-powered features (recipe generation, receipt scanning) for the purposes of enforcing free-tier usage limits. We record the timestamp and feature type only, not the content of your requests.
Device and notification data
- Push notification token — stored so we can send you expiry alerts. Only collected if you grant notification permission.
Subscription data
- Subscription tier (free or Pro) — managed by RevenueCat. We do not store your payment card details; these are handled entirely by Apple.
3. How We Use Your Information
- To provide and operate the Stokkt app
- To personalise recipe suggestions based on your pantry contents and dietary preferences
- To send push notifications about items approaching their expiry date (only if you opt in)
- To enforce free-tier usage limits on AI-powered features
- To manage your subscription status
- To respond to support requests
We do not use your data for advertising, we do not build advertising profiles, and we do not sell your data to any third party.
4. Third-Party Services
Stokkt uses the following third-party services to operate. Each service receives only the minimum data necessary for its function.
| Service | Purpose | Data shared | Privacy policy |
|---|---|---|---|
| Supabase | Database & authentication (hosted on AWS) | All user account and app data | supabase.com/privacy |
| OpenAI | AI recipe generation, meal planning, expiry date scanning | Pantry ingredient names, food packaging images (not stored by us), dietary preferences | openai.com/policies/privacy-policy |
| Spoonacular | Real-world recipe matching (Pro feature) | Pantry ingredient names | spoonacular.com |
| RevenueCat | Subscription management | Anonymous user ID, subscription status | revenuecat.com/privacy |
| Pexels | Recipe food photography | Recipe titles (used as search queries) | pexels.com/privacy-policy |
| Expo (Push Notifications) | Delivering push notifications to your device | Push notification token, notification content | expo.dev/privacy |
5. Camera and Photo Access
Stokkt requests access to your device camera for two purposes:
- Barcode scanning — to look up products by barcode and add them to your pantry. Camera frames are processed on-device; we do not store barcode scan images.
- Expiry date scanning — to read best-before and use-by dates from food packaging. The image is sent to OpenAI for text extraction and is not stored by Stokkt or retained by OpenAI after processing.
- Receipt scanning — to import groceries from a receipt photo. The image is sent to OpenAI for item extraction and is not stored by Stokkt or retained by OpenAI after processing.
Camera access is only used when you actively initiate one of these features. We never access your camera in the background.
6. Data Storage and Security
Your data is stored in Supabase, which runs on Amazon Web Services (AWS) infrastructure. All data is encrypted in transit using TLS and encrypted at rest. Access to your data is controlled by row-level security policies, meaning each user can only access their own data.
Your session is authenticated using industry-standard JWT tokens and is stored securely on your device. We do not store passwords in plain text — authentication is handled by Supabase Auth.
7. Data Retention
We retain your data for as long as your account is active. If you request account deletion, we will delete all personal data associated with your account within 30 days, except where we are required to retain certain information for legal or accounting purposes.
8. Your Rights
Depending on your location, you may have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data ("right to be forgotten")
- Request a copy of your data in a portable format
- Withdraw consent for optional data uses (e.g. push notifications) at any time via your device settings
To exercise any of these rights, contact us at hello@stokkt.com.au. We will respond within 30 days.
9. Children's Privacy
Stokkt is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will delete it promptly.
10. Push Notifications
If you grant notification permission, Stokkt will send you alerts when pantry items are approaching their expiry date. These notifications are sent once daily at 8:00 AM Australian Eastern Standard Time. You can disable notifications at any time in your device Settings app.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For significant changes, we will notify you via a notice in the app. Your continued use of Stokkt after any changes constitutes your acceptance of the updated policy.
12. Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us:
- Email: hello@stokkt.com.au