Effective date: March 31, 2026
This Privacy Policy describes how Grocery Goblin (“we,” “us,” or “our”) collects, uses, and shares information when you use our website, APIs, and related services (the “Service”). It should be read together with our Terms & Conditions.
1. Information we collect
1.1 Account and authentication
If you create or use an app account, we rely on Amazon Cognito (or similar identity providers we configure) for sign-in. We may process your Cognito user identifier (sub), email address, and username as provided by that system when you authenticate to our API.
1.2 Kroger connection
If you choose Sign in with Kroger, your browser completes OAuth with Kroger. Our servers may receive and use Kroger access tokens to call Kroger’s APIs on your behalf (for example, product search and cart actions). We do not control Kroger’s privacy practices; see Kroger’s policies for how they handle OAuth and account data.
1.3 Meal planning and AI
When you generate a meal plan or grocery list, the text you provide (preferences, dietary notes, and similar fields) is sent to our backend and forwarded to our AI inference provider (currently Featherless.ai or another model host we configure) to produce suggestions. Do not submit health information you consider highly sensitive unless you accept that it will be processed by those systems under their terms.
1.4 Payments and subscriptions
Paid features may be processed by Stripe (or, where applicable, Apple or Google in-app billing). We receive subscription status and billing-related identifiers needed to operate your account (for example, Stripe customer IDs linked to your app user id). We do not store full payment card numbers on our servers; card data is handled by the payment processor.
1.5 Usage, support, and feedback
If you submit feedback through our form, we collect the message, optional contact email, category, and technical metadata such as user-agent. If you are signed in, we may associate feedback with your Cognito sub. Feedback may be stored in our database (for example, AWS DynamoDB) when configured.
We may log aggregated or technical data (such as request paths, HTTP status, response times, and coarse usage for features like LLM daily caps) to operate and secure the Service. Server logs may include IP addresses.
1.6 Browser and device storage
The app stores certain preferences in your browser, such as meal-plan form defaults, optional Kroger store location overrides, and (depending on configuration) authentication tokens. When cookie-based sessions are enabled, session cookies may be used instead of keeping long-lived tokens only in browser storage.
A public configuration file (deploy-config.json) loaded by the site may list non-secret settings such as API base URLs and client identifiers required for OAuth; it does not contain your passwords or Kroger secrets.
2. How we use information
We use the information above to:
- Provide, maintain, and improve the Service (including meal generation, Kroger search, and cart flows)
- Authenticate you, enforce access rules, and prevent abuse
- Process subscriptions and comply with tax or legal obligations where applicable
- Respond to feedback and support requests
- Monitor reliability, debug issues, and protect security
3. How we share information
We share information with service providers that help us run the Service, including hosting (for example, AWS), authentication (Cognito), payments (Stripe), AI inference (Featherless or other model APIs), and email or infrastructure vendors we use. They may process data only as needed to provide those services.
We may disclose information if required by law, legal process, or to protect the rights, safety, or security of users, the public, or the Service.
We do not sell your personal information as traditionally defined, and we do not share it for cross-context behavioral advertising as a business practice. If we ever offer choices required by applicable state laws (such as Colorado or California privacy laws), we will describe them here or in-product.
4. Retention
We retain information only as long as needed for the purposes above, including legal, accounting, and security requirements. Server logs and operational data are rotated or deleted on a schedule appropriate to our infrastructure. DynamoDB and similar stores retain records until deleted according to our practices or your account lifecycle.
5. Security
We use industry-standard measures appropriate to the nature of the Service (encryption in transit, access controls, and secure handling of secrets). No method of transmission or storage is completely secure.
6. Your choices and rights
Depending on where you live, you may have rights to access, correct, delete, or export certain personal information, or to opt out of certain processing. To exercise rights or ask questions, contact us using the method provided in the Service (for example, the feedback form). We may verify your request as permitted by law.
You can disconnect Kroger by signing out or revoking access in your Kroger account settings. You can clear browser storage for our site to remove locally saved preferences; that may sign you out of the app where tokens were stored locally.
7. Children
The Service is not directed to children under 13 (or the minimum age required in your jurisdiction), and we do not knowingly collect personal information from them. If you believe we have collected such information, contact us so we can delete it.
8. International users
We operate primarily in the United States. If you access the Service from elsewhere, your information may be processed in the U.S. or other countries where we or our vendors operate, which may have different data protection rules than your home country.
9. Changes to this policy
We may update this Privacy Policy from time to time. We will post the revised version on this page and update the effective date. For material changes, we will provide additional notice where practical.
10. Contact
For privacy-related questions, use the feedback form or the contact method we publish on the Service.