Privacy Policy

Last updated: February 28, 2026

Introduction

Robotato ("we", "our", "the app") is a kitchen management application for Android. We are committed to protecting your privacy. This policy explains what data Robotato collects, how it is stored, and what rights you have under the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG/DSGVO).

The short version: Your data stays on your device by default. Cloud sync is entirely optional and always within your household only. We don't sell your data and we don't track you.

1. Data Stored On Your Device Only

The following data is stored exclusively on your device and is never transmitted to any server, cloud service, or third party:

  • Your recipe collection (names, ingredients, steps, photos, categories)
  • Shopping lists and checked/unchecked item status
  • Pantry inventory, quantities, and expiration dates
  • Cooking session history, timer data, and statistics
  • Nutrition tracking data (calories, macros per ingredient and recipe)
  • Personal nutrition goals per household member
  • Budget and spending data
  • AI processing jobs and enrichment results
  • App preferences, theme, and language settings
  • Barcode scan data and product associations

This data is stored in a local database (Room/SQLite) and SharedPreferences on your device. API keys for AI services (if provided by you) are stored in Android's EncryptedSharedPreferences.

2. Cloud-Synced Data (Optional)

If you choose to create or join a household, the following data may be synced via Firebase Firestore to enable collaboration with your household members:

  • Household membership (display names, roles)
  • Shared recipes, shopping lists, and pantry items
  • Dietary restriction profiles (allergens per member)
  • Guest dietary profiles
  • Meal plans

This data is shared only within your household. No other users can access it. Cloud sync is entirely optional — the app works fully offline without it.

Health and nutrition data is never cloud-synced. Nutrition values, calorie goals, and personal health metrics remain on your device at all times, even if you enable cloud sync. This is by design and cannot be changed.

3. Third-Party Services

Firebase (Google)

We use the following Firebase services:

  • Firebase Authentication — Email/password and Google Sign-In for optional cloud features. We store your email address and display name.
  • Firebase Firestore — Cloud database for household data sync (see Section 2).
  • Firebase App Check — Validates that requests come from legitimate app installations using Play Integrity. No personal data is collected.

Firebase services are governed by Google's Privacy Policy.

ML Kit (Google)

We use ML Kit for on-device barcode scanning, document scanning, and text recognition (OCR). All ML Kit processing happens entirely on your device. No images or scanned text are sent to Google's servers.

AI Services (User-Provided)

Robotato can optionally use AI services (OpenAI, Google Gemini, Anthropic Claude) for recipe import and enrichment. These features:

  • Require you to provide your own API key
  • Only send recipe text (not personal data) to the AI provider
  • Are entirely optional and user-initiated
  • Your API key is stored in encrypted storage on your device

Each AI provider has its own privacy policy. We recommend reviewing them before providing your API key.

4. Camera & Photo Access

Robotato requests camera access for:

  • Taking recipe photos
  • Scanning barcodes on ingredients and equipment
  • Scanning receipts for shopping list automation

All photos are stored locally on your device. Recipe photos may be included in cloud sync if you enable household sharing. Receipt images are processed on-device only and deleted after use.

5. Data We Do NOT Collect

  • We do not use analytics or tracking SDKs
  • We do not collect device identifiers for profiling
  • We do not sell, rent, or share your data with third parties
  • We do not create user profiles for marketing purposes
  • We do not use cookies (this is a native Android app)

6. Your Rights (GDPR)

Under the GDPR, you have the following rights:

  • Right to access — Export all your data via Settings > Data Management > Export (JSON format)
  • Right to portability — The JSON export is machine-readable and can be imported into another Robotato installation
  • Right to deletion — Delete all local data by uninstalling the app, or delete cloud data by leaving your household and deleting your account
  • Right to withdraw consent — Leave your household at any time to stop cloud sync. All local data is preserved.
  • Right to rectification — Edit any of your data directly within the app at any time

7. Data Retention

Local data: Stored indefinitely until you delete it or uninstall the app.

Cloud data: Retained as long as the household exists. When you leave a household, your membership record is removed. When the last member leaves, all household data is deleted.

Authentication data: Your Firebase account can be deleted through the app's settings, which removes your email and authentication tokens from Firebase servers.

8. Children's Privacy

Robotato is not directed at children under 16. We do not knowingly collect personal information from children. The app does not require age verification as it primarily stores user-generated cooking data.

9. Data Security

We take data security seriously:

  • Sensitive credentials (API keys) are stored in Android EncryptedSharedPreferences
  • Cloud data is transmitted over TLS encryption
  • Firebase security rules restrict data access to household members only
  • Firebase App Check prevents unauthorized API access
  • No data is stored on unencrypted external storage

10. Changes to This Policy

We may update this privacy policy as the app evolves. The "Last updated" date at the top of this page will reflect any changes. For significant changes, we will notify users through the app.

11. Contact

If you have questions about this privacy policy or your data, please contact us at:

robotatoapp@gmail.com