Privacy Policy

QsIn is a recipe discovery and cooking assistant mobile app for iOS and Android, operated by Repleto ("we", "us", "our"). This Privacy Policy explains what data we collect when you use QsIn, why we collect it, and the choices you have.

For any privacy-related question or request, contact us at support@repleto.io.

When you sign up or sign in we receive and store, through our cloud authentication provider:

• your email address;
• a salted, hashed version of your password (we never see or store your password in plain text), or the OAuth identifier returned by Google or Apple when you use Sign in with Google / Sign in with Apple;
• your account creation date;
• a unique user ID, used internally to associate your data with your account.

When you use QsIn, the following items are stored on our servers and synced to your devices so the app works offline and across devices:

• recipes you have favorited;
• recipes you have viewed (used to power suggestions);
• the list of ingredients you save in your virtual fridge.

You retain ownership of this content. You can delete any individual item from inside the app at any time, or wipe everything by deleting your account (see Section 9).

When you use voice input to add ingredients or search for recipes, the audio is transcribed entirely on your device using an on-device, open-source speech-to-text engine. The raw audio never leaves your device and is never uploaded to or stored on any server we operate or any third-party server. Only the resulting text (e.g. the ingredient names you said) is used by the app, and only persisted to our servers if you choose to save it (for example, by adding it to your fridge list).

In-app subscriptions in QsIn are processed by Apple (App Store) or Google (Play Store) and tracked through RevenueCat. Through RevenueCat we receive:

• your current purchase status (active / inactive / trial);
• which entitlement you hold (e.g. QsIn Premium);
• the transaction IDs issued by Apple or Google for your purchases, used to verify and restore subscriptions.

We never see, receive, or store payment card numbers, billing addresses, or other payment instrument data. That data is handled exclusively by Apple and Google.

To diagnose crashes and understand basic, aggregate app usage, we collect:

• device model (e.g. iPhone 15 Pro);
• operating system and version (e.g. iOS 18.2);
• QsIn app version;
• device locale (e.g. en-US, it-IT).

This data is used only for stability and product analytics and is never combined with advertising profiles.

If you enable Face ID or fingerprint unlock for QsIn, the authentication is performed entirely by your device's operating system (iOS or Android). The OS only tells QsIn whether the authentication succeeded or failed. We never receive, transmit, or store your biometric templates.

For the avoidance of doubt, QsIn does not:

• process your content, queries, or fridge data with any AI or large-language-model service;
• collect or use any advertising identifier (IDFA / GAID);
• embed any third-party advertising or marketing trackers;
• collect your location (precise or coarse);
• access your contacts;
• access your photo library beyond images you explicitly attach to a recipe or fridge item.

QsIn relies on the following sub-processors, each of which is bound by their own privacy terms:

• Cloud infrastructure providers : we use third-party providers, acting as our data processors under GDPR, to host our database, handle user authentication, and synchronize data between your device and our servers. These providers are bound by data processing agreements that prohibit them from using your data for their own purposes.
• RevenueCat: subscription management. Privacy Policy.
• Apple: Sign in with Apple and App Store in-app purchases. Privacy Policy.
• Google: Sign in with Google and Play Store in-app purchases. Privacy Policy.

We retain your account and content for as long as your account exists. You can permanently delete your QsIn account and all associated data at any time from inside the app under Settings → Danger Zone → Delete Account. Deletion is immediate and irreversible. Your account, favorites, viewing history, and fridge data are removed from our systems and cannot be recovered.

Backups containing already-deleted records are rotated out within 30 days.

QsIn is not directed at children under 13, or under 16 in the European Economic Area. We do not knowingly collect personal data from children. If you believe a child has created an account, contact us at support@repleto.io and we will delete the account.

Depending on where you live, you have the right to:

• access the personal data we hold about you;
• rectify inaccurate or incomplete data;
• erase your data (the in-app delete-account flow satisfies this; you can also email us);
• request a portable copy of your data in a machine-readable format.

To exercise any of these rights, email support@repleto.io from the address associated with your account. We respond within 30 days.

If we make material changes to this Privacy Policy, we will update the "Last updated" date above and, where required by law, notify you in-app or by email before the changes take effect.