Privacy Policy – RateFood

## 1. Data Controller

Responsible for data processing in the RateFood app:

Andre Sieger
c/o IP-Management #7773
Ludwig-Erhard-Str. 18
20459 Hamburg
Germany
Email: info@niceosoft.com
Website: www.niceosoft.com

If you have any questions regarding data protection, you can contact us at the above address.

## 2. Overview of Data Processing

**RateFood** is a local app for rating food products. All data is stored exclusively locally on your device. No personal data is transmitted to servers.

### Key Points:
– ✅ All data stored locally on your device
– ✅ No personal data collection
– ✅ No data transmission to external servers
– ✅ No tracking or analytics
– ✅ No advertisements

## 3. Camera Permission (android.permission.CAMERA)

### Purpose
The camera permission is used exclusively for scanning product barcodes.

### Usage Details:
– The camera is only activated when you manually open the barcode scanner
– No photos are saved or recorded
– The camera processes the live image only for barcode recognition
– No images are transmitted to external servers
– The camera permission can be revoked at any time in Android settings

### Important
The camera is never used for any other purpose than barcode scanning. We do not collect, store, or transmit any camera images.

## 4. Local Data Storage

### Data Stored Locally:
– Product names and barcode numbers
– Your ratings (1-5 stars)
– Product categories
– Product images (optional, stored locally)
– Product creation dates

### Storage Location
All data is stored exclusively in a local SQLite database on your device. This data never leaves your device unless you explicitly export it.

## 4a. Legal Basis for Data Processing (GDPR Art. 6)

The legal basis for processing your data is:

### Consent (Art. 6 para. 1 lit. a GDPR)
– By using the app and granting permissions (camera, storage), you consent to the processing of data as described in this privacy policy
– You can revoke your consent at any time by uninstalling the app or revoking permissions in Android settings

### Legitimate Interest (Art. 6 para. 1 lit. f GDPR)
– Processing of barcode numbers via Open Food Facts API to provide product information
– Our legitimate interest: Enabling the core functionality of the app
– Your interest: Receiving accurate product information

### Contract Fulfillment (Art. 6 para. 1 lit. b GDPR)
– Local data storage to enable the app’s rating functionality
– Processing is necessary to provide the services you requested by downloading the app

## 5. Open Food Facts API

The app uses the public Open Food Facts API to retrieve product information:

– When scanning a barcode, the barcode number is sent to the Open Food Facts API
– The API is a non-profit project with its own privacy policy
– No personal data is transmitted to Open Food Facts
– Only barcode numbers are sent to retrieve public product information
– More information: [Open Food Facts Privacy Policy](https://world.openfoodfacts.org/privacy)

## 6. Internet Permission

### Purpose
Internet access is only required for:
– Retrieving product information from Open Food Facts API
– Loading product images from Open Food Facts
– Caching API requests (stored locally)

### What We Don’t Do:
– No usage data transmission
– No analytics or tracking
– No personal information collection
– No behavioral monitoring

## 7. Export and Import Function

The app offers the ability to export and import your data:

– **Export:** Creates a ZIP file with your database and images
– The file is saved locally on your device
– You have full control over the exported file
– **Import:** Overwrites existing data with imported data
– No data is sent to external servers during export/import

## 8. Storage Permission

The app requires access to device storage for:
– Saving product images (when manually adding products)
– Exporting databases as ZIP files
– Importing database backups

All files remain on your device and are not transmitted.

## 9. No Tracking or Analytics Tools

**RateFood does NOT use:**
– ❌ Analytics tools (e.g., Google Analytics)
– ❌ Advertising networks
– ❌ Tracking cookies or beacons
– ❌ Crash reporting services
– ❌ Social media plugins
– ❌ Third-party SDKs for data collection

## 10. Data Security

Your data security is important:

– All data is stored locally in an encrypted SQLite database
– Only the RateFood app has access to the data
– When uninstalling the app, all local data is deleted
– Create regular backups using the export function
– No cloud synchronization or remote access

## 11. Your Rights

Since all data is stored locally, you have full control:

### Right to Deletion
You can delete individual products or uninstall the entire app to remove all data.

### Right to Data Portability
The export function allows you to backup and transfer your data.

### Right to Access
All your data is viewable in the app at any time.

### Right to Revocation
Permissions can be revoked at any time in Android settings.

### Right to Rectification
You can edit or update any product information directly in the app.

### Right to Object
You have the right to object to data processing based on legitimate interest. Since all processing is local, you can effectively object by not using specific features or uninstalling the app.

### Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

**EU Data Protection Authorities:**
– Find your local data protection authority: https://edpb.europa.eu/about-edpb/board/members_en

**Example Authorities:**
– Germany: Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI)
– Austria: Österreichische Datenschutzbehörde
– France: Commission Nationale de l’Informatique et des Libertés (CNIL)

## 12. Children’s Privacy

This app is suitable for all age groups. Since no personal data is collected, there are no special restrictions for children. Parents can monitor all data directly in the app.

## 13. Third-Party Services

### Open Food Facts
– Public API for product information
– Non-profit organization
– Read their privacy policy at: https://world.openfoodfacts.org/privacy

### No Other Third Parties
The app does not integrate any other third-party services, SDKs, or tracking tools.

## 13a. Data Protection Officer

Given the nature and scope of our data processing (exclusively local storage, no personal data collection), we are not required to appoint a data protection officer under GDPR Art. 37.

For data protection inquiries, please contact us directly at the address provided in Section 1.

## 14. Data Retention

– Data is retained indefinitely on your device until you delete it
– You can delete individual products or all data at any time
– Uninstalling the app removes all local data
– No data is stored on external servers

## 14a. Data Transfers Outside the EU

When you use the barcode scanner, barcode numbers may be sent to Open Food Facts servers, which may be located outside the European Union. This transfer is based on:
– Your consent when using the scanner feature
– Necessity for contract fulfillment (providing product information)
– Open Food Facts‘ commitment to data protection standards

No personal data is transferred. Only non-personal barcode numbers are sent to retrieve public product information.

## 15. Automated Decision-Making and Profiling

This app does not use automated decision-making or profiling as defined in GDPR Art. 22. All actions in the app are directly controlled by you.

## 16. Changes to This Privacy Policy

We reserve the right to update this privacy policy. Changes will be communicated through app updates. Continued use of the app after changes constitutes acceptance of the updated policy.

## 17. Compliance

This privacy policy complies with:
– EU General Data Protection Regulation (GDPR) – Regulation (EU) 2016/679
– California Consumer Privacy Act (CCPA)
– Google Play Store requirements
– Android permissions best practices

**GDPR Articles Covered:**
– Art. 6 (Legal basis for processing)
– Art. 13 (Information to be provided)
– Art. 15-22 (Rights of data subjects)
– Art. 32 (Security of processing)

## 18. Permissions Summary

## 19. Contact

For questions about privacy, please contact us:

Andre Sieger
c/o IP-Management #7773
Ludwig-Erhard-Str. 18
20459 Hamburg
Germany
Email: niceosoft@gmail.com
Website: www.niceosoft.com

—

**Effective Date:** November 2025