Privacy Policy
Last updated: May 2026
The short version
SafePantry does not collect any personal data. Kid profiles and scan history live on your iPhone (with optional iCloud private sync that Apple end-to-end encrypts and SafePantry cannot read). The only data that leaves your device is the barcode digits you scan, which go to the public Open Food Facts database — never with any device or user identifier. We have no analytics, no third-party SDKs, no advertising, and no telemetry of any kind.
What we store on your device
- Kid profiles — names, avatars, allergen lists, severity settings, EpiPen status, emergency notes you provide
- Scan history — products you've scanned with their verdicts
- Product cache — copies of product data fetched from Open Food Facts, kept for 7 days so the same barcode doesn't re-fetch when you scan it again
- Preferences — whether you've opted in to share contributed labels with Open Food Facts; whether you've completed onboarding
This data is stored using Apple's SwiftData framework in your iPhone's local app container. You can delete all of it at any time from Settings → Reset all data.
iCloud sync (optional)
If you're signed in to iCloud, SafePantry uses your iCloud Private Database to sync kid profiles and scan history across your own Apple devices (e.g. between your iPhone and your iPad). Apple end-to-end encrypts this channel; SafePantry has no servers and no access to the contents. Apple's iCloud privacy policy applies. You can turn iCloud sync off in iOS Settings → your name → iCloud → SafePantry.
What leaves your device
-
Barcode lookups. When you scan a product, SafePantry queries the public Open Food Facts database with only the barcode digits. The request contains no device identifier, no user identifier, no profile information.
-
Optional ingredient submissions. If you turn on "Share with Open Food Facts" when capturing a label, the ingredient text and (optionally) the product photo you captured are uploaded anonymously to Open Food Facts so the next family scanning the same product gets a result. You can turn this off at any time in Settings → Privacy.
-
Optional tag corrections. If you tap "Report tag issues" on a scan result, the corrected allergen list is submitted anonymously to Open Food Facts.
Open Food Facts is a non-profit organization based in France. Their privacy policy is available at openfoodfacts.org/cgi/privacy.pl.
What we don't do
- We don't collect any personal information about you.
- We don't have user accounts or sign-up.
- We don't track you across apps or websites.
- We don't use any third-party SDKs, ad networks, analytics services, or A/B testing platforms.
- We don't sell, rent, or share your data with anyone, for any purpose, ever.
- We don't show advertisements.
This is verified by our App Privacy Manifest (PrivacyInfo.xcprivacy) bundled with the app, which declares no data collection and no tracking.
Children's privacy
SafePantry is a tool for parents to manage their children's allergen profiles. We don't knowingly collect information from children directly. The kid profiles you create are entries in your own iPhone, not accounts on any external service.
Changes to this policy
If we ever change how SafePantry handles data, we'll update this page and reflect it in an in-app announcement before the change ships. Older versions of this policy will remain accessible.
Contact
Privacy questions: privacy@safepantry.app