Privacy Policy
The Human Translation (TL;DR)
We believe your grocery list is your business.
- Your Data Stays Yours: All your inventory and shopping lists are saved locally on your device. We do not have servers that harvest or read your lists.
- No Creepy Tracking: We don't use AI to read your data, and we don't track your location in the grocery store.
- Support Emails Only: The only time we see your data is if you explicitly use the "Contact Us" form to reach out for help. When you do, we receive your email address and basic device info (like your Android version) so we can fix the bug. This message is securely routed to our support inbox using trusted third-party email providers (Cloudflare and Resend).
- We use the Play Store: As mentioned below, this app is on the Google Play Store, meaning they may have their own information they collect and process like most apps. You should check out their policies for more information on that.
- Barcode Scanning & Lookups: We only use your camera to read barcodes locally on your device. When fetching product info, only the barcode or search term is sent to the Open Food Facts network or its related companion sites — no personal data is ever attached.
The summary above is for your convenience. The legally binding details are below.
This privacy policy applies to the AisleFlow app (hereby referred to as "Application") for mobile devices that was created by Iron Reef Studios (hereby referred to as "Service Provider") as a Freemium service. This service is intended for use "AS IS".
Information Collection and Use
The Application collects basic diagnostic information when you download and use it, such as the operating system you use on your mobile device.
The Application does not gather precise information about the location of your mobile device.
The Application does not use Artificial Intelligence (AI) technologies to process your data or provide features.
For a better experience, while using the Application, the Service Provider may require you to provide us with certain personally identifiable information, including but not limited to Email, Device model, Operating system, Operating System version, application preferences like region and language settings. The information that the Service Provider requests will be retained by them and used as described in this privacy policy.
Device Permissions
Camera Access
The Service Provider requests access to your device’s camera solely to enable the barcode scanning feature.
- Local Processing: The camera stream is analyzed in real-time on your device to read and extract the text string of a barcode.
- No Data Retention: The Service Provider does not record, save, store, or transmit any video frames, images, or photography. Once the barcode numbers are identified, the camera feed is discarded.
Internet
The Service Provider requests internet access to fetch images from the internet, and fetch product data upon user request to the disclosed third party databases.
Third Party Access
Only aggregated, anonymized data is periodically transmitted to external services to aid the Service Provider in improving the Application and their service. The Service Provider may share your information with third parties in the ways that are described in this privacy statement.
Please note that the Application utilizes third-party services that have their own Privacy Policy about handling data. Below are the links to the Privacy Policy of the third-party service providers used by the Application:
- Google Play Services
- Cloudflare (Used for securely routing contact form submissions and hosting our web application)
- Resend (Used for delivering your contact form messages to our support inbox)
- Open Food Facts, Open Products Facts, Open Beauty Facts, Open Pet Food Facts (If API enabled in settings, used to fetch product data when you request it by sending a barcode or search term to their servers)
The Service Provider may disclose User Provided and Automatically Collected Information:
- as required by law, such as to comply with a subpoena, or similar legal process;
- when they believe in good faith that disclosure is necessary to protect their rights, protect your safety or the safety of others, investigate fraud, or respond to a government request;
- with their trusted services providers who work on their behalf, do not have an independent use of the information we disclose to them, and have agreed to adhere to the rules set forth in this privacy statement.
Open Food Facts Network
To assist with auto-populating item details, the Application integrates with the Open Food Facts network (including Open Food Facts, Open Beauty Facts, Open Pet Food Facts, and Open Products Facts).
- Data Transmitted: When you manually search for a product name or scan a product barcode, that specific search string or barcode number is transmitted to the respective database to look up matching items.
- No Personal Data Shared: As an offline-first utility, no personal user identification, account credentials, shopping lists, or location history are ever shared with these databases.
- Third-Party Logging: By querying their database, you acknowledge that your request is subject to their privacy policies. They may temporarily process request metadata (such as your IP address) for technical rate-limiting and system security. For more information, please visit world.openfoodfacts.org.
Opt-Out Rights
You can stop all collection of information by the Application easily by uninstalling it. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.
Data Retention Policy
The Service Provider will retain User Provided data for as long as you use the Application and for a reasonable time thereafter. If you'd like them to delete User Provided Data that you have provided via the Application, please contact them by visiting https://ironreef.pages.dev/en/contact and they will respond in a reasonable time.
Children
The Service Provider does not use the Application to knowingly solicit data from or market to children under the age of 13.
The Application does not address anyone under the age of 13. The Service Provider does not knowingly collect personally identifiable information from children under 13 years of age. In the case the Service Provider discovers that a child under 13 has provided personal information, the Service Provider will immediately delete this from their servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact the Service Provider (by visiting https://ironreef.pages.dev/en/contact) so that they will be able to take the necessary actions.
Security
The Service Provider is concerned about safeguarding the confidentiality of your information. The Service Provider provides physical, electronic, and procedural safeguards to protect information the Service Provider processes and maintains.
Changes
This Privacy Policy may be updated from time to time for any reason. The Service Provider will notify you of any changes to the Privacy Policy by updating this page with the new Privacy Policy. You are advised to consult this Privacy Policy regularly for any changes, as continued use is deemed approval of all changes.
This privacy policy is effective as of 2026-03-28.
Your Consent
By using the Application, you are consenting to the processing of your information as set forth in this Privacy Policy now and as amended by us.
Contact Us
If you have any questions regarding privacy while using the Application, or have questions about the practices, please contact the Service Provider on the web at https://ironreef.pages.dev/en/contact.