Trust Center

• Encrypted in transit (TLS 1.3) and at rest (AES-256).
• Row-level security on every user-owned table; no cross-tenant reads.
• Service-role keys never shipped to the browser.
• 2FA available for all accounts (TOTP).
• Routine third-party security scans on the dependency tree.

Export everything (recipes, labels, inventory, plans, logs) as JSON or CSV at any time.

Open exports →

Account + all associated data is permanently deleted within 7 days of request. Backup tapes purge within 30 days.

Request deletion →

• AI is used for: recipe generation, fridge-photo recognition, voice → grocery, and personalization.
• Your prompts and photos are sent to model providers under no-training agreements.
• Personalization signals are stored on your device first; server sync is opt-in.
• You can disable AI features per-account in Profile.

• GDPR / CCPA aligned data subject rights.
• HTTPS-only, HSTS, secure cookies.
• Privacy policy · Terms · Disclaimer

Email security@homemade-app.com. We respond within 72h and credit responsible disclosures.