Privacy Policy

Tonight's Dinner (Dinner Decider) — Effective date: June 8, 2026

App name: Tonight's Dinner (also referred to as "Dinner Decider")
Bundle ID: com.orri.dinnerdecider
Developer: Orri Antonsson, Álftamýri 24, Reykjavík, Iceland
Contact: Orri Antonsson — contact@tonights-dinner.com

1. Who This Policy Applies To

This Privacy Policy applies to the Tonight's Dinner iOS app ("the App," "we," "us," or "our") and describes how we collect, use, store, and share your personal information when you use the App. By creating an account or using the App, you agree to the practices described here.

If you have questions or concerns, contact us at contact@tonights-dinner.com.

2. What Information We Collect

Account and Authentication Information

When you create an account or sign in, we collect:

  • Your email address and a unique account identifier, whether you register with email/password, Sign in with Apple, or Google Sign-In.
  • If you use Sign in with Apple, Apple may share a real or relay (anonymized) email address with us, depending on your privacy choice. We store whichever address Apple provides.
  • If you use Google Sign-In, Google shares your email address and a Google account identifier with us.

Content You Create and Save

When you use the App's features, we store in your account:

  • Recipes you create or save to "My Rotation"
  • Weekly meal plans you build
  • Shopping lists you generate
  • Dietary preferences you set
  • A taste and affinity profile derived from your in-app activity (for example, recipes you save, plan, or skip) used to personalize suggestions for you

This content is stored in your account and is associated with your account identifier.

Subscription and Purchase Information

  • In-app subscriptions are processed entirely by Apple through the App Store. We do not see or store your card number or payment details.
  • Subscription state (whether your subscription is active) is managed through RevenueCat. RevenueCat receives a pseudonymous app user ID (not your name or email) and purchase/receipt data from Apple in order to verify and manage your subscription.

Technical and Diagnostic Information

We may receive standard technical information generated when you use the App, such as app version, device operating system version, and crash or diagnostic reports provided through Apple's standard platform mechanisms. We do not currently use any third-party analytics or advertising SDK.

3. How We Use Your Information

We use the information described above to:

  • Provide the App's core features — account creation and sign-in, recipe browsing and saving, meal planning, shopping list generation, and personalized suggestions.
  • Manage your subscription — verify your subscription status so we can give you access to features included in your plan.
  • Personalize your experience — your taste profile is used to surface recipe suggestions that match your preferences.
  • Maintain and improve the App — diagnostic data helps us identify and fix crashes and technical issues.
  • Respond to support requests — if you contact us, we use your email address to reply.
  • Comply with legal obligations — where required by applicable law.

We do not use your information for advertising, behavioral tracking across other services, or any purpose not listed here.

4. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or another jurisdiction that requires a legal basis for processing personal data, we rely on the following:

Processing activity Legal basis
Account creation and authentication Performance of a contract (providing the App to you)
Storing your recipes, meal plans, and preferences Performance of a contract
Taste/affinity profile for personalization Performance of a contract / Legitimate interests (improving your experience with the App you signed up for)
Subscription verification via RevenueCat Performance of a contract
Crash and diagnostic data Legitimate interests (maintaining the App's stability and security)
Responding to your support requests Legitimate interests / Legal obligation
Complying with legal obligations Legal obligation

Where we rely on legitimate interests, those interests do not override your rights and freedoms. You can object to processing based on legitimate interests at any time — see Section 9 (Your Rights).

5. Sharing and Sub-Processors

We do not sell your personal information. We do not share your personal information with third parties for advertising purposes. We share your information only as described below.

Service Providers (Sub-Processors)

We use the following companies to operate the App. Each receives only the data necessary to perform their function.

Provider Purpose What they receive Privacy information
Supabase Database, authentication, and file storage Account data, user content (recipes, meal plans, etc.), dietary preferences, taste profile supabase.com/privacy
RevenueCat Subscription state management Pseudonymous app user ID, App Store purchase/receipt data revenuecat.com/privacy
Apple Sign in with Apple; App Store payment processing Authentication data (Sign in with Apple); payment details (App Store subscriptions — we never receive card data) apple.com/legal/privacy
Google Google Sign-In Email address and Google account identifier (only when you choose Google Sign-In) policies.google.com/privacy

Other Disclosures

We may also disclose information:

  • To comply with law — if required by a court order, law enforcement request, or other legal obligation.
  • To protect rights and safety — to the extent necessary to protect the rights, property, or safety of our users or the public.
  • In a business transfer — if we merge, are acquired, or transfer substantially all of our assets, your information may transfer to the new owner. We will notify you before that happens and before your information becomes subject to a different privacy policy.

6. Data Retention

  • Account and content data is retained for as long as your account is active.
  • When you delete your account (see Section 10), your account data, recipes, meal plans, shopping lists, preferences, and taste profile are permanently deleted from our systems and from Supabase. Deletion is initiated immediately upon your request, though it may take a short period for all data to be fully purged from backups.
  • Subscription receipt data held by RevenueCat is subject to RevenueCat's own retention policy. Please refer to RevenueCat's privacy policy for details.
  • Diagnostic/crash data processed by Apple is subject to Apple's data retention practices.
  • We may retain certain records for longer periods where required by applicable law (for example, financial transaction records).

7. Security

We take reasonable technical and organizational measures to protect your information, including:

  • Encrypted data transmission (HTTPS/TLS) between the App and our servers.
  • Supabase's security controls for data at rest and in transit.
  • Row-level security policies so each user's data is isolated from other users.

No method of electronic storage or transmission is 100% secure. While we work hard to protect your data, we cannot guarantee absolute security. If we become aware of a security breach that affects your personal information, we will notify you as required by applicable law.

8. International Transfers

Tonight's Dinner is developed in Iceland. Our sub-processors (Supabase, RevenueCat, Apple, Google) may store and process data in the United States or other countries.

If you are located in the EEA or United Kingdom, be aware that these transfers are subject to appropriate safeguards. Supabase, RevenueCat, Apple, and Google each participate in recognized transfer mechanisms (such as Standard Contractual Clauses or equivalent frameworks). We encourage you to review each provider's privacy documentation for details.

9. Your Rights

For Users in the EEA and United Kingdom (GDPR)

You have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Correction — ask us to correct inaccurate or incomplete information.
  • Deletion — ask us to delete your personal data ("right to be forgotten"). The fastest way to exercise this right is to delete your account directly in the App (see Section 10).
  • Portability — request your data in a structured, commonly used, machine-readable format.
  • Restriction — ask us to restrict processing of your data in certain circumstances.
  • Objection — object to processing based on our legitimate interests.
  • Withdraw consent — where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
  • Lodge a complaint — you have the right to lodge a complaint with your local data protection supervisory authority. In Iceland, that is the Data Protection Authority (Persónuvernd, www.personuvernd.is). If you are in another EEA country or the UK, please contact your national authority.

To exercise any of these rights, contact us at contact@tonights-dinner.com. We will respond within the timeframe required by applicable law (generally 30 days for GDPR requests).

For California Residents (CCPA / CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (as amended by the California Privacy Rights Act):

  • Right to Know — request disclosure of the categories and specific pieces of personal information we have collected about you, and how we use and share it.
  • Right to Delete — request deletion of your personal information. The fastest way to exercise this right is the in-app account deletion feature (see Section 10).
  • Right to Correct — request correction of inaccurate personal information.
  • Right to Opt Out of Sale or Sharing — we do not sell or share your personal information as those terms are defined under CCPA/CPRA. No opt-out is needed, but you may contact us to confirm this.
  • Right to Non-Discrimination — we will not discriminate against you for exercising any of your privacy rights.

To submit a verifiable consumer request, contact us at contact@tonights-dinner.com. We may need to verify your identity before processing your request.

10. Account and Data Deletion

Tonight's Dinner offers an in-app account deletion feature. This is the fastest and easiest way to permanently delete your account and all associated data.

To delete your account in the App:

  1. Open the App and go to the Profile tab.
  2. Scroll to the Delete account button at the bottom.
  3. Tap Delete account, then confirm by tapping Delete my account in the dialog.

What gets deleted:

  • Your account and login credentials
  • All recipes you created or saved
  • Your meal plans and shopping lists
  • Your dietary preferences and taste profile
  • Any other content associated with your account

Deletion is permanent and cannot be undone. After your account is deleted, you will be signed out and will need to create a new account if you wish to use the App again.

If you are unable to access the App, you may also request account deletion by emailing contact@tonights-dinner.com. Please include the email address associated with your account. We will process your request within a reasonable time.

11. Sign in with Apple

If you choose Sign in with Apple, Apple authenticates your identity on our behalf. Apple may provide us with a real email address or an anonymized relay address — this is your choice at sign-in. We store and use whichever address Apple provides solely for account management and to respond to support requests.

We do not use your Apple ID information for any purpose beyond operating your account. Deleting your account in the App (Section 10) also removes the association between your Apple ID and our service.

For more information on how Apple handles Sign in with Apple data, see Apple's Privacy Policy at apple.com/legal/privacy.

12. Children's Privacy

Tonight's Dinner is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at contact@tonights-dinner.com and we will take steps to delete that information.

13. Third-Party Links and Services

The App may display links to third-party websites or content (for example, recipe sources). This Privacy Policy does not apply to those third-party sites or services. We encourage you to review the privacy policies of any third-party sites you visit.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date at the top of this page and, where required by law, notify you through the App or by email. Continued use of the App after changes are posted constitutes your acceptance of the updated policy.

We encourage you to review this policy periodically.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:

Orri Antonsson
Email: contact@tonights-dinner.com
Orri Antonsson
Álftamýri 24, Reykjavík, Iceland

We will do our best to respond to all inquiries within 30 days.

Tonight's Dinner — Privacy Policy — Effective June 8, 2026