Privacy Policy

This Privacy Policy describes how Boh ("we", "us", or "our") collects, uses, discloses and protects personal information when you use the Boh mobile application (the "App"). The App is provided by Simone Carcone, VAT number 17886251002. For questions or to exercise your rights, contact us at hello@getboh.com.

1. Data controller

The data controller is: Simone Carcone (VAT: 17886251002). Contact: hello@getboh.com.

2. Scope and purpose of this policy

This policy applies to personal data processed in connection with the App, which is designed to create weekly meal plans and shopping lists. The App is available only in Italy and all data is stored in a database located in the European Economic Area (EEA).

3. Personal data we collect

We collect the following personal data categories:

• Account & identification data: email address, name (when provided).
• Preferences: food preferences and other settings used to generate personalised menus.
• Authentication data: information required to authenticate via Email, Sign in with Apple, or Sign in with Google (we do not store third-party passwords).
• Usage data: anonymous and pseudonymous analytics and crash reports used to improve performance and fix issues.
• Content you create: recipes, saved menus and shopping lists that you create or upload in the App.

4. Legal bases for processing

We process personal data on these legal bases:

• Performance of a contract: to provide the App services you request (account, menus, subscriptions).
• Legitimate interests: to analyze usage, improve app performance and stability, and protect the App (we balance these interests with your privacy rights).
• Consent: where applicable (for optional analytics/tracking features if we later request explicit consent).

5. Purposes of processing

We use personal data for the following purposes:

• To create and manage your account and provide the App’s functionality (menus, shopping lists).
• To authenticate users via third-party providers (Apple, Google) and to manage subscriptions and in-App purchases.
• To process subscription payments via third-party billing providers.
• To collect analytics and crash reports to improve App performance and fix bugs.
• To comply with legal obligations and to respond to lawful requests by public authorities, if required.

6. Third-party providers and processors

We use third-party service providers to operate the App. These providers may process personal data on our behalf as data processors. Key providers include:

• Firebase — backend, authentication and database services.
• RevenueCat — subscription and in-app purchase management.
• Sentry — crash reporting and error monitoring.
• Mixpanel — product analytics.

All App data is stored in databases located in the European Economic Area (EEA). At the moment, we do not perform extra-EEA transfers of your personal data.

7. Retention

We retain personal data for as long as you use the App. You can delete your account at any time from within the App; after account deletion your personal data stored by the App will be removed according to our internal deletion procedures. Some information may remain in backups for a limited period and will be securely deleted in accordance with our retention schedules or legal obligations.

8. Your rights

Under EU data protection laws (including the GDPR), you have certain rights regarding your personal data:

• Right of access — request confirmation that we process your data and request a copy.
• Right to rectification — correct inaccurate or incomplete data.
• Right to erasure ("right to be forgotten") — request deletion of data when allowed by law.
• Right to restriction of processing — ask us to limit processing in certain cases.
• Right to data portability — receive your personal data in a structured, commonly used format.
• Right to object — object to processing based on legitimate interests or direct marketing.

To exercise any of these rights, contact us at hello@getboh.com. You also have the right to lodge a complaint with a supervisory authority (in Italy: Garante per la protezione dei dati personali).

9. Security measures

We implement reasonable technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. These measures include encrypted connections, limited access rights and regular security reviews. However no system is completely secure; if a breach occurs we will comply with applicable laws and notify affected users and authorities as required.

10. Minors

The App is intended for adult users. We do not knowingly collect personal data from children under the age of 16. If you are a parent or guardian and you believe your child has provided us with personal data, contact us at hello@getboh.com and we will take steps to delete the information.

11. Analytics & tracking

We collect aggregated and pseudonymized usage data to improve performance and diagnose issues (via Mixpanel and Sentry). This information does not typically identify you personally. If we implement any optional tracking that requires consent, we will ask for your explicit consent prior to enabling it.

12. Subscriptions & payments

The App offers a freemium model with in-App subscription options: a monthly subscription and an annual subscription. Payment processing and subscription management is handled via third-party stores (Apple App Store / Google Play) and RevenueCat. Refunds and billing disputes are subject to the policies of the relevant app store (Apple / Google).

13. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will post the updated policy with a new "Last updated" date. Continued use of the App after changes constitutes acceptance of the revised policy.

14. Contact

If you have questions about this Privacy Policy or wish to exercise your rights, contact: