Short version: Your shopping lists stay on your phone. We do not collect, store, or sell your personal data, and the app is not connected to any Tim Weston Apps servers. The app uses Google Firebase for the optional list-sharing and real-time sync feature, and contacts a handful of third-party services only when you ask it to (scanning a barcode, importing a recipe from a URL, using voice input). No registration, no email, no account required β ever.
1. Who we are
Tim Weston Apps is an independent app developer based in Australia, operating at timwestonapps.com. You can contact us at tim@timwestonapps.com.
Our philosophy is simple: your privacy matters. We build apps that are genuinely useful, without tracking who you are, selling your data, or requiring you to hand over any personal information.
2. What data we collect
We do not collect any personal data directly. The app does not require an account or email address. Your shopping lists, favourites, history, pantry, and saved receipt photos are stored locally on your device.
The app makes outbound network requests only when you take a specific action:
- Sharing a list uses Google Firebase (see section 3).
- Scanning a barcode that isn't in the app's built-in catalog sends the barcode number (GTIN) to Open Food Facts to look up the product name and brand (see section 7).
- Importing a recipe from a URL (paste or share) fetches the HTML of that URL so we can extract the ingredient list (see section 7).
- Voice input sends audio to your device's system speech recognizer β Android's on Android, Apple's on iOS (see section 4).
When you use the list-sharing feature, Firebase may generate an anonymous identifier so the app can synchronise lists between devices. No name, email address, or phone number is stored alongside the list data.
3. Firebase (list sharing)
The app uses Google Firebase, a platform provided by Google LLC. Firebase is used to power the optional list-sharing and real-time sync feature. There are two ways to share a list:
- Send a copy β share a snapshot of your list via WhatsApp, email, or any messaging app. The recipient receives a one-time copy.
- Live shared list β create a real-time shared list with a family member or housemate who also has the app. One person generates a QR code; the other scans it using the app's built-in camera scanner, or picks the QR code image from their gallery. Once connected, both users see the same live list. The shared list is stored in Firebase's cloud while active. No account or email is required. No personally identifiable information such as name, email address, or phone number is stored alongside the list data.
Firebase Analytics is disabled in this version of the app. No usage statistics or analytics data are collected.
Firebase is operated by Google LLC. Data may be processed in the United States and other countries where Google operates. For full details, see Firebase's Privacy and Security documentation and Google's Privacy Policy.
4. Permissions
On Android, the app may request the following permissions:
- Internet β required for the optional list-sharing feature (Firebase), for barcode lookup (Open Food Facts), and for recipe import from a URL.
- Camera β used only when you choose to: scan a QR code to join a shared list; scan a product barcode; photograph a receipt; or photograph a recipe page. In every case, images and live preview frames are processed on your device only and are not transmitted to any external servers. Receipt photos are stored only on your device.
- Microphone β used only when you tap the voice input button. Audio is processed by Android's system speech recognizer. On Android 12 and newer, the app prefers the on-device speech recognizer when an offline language pack is installed on the phone, so audio never leaves the device. Otherwise the system uses Google's cloud speech recognizer (governed by Google's privacy policy). The app itself never uploads audio.
- Notifications β used only for optional weekly shopping reminders and optional daily pantry low-stock alerts, both of which you can turn off in Settings.
We do not request access to your contacts or precise location, and the app does not request broad storage permissions. When you choose a photo from your device (for example, to attach a receipt or pick a saved QR code image), Android's system photo picker provides one-time access to that image without granting the app general access to your files.
On iOS, the app may request the following permissions:
- Microphone β only when you tap the voice button to add items by speaking.
- Speech Recognition β a separate iOS permission from the microphone, used to turn your spoken words into list items. iOS uses Apple's on-device Speech Recognition where your language and device support it, so your voice is processed entirely on your iPhone and no audio leaves the device. If on-device recognition isn't available for your language, and you allow it, speech may be sent to Apple for transcription under Apple's Privacy Policy. You can force on-device-only in Settings β Voice recognition β "Offline only". The app itself never records, stores, or uploads your audio.
- Camera β used only when you choose to: scan a QR code to join a shared list; scan a product barcode; photograph a recipe page; or photograph a receipt. Frames and photos are processed on your device only and are not transmitted to any external servers. Receipt photos are stored only on your device.
- Notifications β only if you turn on pantry reminders or the weekly shopping reminder; these are scheduled on your device and nothing about your pantry leaves it. You can turn them off in Settings.
As on Android, scanning a barcode that isn't already in the app's catalog sends only the barcode number (GTIN) to Open Food Facts to look up the product name and category (see section 7) β no personal data, account, or device identifier is sent. iOS does not request access to your contacts or location. When you pick a photo from your library (for example, a saved QR code image), iOS's system photo picker provides one-time access to that image only, with no general access to your files.
5. Children's privacy
Our apps are not directed at children under 13. We do not knowingly collect personal information from children. If you have concerns, please contact us at tim@timwestonapps.com.
6. Data retention and deletion
Your shopping lists, pantry, history, and receipt photos are stored on your device. You can delete them at any time using the in-app Delete My Data option (below), by clearing the app's data in your device settings (Android), or by uninstalling the app.
Shared list data stored in Firebase is temporary and is not retained by us indefinitely. The app is not connected to any Tim Weston Apps servers.
Backups and exports. The app can create a backup file or a CSV export of your data. These are created on your device and shared only when and where you choose (for example, to Files, AirDrop, or email); the app does not upload them anywhere. A backup file contains your local data, including any saved receipt photos, so keep it somewhere you trust.
How to delete your data β in-app
The app includes a built-in Delete My Data option on the Settings page. This is the quickest way to erase all locally stored data and any associated Firebase data in one step:
On Android:
- Open the app.
- Tap the Settings icon (top-right corner of the main screen).
- Scroll down to the Privacy section.
- Tap Delete My Data.
- Confirm when prompted.
On iOS: tap the gear icon (top of the List or Catalog screen) to open Settings, scroll to the Privacy section, tap Delete My Data, then confirm Delete everything. On iOS this also wipes your pantry and any saved receipt photos in the same step.
This action will permanently delete:
- All shopping lists stored on your device
- Your favourites, shopping history, pantry, and receipt photos
- Any active shared list data associated with your device in Firebase
- The anonymous Firebase identifier used to synchronise shared lists between your device and others
This action cannot be undone.
If you have already uninstalled the app and need Firebase data removed, please contact us at tim@timwestonapps.com and we will process your request within 30 days.
7. Third-party services
- Google Firebase (Realtime Database / Firestore) β optional list sharing and real-time sync. Privacy: see Firebase's documentation and Google's privacy policy.
- Open Food Facts (world.openfoodfacts.org) β contacted only when you scan a product barcode that isn't in the app's built-in catalog. Only the barcode number (GTIN) is sent; we receive the product name, brand, and category back. Open Food Facts is a non-profit collaborative database licensed CC-BY-SA 4.0. See https://openfoodfacts.org/privacy.
- User-supplied recipe websites β when you paste or share a recipe URL, the app fetches the HTML of that page directly from the website you chose, so it can extract the ingredient list. We do not maintain a list of which recipe sites you visit; the request goes from your device straight to the recipe site, identifying itself with the app's User-Agent string. The privacy practices of that recipe site are governed by its own privacy policy.
- System speech recognizer β used for voice input only. On Android 12+, when an offline speech pack is installed, this runs entirely on your device; otherwise audio is processed by Google's cloud speech recognizer under Google's privacy policy. On iOS, voice input uses Apple's Speech Recognition β on-device where your language and device support it, otherwise processed by Apple under Apple's privacy policy unless you choose "Offline only". The app itself never receives or uploads audio.
- On-device text recognition (OCR) β receipts and recipe page photos are read by a text-recognition model that is bundled inside the app and runs entirely on your device: Google ML Kit on Android, and Apple's Vision framework on iOS. No image or text data is sent over the network.
We do not integrate social login, crash reporting tools beyond Firebase, or any marketing or tracking SDKs.
8. Changes to this policy
If we make material changes to this privacy policy, we will update the date at the top of this page. Continued use of the app after changes constitutes acceptance of the updated policy.
9. Your rights
Because we do not collect personal data directly, most privacy rights are exercised through your device or through Google for Firebase data. For any privacy-related questions, contact us at tim@timwestonapps.com.
10. Contact
For any questions about this privacy policy or your data, please email: tim@timwestonapps.com