Privacy Policy

How we collect, use, and protect your personal data. Last updated: March 2026.

1. Data Controller

Salute App ("Salute", "we", "us") is the data controller responsible for your personal data. We are registered in the European Union and operate in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR").

For data protection inquiries, contact us at privacy@salutewellness.app.

2. Data We Collect

We collect and process the following categories of personal data:

  • Account data — email address, display name, and password hash when you create an account.
  • Pantry & food data — items you add, expiration dates, quantities, and categories. This data is used to provide core app functionality.
  • Usage data — recipes viewed, cooking sessions started, features used, and in-app preferences. Collected to improve the service.
  • Device data — device type, operating system, app version, and anonymized crash reports.
  • Voice data — voice input is processed in real time and is not stored on our servers. Transcribed text is retained only for the duration of the session.

3. Legal Basis for Processing

We process your personal data on the following legal bases under Article 6 GDPR:

  • Contract performance — processing necessary to provide the Salute service (pantry management, recipes, shopping lists).
  • Legitimate interest — analytics and service improvement, fraud prevention, and security.
  • Consent — marketing communications, optional camera and microphone access, and non-essential cookies.
  • Legal obligation — where required by applicable EU or member state law.

4. How We Use Your Data

  • Provide, maintain, and improve the Salute app and its features.
  • Generate personalized recipe suggestions based on your pantry contents.
  • Send expiry notifications and smart alerts you have opted into.
  • Calculate gamification metrics (eco points, streaks, badges).
  • Aggregate anonymized usage statistics to improve the product.

5. Data Sharing & Transfers

We do not sell your personal data. We may share data with:

  • Infrastructure providers — cloud hosting within the EU (data remains in EU data centers).
  • Analytics providers — anonymized, aggregated data only. No personal identifiers are shared.
  • Legal authorities — when required by law or to protect our legitimate interests.

If data is transferred outside the EEA, we ensure adequate safeguards are in place (Standard Contractual Clauses or adequacy decisions).

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the service. If you delete your account, we erase your personal data within 30 days, except where retention is required by law (e.g., invoicing records kept for the statutory period). Anonymized, aggregated data may be retained indefinitely for statistical purposes.

7. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — correct inaccurate or incomplete data.
  • Erasure — request deletion of your personal data ("right to be forgotten").
  • Restriction — restrict processing of your data in certain circumstances.
  • Portability — receive your data in a structured, machine-readable format (JSON export).
  • Objection — object to processing based on legitimate interest or direct marketing.
  • Withdraw consent — where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, email privacy@salutewellness.app. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

8. Cookies

The Salute website uses strictly necessary cookies for functionality (e.g., session management) and optional analytics cookies to help us understand how users interact with the site and improve our service. Analytics data is anonymized and aggregated. The mobile app does not use cookies. You can accept or reject non-essential cookies via the consent banner displayed on your first visit.

9. Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit (TLS 1.3), encryption at rest, access controls, and regular security audits. Despite these measures, no method of transmission over the internet is 100% secure.

10. Children's Privacy

Salute is not directed at children under 16 years of age. We do not knowingly collect personal data from children. If we become aware that a child under 16 has provided personal data, we will delete it promptly.

11. Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated via in-app notification or email at least 30 days before taking effect. Continued use of Salute after changes constitutes acceptance of the updated policy.