Privacy Policy
Effective July 17, 2026 · Version privacy-2026-07-17
Your choices should stay yours. This policy describes what Craving processes, why we process it, the providers involved, and how to control or delete your data.
1. Who we are and what this policy covers
Craving is operated by Cortex Advisory Inc. ("Craving," "we," "us," or "our"). This policy explains how Craving handles personal information when you use our iOS, Android, or web services.
Craving helps people discover restaurants, make solo decisions, coordinate private Squad votes, save places, and optionally purchase Craving Plus. Restaurant availability, ratings, photos, weather, routes, and delivery destinations may come from third parties.
2. Information we collect
•
Account and identity data. Every user receives a Supabase Auth account, including guests using anonymous authentication. If you link Apple or Google, Supabase may receive the provider user identifier and the name or email the provider makes available under your sharing choices.
•
Location data. With your permission, we process precise or approximate foreground location to find nearby restaurants, calculate routes, show weather context, and support Squad travel estimates. Craving does not request always-on background location.
•
Taste and preference data. We process cuisines, saved places, likes, dislikes, skips, check-ins, meal context, and recommendation feedback that you choose to provide.
•
Sensitive dietary data. Allergy-related, health-related, halal, and kosher choices may reveal health or religious information. These choices require explicit consent, are kept out of plaintext profile storage, and are encrypted in the service database. You can withdraw consent and delete this data from Profile.
•
Squad and user content. We process private Squad names, membership, votes, display names, travel-origin sharing choices, reports, and block-list actions needed to operate group features and prevent abuse.
•
Purchase data. RevenueCat and the applicable app store provide product, entitlement, renewal, expiration, and transaction-status information. Craving does not receive your full payment-card number.
•
Partner interaction and conversion data. When you choose an ordering, ride, or reservation provider, we record the Craving account, place ID, provider, country, contract-mapping revision, monetization status, timestamp, and a one-time attribution token stored only as a cryptographic hash. Approved affiliate reporting may add hashed order and attribution IDs, conversion state, currency, order amount, and commission; Craving does not store the provider checkout contents or payment-card number.
•
Diagnostics and analytics. Usage analytics and crash diagnostics are off by default. If you opt in, we send pseudonymous product events or scrubbed diagnostics without precise location, dietary choices, typed text, email, or screen captures.
•
Technical and security data. We process authentication tokens, device/app version, request timing, quota counters, security events, and short-lived API call logs. Authentication tokens are stored using platform-protected secure storage on supported devices.
3. How we use information
•
Provide, personalize, secure, and troubleshoot Craving and its recommendation features.
•
Authenticate users through Supabase Auth and link Apple or Google identities when requested.
•
Return nearby places, weather, routes, photos, attribution, and private Squad results.
•
Apply dietary filters and personalization only under the consent choices shown in the app.
•
Enforce quotas, prevent fraud and abuse, moderate reported content, and protect users.
•
Maintain purchases and entitlements, comply with law, and respond to privacy requests.
•
Measure product performance or diagnose crashes only when the relevant optional control is enabled.
4. Legal bases and sensitive-data consent
Where GDPR or similar law applies, we rely on performance of our contract to provide requested features, legitimate interests for security and service reliability, legal obligations where required, and consent for optional analytics, crash diagnostics, profiling, and special-category dietary data. You may withdraw consent at any time without affecting earlier lawful processing.
Craving does not use sensitive dietary information for advertising, data brokerage, or eligibility decisions. Declining sensitive-data consent does not prevent use of non-sensitive discovery features.
5. Service providers and third-party services
•
Supabase provides authentication, database, realtime, Edge Functions, and encrypted server-side storage.
•
Google Places, Google Maps, and Google Routes provide place, photo, attribution, map, and route data. Google processes requests under its own privacy terms.
•
OpenWeather or Apple WeatherKit may provide weather context. Exact coordinates are sent only as needed for the requested weather result.
•
Expo/EAS supports builds, updates, and optional push delivery. Apple Push Notification service and Firebase Cloud Messaging may deliver Squad notifications after permission is granted.
•
RevenueCat and Apple App Store or Google Play manage subscriptions and entitlement status.
•
Sentry and PostHog receive scrubbed diagnostics or pseudonymous analytics only after you enable the matching control.
•
An email delivery provider may send account-deletion or moderation messages after production email delivery is configured.
•
DoorDash, Uber Eats, Uber, Lyft, Apple Maps, Google Maps, or approved affiliate partners receive information only when you choose to open their link. Their terms and privacy policies apply after you leave Craving.
6. Sale, sharing, advertising, and affiliate links
Craving does not sell personal information and does not share personal information for cross-context behavioral advertising. We do not use IDFA or other cross-app advertising identifiers.
Some clearly disclosed ordering, ride, or reservation links may be affiliate or referral links. Craving may receive a commission when a provider credits an eligible action, without changing your price. We label a link as monetized only when an approved contract, country, venue or app registration, and attribution configuration are all active; merely supporting a provider does not mean Craving is paid.
7. Retention
•
Private authenticated and enumeration-safe public API call logs are automatically pruned after 24 hours.
•
Account data, preferences, saved places, Squad records, and encrypted dietary data are retained while your account is active or as needed to provide the service, then deleted through the account-deletion process.
•
Expired Squad sessions are automatically archived or expired under the service retention rules.
•
Partner click-intent records are automatically pruned after 400 days. If you delete your account first, the user reference is removed while the hashed token, place, provider, and aggregate accounting fields may remain until that limit for fraud prevention, attribution disputes, and financial reconciliation.
•
Privacy-minimized conversion and payout records may be retained longer where reasonably necessary for tax, accounting, payment disputes, contract enforcement, or other legal obligations. They contain hashed attribution and order identifiers rather than the raw provider values.
•
Purchase and consent records may be retained as necessary for transaction, audit, fraud-prevention, or legal obligations.
•
After account deletion, a minimal pseudonymous deletion audit or keyed deletion-replay reference may survive so a restored backup cannot recreate deleted data. It is not used to profile you or restore your account.
8. Your choices and privacy rights
•
Location, notification, analytics, crash-diagnostic, profiling, and sensitive-dietary choices can be changed in the app or device settings.
•
You can delete your account and associated Craving data in Profile. You may also begin deletion without the app at https://joincraving.us/delete-account.
•
Depending on your location, you may request access, correction, deletion, restriction, portability, or objection, and may appeal or complain to a data-protection authority.
•
For a privacy request, contact privacy@joincraving.us. We may verify your identity before acting on account-specific data.
9. Security and international processing
We use row-level access controls, least-privilege service roles, platform secure storage, encrypted sensitive dietary fields, server-side provider secrets, abuse controls, and tested deletion paths. No system is perfectly secure, so please use a protected device and report suspected security issues promptly.
Our providers may process information in countries other than yours. Where required, we use provider contractual safeguards and other lawful transfer mechanisms.
10. Children
Craving is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If local law requires a higher minimum age to consent to data processing, a parent or guardian must provide valid authorization. Contact privacy@joincraving.us if you believe a child provided information improperly.
11. Changes and contact
We may update this policy as the service or law changes. Material changes will receive a new policy version and, when required, a new consent prompt. The effective date and version appear at the top of this page.
Privacy questions: privacy@joincraving.us. General support: support@joincraving.us. Abuse reports: abuse@joincraving.us.
Questions about this document?
© 2026 Cortex Advisory Inc.