Privacy Policy

Last updated: 2026-05-27

This Privacy Policy explains how MJLyco LLC (“we,” “us,” or “our”), a New Jersey limited liability company, handles information in connection with the Pantry application for iPhone, iPad, and Apple Watch (the “App”). By using the App you agree to this Policy. If you do not agree, do not use the App.

This Policy applies to the App only. It does not apply to any third-party service, website, or platform you may interact with through the App.

Summary (TL;DR)

• We do not operate a server. We do not collect, receive, store, transmit, sell, rent, share, or process your personal information on any infrastructure we control.
• Your data lives on your device and in your own iCloud account. Apple operates that storage on your behalf, under Apple’s privacy terms.
• One third party, Open Food Facts, receives the barcode digits (and your IP address as a normal consequence of any HTTP request) when you scan a UPC.
• No analytics, no advertising, no trackers, no third-party SDKs that collect data.
• We do not knowingly collect information from children under 13.

Because we do not collect personal information about you, most rights granted by privacy laws (right to access, delete, port, correct, opt out of sale, etc.) are inherently satisfied: there is nothing for us to provide, delete, correct, or refrain from selling. The sections below explain this in the language those laws require.

1. Who we are and how to contact us

The data controller / business responsible for the App is:

MJLyco LLC New Jersey, United States Email: mjlyco@mjlyco.com

For any privacy question, request, or complaint, write to that email. We try to respond within 30 days.

2. Information we do not collect

The following is exhaustive. We do not collect, process, or have access to:

• Your name, address, phone number, email, date of birth, or any other identifier.
• Your Apple ID, iCloud handle, or any account identifier.
• Your IP address, advertising ID (IDFA), IDFV, or any device identifier.
• Crash reports, diagnostic logs, performance telemetry, or analytics events.
• Cookies, web beacons, pixel tags, or similar tracking technologies (the App is native, not web-based).
• Precise or coarse geolocation.
• Contacts, calendars, photos, microphone, motion, health, or any other sensor data, except photos you explicitly select via the system Photos picker to attach to a pantry item (which remain on your device / in your iCloud — see Section 4).
• Payment information (the App is sold and billed by Apple; we never see your payment method).
• Audio, video, or biometric data.
• Information about other people in your household whom you invite to share a pantry (Apple manages the share invitation).

We never sell, rent, license, or share any data with third parties for advertising, marketing, profiling, scoring, training of AI models, or any other purpose, because we have no data to sell, rent, license, or share.

3. Information stored on your device

The App stores a local SQLite database on your device, protected at rest by iOS Data Protection (NSFileProtectionCompleteUntilFirstUserAuthentication). It contains:

• Items you add: title, photo, quantity, expiration date, notes, UPC barcode, shopping-list flag, tag membership.
• Households: a name (default “Home”) and creation date.
• Tags: title and sort order.
• Product info cache: for items added by barcode scan, a small per-device cache keyed by UPC holds the name / brand / image we previously fetched from Open Food Facts so we don’t have to re-fetch on every render. This cache is not synced to iCloud and is purely a per-device optimization.
• Onboarding state: a single boolean in UserDefaults that records whether you have completed the first-launch tour.

This data is on your device only. We do not have access to it.

4. Information synced to your iCloud (Apple’s CloudKit)

Items, Households, and Tags are synchronized to your iCloud Private Database using Apple’s CloudKit framework. This means:

• The data lives in your iCloud account, under your Apple ID.
• It is replicated across your other Apple devices signed into the same Apple ID.
• Apple operates the storage. We never see it.
• Apple encrypts your CloudKit data in transit and at rest with their own keys. If you have Advanced Data Protection enabled in Settings → Apple ID → iCloud, the data is end-to-end encrypted with keys only your devices hold.
• If you share a household with another iCloud user via the App’s “Share Household” feature, your household’s Items and Tags become visible to that participant via their CloudKit shared database. Again, this is Apple-to- Apple — we are not in the middle, and we cannot see who you shared with.

Apple’s handling of CloudKit data is governed by Apple’s Privacy Policy. For data subject requests relating to data stored in your iCloud account, contact Apple — we cannot access or modify that data on your behalf.

5. Information sent to third parties

5.1 Open Food Facts (UPC barcode lookup)

When you scan or manually enter a UPC barcode that is not already in your local cache, the App makes one HTTPS request to Open Food Facts, a non-profit collaborative food database operated by Open Food Facts (France):

https://world.openfoodfacts.org/api/v2/product/{barcode}.json

Open Food Facts receives:

• The barcode digits.
• Your device’s public IP address (a standard, unavoidable consequence of any HTTPS request).
• A User-Agent string identifying the App and version (e.g. Pantry/1.1 (iOS; contact: mjlyco@mjlyco.com; https://pantrymanager.com)).

Open Food Facts does not receive your Apple ID, email, name, item titles, photos, household membership, tag names, or any data we hold about you (because we hold none).

Open Food Facts retains request logs (including IP addresses) for up to three years under their privacy policy. Open Food Facts is a non-profit; per their policy they do not sell personal data to third parties.

If you do not want barcode digits sent to Open Food Facts, simply do not use the barcode scan feature. Manually typing item titles never triggers a network call.

5.2 Apple

The App relies on the following Apple services. Each is governed by Apple’s Privacy Policy:

• CloudKit for sync and household sharing.
• APNs (Apple Push Notification service) for silent CloudKit sync pushes.
• Local Notifications for expiration reminders (delivered on-device only; notification text never leaves your device).
• App Store for purchase, delivery, and updates.
• Foundation Models for on-device meal suggestions (where supported by your device). Inference happens entirely on-device; no prompt or response data leaves your device.

6. Information automatically collected

None. The App does not include any analytics SDK, crash reporter, advertising SDK, or telemetry framework. The NSPrivacyTracking value in the App’s PrivacyInfo.xcprivacy manifest is false.

7. Children’s privacy (COPPA and analogous laws)

The App is rated 4+ on the App Store and is suitable for use by children of any age under parental supervision. We do not knowingly collect personal information from any user, including children under 13 (or under 16, where local law sets that threshold). Because the App does not collect personal information at all, the Children’s Online Privacy Protection Act (COPPA), the UK Age-Appropriate Design Code, and analogous protections are inherently satisfied.

If a parent or guardian believes their child has used the App in a way that requires our attention, contact us at mjlyco@mjlyco.com.

8. International users and cross-border transfers

The App is offered worldwide through the Apple App Store. Because we operate no servers and collect no personal information, no personal information is transferred internationally by us. Data you store in iCloud is held in Apple’s data centers; the geographic location is determined by Apple based on your Apple ID region (see Apple’s privacy disclosures). Open Food Facts’ servers are operated by Open Food Facts in France; the barcode request you trigger therefore reaches France.

9. Your rights — privacy laws by region

The rights described in this section all apply to personal information that a business holds about you. Because we do not hold personal information about you, there is nothing for us to access, port, delete, correct, or refrain from selling. We list the rights for transparency and to satisfy disclosure obligations under each law.

If you believe we hold information about you and wish to exercise any right listed below, write to mjlyco@mjlyco.com. We will respond within the time period the applicable law requires.

9.1 California residents (CCPA / CPRA)

Under the California Consumer Privacy Act as amended by the California Privacy Rights Act, California residents have the right to:

• Know what personal information a business has collected about them, the sources, the purposes, and the categories of third parties it is shared with.
• Delete personal information a business has collected.
• Correct inaccurate personal information.
• Opt out of the “sale” or “sharing” (for cross-context behavioral advertising) of personal information.
• Limit use of “Sensitive Personal Information.”
• Non-discrimination for exercising these rights.

In the 12 months preceding the date above:

• Categories of personal information collected: none.
• Sources of personal information: none.
• Business or commercial purpose for collection: N/A.
• Categories of third parties with whom personal information is shared: none.
• Sale of personal information: we do not sell personal information.
• Sharing of personal information for cross-context behavioral advertising: we do not share personal information for that purpose.
• Sensitive Personal Information collected: none.

We do not have actual knowledge that we sell or share the personal information of consumers under 16 years of age. We honor Global Privacy Control (GPC) signals to the extent any apply (none currently do — the App is native, not a web browser).

9.2 Other US state privacy laws (VA, CO, CT, UT, TX, OR, MT, IA, IN, DE, NH, NJ, MN, MD, RI, KY, and others)

Residents of states with comprehensive consumer privacy laws — including the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CTDPA), the Utah Consumer Privacy Act (UCPA), the Texas Data Privacy and Security Act (TDPSA), the Oregon Consumer Privacy Act (OCPA), and analogous statutes in Montana, Iowa, Indiana, Delaware, New Hampshire, New Jersey, Minnesota, Maryland, Rhode Island, Kentucky, and other states as those laws come into effect — have rights of access, deletion, correction, portability, and opt-out of certain processing (including targeted advertising, sale, and profiling with legal or similarly significant effects).

We do not engage in targeted advertising, sale of personal data, or profiling. We do not process Sensitive Data, biometric data, geolocation data, or data about children.

9.3 European Economic Area, United Kingdom, and Switzerland (GDPR / UK GDPR / FADP)

Under the EU General Data Protection Regulation, the UK GDPR, and the Swiss Federal Act on Data Protection, data subjects have the rights of: access, rectification, erasure, restriction, portability, objection, and the right not to be subject to a decision based solely on automated processing. Where processing is based on consent, you have the right to withdraw consent at any time.

You also have the right to lodge a complaint with your local supervisory authority. A directory is available at edpb.europa.eu for EEA members and at ico.org.uk for the UK.

Controller: MJLyco LLC (contact above).

Legal basis for processing: we do not process personal data. To the extent any data passes through our software briefly (e.g., a barcode digit being included in an HTTPS request you initiate to Open Food Facts), the legal basis is performance of the contract you accept by using the App (Article 6(1)(b) GDPR) and your initiation of the action.

We have no establishment in the EEA or UK and do not direct the App to those markets in a way that triggers the appointment of an Article 27 representative; however, if your supervisory authority determines that we must appoint one, contact us and we will do so.

9.4 Brazil (LGPD)

Under the Lei Geral de Proteção de Dados, data subjects in Brazil have the rights of confirmation of processing, access, correction, anonymization, portability, deletion, information about sharing, information about non- consent, and revocation of consent. We do not process personal data.

9.5 Canada (PIPEDA and provincial laws)

Canadian residents have rights under the Personal Information Protection and Electronic Documents Act and provincial privacy laws (including Quebec’s Law 25). We do not collect, use, or disclose personal information of any individual in the course of commercial activities.

9.6 Other jurisdictions

If you reside in a jurisdiction with privacy laws not enumerated above (Australia, Japan, South Korea, India, South Africa, etc.) and believe a particular right applies, contact us. We will respond consistent with the applicable law.

10. How to delete your data

Because we do not store data on any server we operate, there is nothing for us to delete on your behalf. To remove your data:

• From your device: delete the App. The local SQLite database is removed with it.
• From your iCloud: open Settings → Apple ID → iCloud → Manage Account Storage → Pantry → “Delete Data”. This wipes the App’s CloudKit container for your account.
• From a paired Apple Watch: deleting the iPhone app removes the watch companion app and its data with it.
• From Open Food Facts (your IP address in their request logs): contact Open Food Facts at contact@openfoodfacts.org.

11. Security

The App applies the following security measures to data it holds locally for you:

• Local SQLite database, WAL, and SHM files are flagged with NSFileProtectionCompleteUntilFirstUserAuthentication, meaning the data is encrypted by iOS using your device passcode and is inaccessible until the first device unlock after boot.
• CloudKit data is encrypted in transit and at rest by Apple. With Advanced Data Protection enabled, it is end-to-end encrypted.
• The App makes no network call other than the Open Food Facts request described above and the CloudKit / APNs calls Apple’s frameworks perform on your behalf.

No security measure is perfect. We make no guarantee that the security of Apple’s iCloud, your device, Open Food Facts’ servers, or the public Internet will not be compromised. Use the App and store data in iCloud at your own risk.

12. Data retention

We do not retain any personal information about you, because we collect none. Locally stored data persists until you delete the App or the item / household / tag from within it. CloudKit data persists in your iCloud until you delete it or close your Apple ID. Open Food Facts retains request logs for up to three years per their own policy.

13. Changes to this Policy

If we make material changes to this Policy, we will update the “Last updated” date at the top, and the App’s Settings → Privacy Policy link will surface the new version automatically. We do not separately notify users because we have no contact information for any user. Continued use of the App after a change indicates acceptance of the revised Policy.

14. Contact

Questions, concerns, or requests of any kind:

MJLyco LLC Email: mjlyco@mjlyco.com