Last updated: October 25, 2025

Privacy Policy

NomNomNow (the “App”) helps you find quick meal ideas from the ingredients you have. We keep it simple: no ads, minimal data, and clear control.

Important
  • Recipe ideas are for general information only — not medical or nutritional advice.
  • AI suggestions can be inaccurate or incomplete; always check allergens and on-pack instructions.
  • See our Terms of Use for details and limitations.
Highlights
  • We do not collect your name or email in-app and we don’t use an advertising ID.
  • We use an anonymous user identifier to manage purchases and data, which may persist after reinstalling the app.
  • Ingredients/filters you type are used only to generate recipes and are not stored long-term.
  • We use trusted providers for infrastructure, recipe generation, authentication, and purchases.
  • No data sales. Short retention windows. Opt-in notifications.

Summary

  • Purposes: generate recipes, manage user sessions and entitlements, prevent abuse, and send optional notifications.
  • Legal bases: contract (provide the service), legitimate interests (security/fraud prevention), consent (notifications).
  • Processors: Cloudflare (hosting/caching), Google (Generative Language & Play Integrity), RevenueCat (purchases), Firebase (Authentication & Remote Config).
  • Retention: functional data like favorites and history is stored on your device. Technical tokens and server caches are kept for a short time (minutes to about a day) and then removed.
  • Children: the App is not directed to children under 13.

What data do we process?

Data you provide

  • Ingredients and filters (e.g., “pasta”, “vegetarian”) to generate recipes.
  • Language (EN/NL) to localize content.

App & device data

  • Anonymous User Identifier: When you first use the App, an anonymous user identifier is created via Firebase Authentication. This ID is used as your `App User ID` for managing purchases and data (like favorites). This identifier is designed to persist even if you reinstall the App, ensuring you keep your purchases and data.
  • Integrity/attestation tokens: Short-lived tokens used to verify that requests come from a genuine device and app.
  • Notification preferences: Your choices (on/off and chosen times) are stored locally on your device.
  • Remote Config: We fetch text snippets for notifications from Firebase; no analytics is enabled on this feature.

Technical data on requests

  • IP address and user-agent are received by our infrastructure as part of normal HTTPS traffic and may be used for security and rate-limiting.

We do not use the advertising ID, do not collect contact information in the App, and do not collect precise location data.

Why do we process this data?

  • Generate recipes: Your ingredients/filters are sent to our backend and to our AI provider to return recipes.
  • Manage Purchases & Data: Your Anonymous User Identifier links your purchases (via RevenueCat) and local data (favorites, history) to you, allowing you to retain them across app reinstalls.
  • Security & Abuse Prevention: Integrity checks help block modified apps, bots, and fraud.
  • Notifications: Only if you enable them; schedules are stored locally on your device.

Who do we share data with?

Party Purpose Data (summary)
Cloudflare Hosting, delivery, short functional caching Standard traffic metadata (IP/user-agent) and short-term functional keys/counters
Google – Generative Language Recipe generation Ingredients/filters plus system prompts required to generate recipes
Google – Play Integrity App/device verification Short-lived integrity/attestation tokens
RevenueCat Purchases/entitlements Anonymous User Identifier and entitlement status
Firebase (Google) Anonymous authentication & remote text variants Anonymous User Identifier, configuration values (no analytics)

We do not share data with advertisers and we do not sell personal data.

Retention periods

Item Period Notes
Integrity/nonces/challenges A few minutes Used to verify single requests; removed shortly after.
Security/verification verdicts Under 30 minutes Cached briefly to improve performance.
Entitlement cache About 1 hour Temporary status cache (free/pro/ultimate).
Daily quota counters One calendar day Counter linked to your Anonymous User Identifier; not used for profiling.
Recipe requests/responses Not persisted Processed transiently to generate recipes.
Favorites & History Until you delete them or the app Stored locally on your device, linked to your Anonymous User Identifier.
  • Contract: to provide core app functionality, recipe suggestions, and manage your purchases.
  • Legitimate interests: security, fraud prevention, and service reliability.
  • Consent: push notifications (you can enable/disable them at any time).

Your rights

Depending on your region, you may have rights to access, correct, delete, restrict, and port your data. You can make requests via the email below. Because we store very little personal data, requests typically cover:

  • Checking your Anonymous User Identifier and entitlement status.
  • Deleting your Anonymous User Identifier and related server-side caches.

You can disable notifications and clear your favorites/history at any time in the App's settings.

Data deletion

To request deletion of your data, email support@nomnomnow.app. Please include your Anonymous User ID (App User ID) if possible. You can find this in the app's settings.

We’ll process your request within 30 days. Deletion involves removing your Anonymous User Identifier from our systems and those of our processors where applicable.

Children

The App is not directed to children under 13. We do not knowingly collect data from children.

Security

  • Transport encryption (HTTPS) between the App and our backend/providers.
  • Short-lived tokens and minimal retention for functional data.
  • Use of Firebase Authentication for secure, anonymous identity management.

No method is 100% secure, but we reduce risk by minimizing data and retention.

International data transfers

Our providers operate internationally (including the EU and the US). Where relevant, we rely on appropriate safeguards under applicable privacy laws.

Device permissions used

  • INTERNET – API traffic.
  • POST_NOTIFICATIONS – optional push notifications (opt-in).
  • RECEIVE_BOOT_COMPLETED – reschedule notification alarms after reboot/update.
  • REQUEST_IGNORE_BATTERY_OPTIMIZATIONS (optional) – to improve delivery reliability on Android.

Changes to this policy

We may update this policy. The date at the top shows the latest change. For material updates, we may notify you in the App or via the Store listing.

Contact

Questions or privacy requests? Email us at support@nomnomnow.app.

Controller / Legal information (NL)
NomNom Labs
KvK: 98255614
Postadres: Paxtonstraat 3 N, Unit C1823, 8013 RP Zwolle, Nederland
E-mail: support@nomnomnow.app