Sansglu

Privacy Policy

How we protect your data and your rights at Sansglu.

Privacy Policy

Last updated: April 17, 2025

Your privacy matters to us. We take your trust seriously.
We will never sell your data—never have, never will.

This policy applies to all Sansglu apps, websites, and services.

If you have questions, email us at privacy@sansglu.com.

Table of Contents

What We Collect and Why

We collect only what’s necessary to provide and improve our services for you.

Identity and Access

When you sign up, we collect your name, email, and optionally, dietary preferences (e.g., celiac-safe only).
This personalizes your experience and improves recommendations.

We may send important updates about your account or app improvements. With your consent, we may also send newsletters or surveys.

Location Data

Sansglu uses your device’s location (only with your permission) to help you discover gluten-free restaurants nearby.
You can disable location services at any time, but some features may be limited.

Note: We do not track your location in the background or store your real-time movements. Location data is used only for the “search nearby” feature.

Restaurant Interactions

When you view restaurants, leave reviews, or save favorites, we store this data to enhance your experience and improve our recommendations.

Payment Information

If you subscribe to Sansglu Pro, your payment details are processed securely by our payment provider.
We do not store your full credit card number—only limited transaction metadata (e.g., last 4 digits, plan type, billing address) to manage your subscription.

Device and Usage Data

We collect anonymized analytics (e.g., app version, device type, crash logs) to improve performance and fix bugs.
This data is never tied to your identity.

Voluntary Correspondence

If you contact us for support, we may store your messages and email to provide better assistance in the future.

When We Access or Disclose Your Information

We only access or share your data in limited circumstances:

  • With your consent – For example, if you contact support and give us permission to view your account.
  • To provide services – We use trusted third-party providers (e.g., Supabase for authentication, Stripe for billing) under strict data processing agreements.
  • For legal reasons – If required by law, we may share minimal necessary data with authorities, but will notify you unless prohibited.
  • To prevent abuse – We may access data if there’s reason to believe our service is being misused (e.g., scraping, fraud), but only as a last resort.
  • In the event of a merger or acquisition – You will be notified before any data transfer occurs.

We do not use your data for third-party advertising or profiling.

Your Rights

Everyone deserves control over their data. You have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate or outdated information
  • Delete your account and associated data
  • Restrict or object to certain types of data use
  • Export your data in a portable format
  • Withdraw consent at any time (e.g., for marketing)

To exercise any of these rights, email us at privacy@sansglu.com.
We may ask you to verify your identity to process your request.

How We Secure Your Data

We take security seriously. Here’s how we protect your information:

  • All data is encrypted in transit (TLS/SSL)
  • Sensitive data (e.g., passwords) is hashed and never stored in plain text
  • Our databases are hosted with industry-standard security practices
  • We perform regular code audits and vulnerability monitoring

While no system is 100% foolproof, we follow best practices and respond quickly to emerging threats.

What Happens When You Delete Content

If you delete a review, favorite, or your account, we remove or anonymize that content from our systems within 60 days.
Some data may remain in encrypted backups for an additional 30 days, after which it is permanently deleted.

Data Retention

We retain your data only as long as necessary to provide our services and comply with legal obligations.
If you cancel your account, we delete or anonymize your data within 60 days, unless we are required to retain it for fraud prevention, dispute resolution, or tax compliance.

Location of Site and Data

Sansglu is operated from the United States. All data is stored in U.S.-based servers (e.g., Supabase, Vercel, Stripe).
If you are accessing our service from outside the U.S., you acknowledge that your data will be transferred and processed in the U.S.

International Data Transfers

For users in the European Union, United Kingdom, or other regions with strong data protection laws, we take steps to ensure your data receives the same level of protection as required by local laws. These include:

  • Standard Contractual Clauses
  • Data Processing Agreements with subprocessors
  • Limiting data access to only what’s necessary

We are committed to complying with GDPR, CCPA, and other applicable privacy regulations.

Changes and Questions

We may update this policy from time to time. If we make significant changes, we’ll notify you via email or in-app notice.
The most current version will always be available on our website and within the app.

Have questions, feedback, or concerns?
📧 privacy@sansglu.com

Thank you for trusting Sansglu.
We built this platform to make gluten-free living easier and safer—your privacy is part of that commitment.