Privacy Policy

1. Overview

Grocy Fridge Scanner is an open-source Android application that uses on-device artificial intelligence to detect food items in photos you take of your fridge or cupboard, then syncs those changes to a self-hosted Grocy inventory server that you control.

This privacy policy explains what data the app accesses, where it is stored, and how it is used.

2. Data We Collect

We do not collect any data. The developers of Grocy Fridge Scanner have no access to your photos, your inventory data, your Grocy server credentials, or any other information processed by this app.

There are no analytics, no crash reporting, and no third-party tracking of any kind built into this application by the developers. Note that Google AdMob, which is used to display ads in the app, may collect certain device and ad interaction data as described in Section 8 below.

3. Data Stored on Your Device

The following data is stored locally on your Android device and never leaves it unless you explicitly configure a Grocy server:

Data	Where Stored	Purpose	Encrypted
Grocy Server URL	Android DataStore (preferences)	Connect to your Grocy instance	No
Grocy API Key	Android Encrypted SharedPreferences	Authenticate with your Grocy instance	Yes (AES-256)
AI Model (Gemma 4 E2B)	App internal storage (~1.5 GB)	On-device food detection	N/A
Scan Photos	App cache directory	Temporary use for AI analysis and review	No
Scan History	Android DataStore (preferences)	Display past scans in the History screen	No
Onboarding Completion	Android DataStore (preferences)	Track whether initial setup is done	No

4. Data Sent to Your Grocy Server

When you configure a Grocy server and tap "Sync to Grocy," the following data is sent to your self-hosted Grocy instance over HTTPS:

• Inventory changes — product names, quantities, and location assignments
• New product creations — if a detected food item doesn't exist in your Grocy database, the app creates it

This data is sent directly from your phone to your Grocy server. It does not pass through any intermediary servers controlled by the app developers.

5. Camera Access

The app requests access to your device's rear camera for the sole purpose of taking photos of food storage areas (fridge shelves, cupboards, pantry). Photos are used only for:

• On-device AI analysis to detect and count food items
• Display in the review screen so you can verify what was detected
• Storage in scan history for your reference

Photos are never uploaded to any cloud service. They remain in the app's cache directory on your device and can be cleared by clearing the app's cache or uninstalling the app.

6. AI Processing

Grocy Fridge Scanner uses Gemma 4 E2B, an AI model that runs entirely on your device using the LiteRT framework.

• No images are sent to any server for AI processing. All inference happens locally on your phone's processor.
• The AI model file (~1.5 GB) is downloaded from HuggingFace during initial setup and stored locally. This is a one-time download.
• The model processes your photo, identifies food items, and returns results — all without network access.

7. Network Access

The app uses network access for the following purposes:

• Downloading the AI model — A single connection to HuggingFace (huggingface.co) to download the Gemma 4 E2B model file during onboarding.
• Communicating with your Grocy server — When you sync inventory changes, the app connects to the Grocy server URL you provided.
• Google AdMob — The app connects to Google's ad servers to load and display banner and interstitial advertisements. These connections are handled by the Google Mobile Ads SDK.

8. Third-Party Services

This application integrates the following third-party service:

Google AdMob

The app uses Google AdMob to display advertisements, including banner ads at the bottom of each screen and interstitial ads that appear after taking a photo with the camera.

• What AdMob may collect: Device identifiers (such as Android Advertising ID), IP address, user agent, ad interaction data (impressions, clicks), and general device information (screen size, OS version).
• Purpose: To serve relevant advertisements and measure ad effectiveness.
• Google's privacy policy: policies.google.com/privacy
• Opting out: You can opt out of personalized advertising by resetting your Android Advertising ID in your device Settings under Google > Ads, or by disabling ad personalization on your Google account.

The app does not use:

• Google Analytics or Firebase for usage tracking
• Any crash reporting services (e.g., Crashlytics, Sentry)
• Any social media SDKs

9. Data Retention and Deletion

• Scan photos are stored in the app's cache directory. They are deleted when you clear the app's cache or uninstall the app.
• Scan history is stored locally. The last 25 scans are retained. Individual scans can be deleted from the History screen in the app.
• Grocy credentials can be removed by clearing the app's data in Android Settings, or by uninstalling the app.
• AI model file can be deleted by clearing app data or uninstalling. It can be re-downloaded from the Settings screen.

Uninstalling the app removes all locally stored data.

10. Children's Privacy

This app does not knowingly collect information from children. The app does not collect information from anyone — it simply does not have any data collection mechanism.

11. Open Source

Grocy Fridge Scanner is open source. You can inspect every line of code to verify the claims made in this privacy policy. The source code is available at:

github.com/chartmann1590/GrocyFridgeScanner

12. Changes to This Policy

If this privacy policy is updated in the future, changes will be reflected on this page with an updated "Last updated" date. Since the app is open source, any changes to data handling would also be visible in the source code.

13. Contact

If you have questions about this privacy policy or the app's data practices, you can open an issue on the GitHub repository:

github.com/chartmann1590/GrocyFridgeScanner/issues