Privacy Policy
Privacy Policy for Plantry
This policy applies specifically to the diet-planning app available under the Oryen umbrella brand. It describes how the app may process data to provide meal-planning functionality, support, security, and related services.
Who Provides The App / Data Controller
Oryen is a product/publisher brand used by Orest Malinovskyi. The app is provided by Orest Malinovskyi, operating under działalność nierejestrowana under Polish law.
Data controller: Orest Malinovskyi. Contact: privacy@oryen.app.
No Account Requirement
The first version does not require user account creation. The app may use an anonymous or pseudonymous app installation/session identifier to provide functionality, keep local app state, and manage cached data.
What Data May Be Collected
The app does not ask for your name, email address, phone number, postal address, date of birth, or any health or medical record. It does not ask for body metrics such as weight or height. The data below is what you choose to enter to get a meal plan, plus limited technical data needed to run the service.
- an app-generated anonymous or pseudonymous installation/session identifier used to keep your app state and manage your planning requests;
- meal-planning preferences you enter, such as the number of meals, planning period, language, cooking equipment, budget level, preferred shops, favourite or disliked ingredients, and favourite or avoided cuisines and meals;
- nutritional targets you set, such as a daily calorie target and optional protein, carbohydrate, and fat targets;
- a dietary choice you may enter (for example vegetarian or vegan) and a free-text list of foods you choose to avoid or restrict;
- your pantry items, generated meal plans, shopping information, meal history, and any feedback you give on meals;
- the status and progress of your planning requests (for example whether a plan is in progress, finished, or failed) and basic technical request information;
- technical logs and service, usage, and cost information generated by the cloud services that run the app;
- your paid entitlement or subscription status through the Apple App Store or Google Play; payment and account details are handled by the app-store provider, not by an Oryen account system.
Some of the preferences above (for example a dietary choice, or a list of foods you avoid) are entered by you as personal preferences. They are not requested as health information, and you should not enter medical conditions, clinical notes, or other special-category data. You decide what to enter.
Inferred And Generated Data
Because the app uses automated and AI-based processing to build meal plans, it may also derive or infer additional information from the data you enter — for example patterns in your preferences, or suggestions and meal plans generated for you. This derived data is used only to generate and improve the plans you request, and it is treated with the same care as the data you enter directly.
Purposes Of Processing
- generating diet plans and related shopping information;
- saving or applying user preferences locally and, when needed, inside a backend plan job request;
- temporarily caching generated plans and job results;
- showing job and progress status;
- providing app functionality, customer support, and troubleshooting;
- security, abuse prevention, rate limiting, and service reliability;
- legal obligations where applicable.
Profiling And Automated Processing (AI)
To create a meal plan, the app processes the preferences you enter using automated and AI-based methods. This involves a form of profiling, in the sense that the system analyses your preferences to generate a plan that fits them. The purpose is solely to produce the personalised meal plan you asked for.
In general terms, the system takes the targets and preferences you provide, sends them to AI models, and returns a generated meal plan and related shopping information. The results are suggestions only and may contain errors. This processing does not produce decisions that have legal or similarly significant effects on you. For a plain-language explanation, see the AI Transparency Notice.
Legal Bases Under GDPR/RODO
Data needed to provide the meal-planning service you request is processed on the basis of performance of a contract, or steps taken at your request before a contract (Art. 6(1)(b) GDPR). Processing for security, abuse prevention, service reliability, and usage/cost monitoring relies on our legitimate interests (Art. 6(1)(f) GDPR). Where required by law, we rely on a legal obligation (Art. 6(1)(c) GDPR).
We do not rely on consent for the core functionality of the app. Consent is used only for optional, non-essential features where it applies — for example personalised advertising or optional analytics — and you can withdraw such consent at any time.
Service Providers We Use
To run the app we rely on a small number of service providers that process data on our behalf:
- a cloud hosting and infrastructure provider that runs the backend and stores planning requests and results;
- AI model providers that generate the meal plans and related suggestions from the preferences you enter;
- a food and nutrition data source used for generic ingredient information;
- the Apple App Store and Google Play for app-store managed purchases and subscriptions.
No automatic crash-reporting or advertising SDK is currently used. We do not sell your data. This list may be updated if providers are added, removed, or materially changed.
Data Retention
- Data stored on your device (profile, preferences, pantry, meal plans, privacy choices, and local history) stays on your device until you delete it in the app, reset the app, or the operating system removes it.
- The data sent to our backend to generate a plan is kept only temporarily. It is stored in protected (encrypted) form and is automatically deleted a short time after the plan is generated — typically within a few days — and can be deleted sooner from the app.
- Generic ingredient and nutrition lookup data, which is not specific to you, may be cached for longer to keep the service fast.
- Technical logs and service information are kept for a limited period for security and reliability.
- Payment, subscription, and tax records for paid features are managed by the Apple App Store or Google Play and may be retained where required by law or by the app-store provider.
Data Deletion
Use Settings → Privacy → Delete my data in the app. This is intended to delete app-associated data linked to the current app installation/session/anonymous identifier, depending on implementation.
See Data Deletion for more details.
User Rights
Depending on applicable law, you may have rights of access, rectification, deletion, restriction, portability, objection, withdrawal of consent where applicable, and the right to lodge a complaint with the Polish supervisory authority (PUODO).
No Account Model And Limits On Exercising Rights
Because the app has no user accounts, you are not identified by name or email. Your data is linked only to the anonymous identifier held by your app installation and to the technical token created for each planning request. This means that if you lose that identifier or token — for example by deleting the app, clearing its data, or switching devices — we may be unable to locate or connect your data to you, and in that case we may not be able to act on a request for access, correction, or deletion.
If you need help exercising your rights, you can contact us at privacy@oryen.app. We may ask for information that helps locate the relevant data; without it, some requests may not be possible to fulfil.
International Transfers
Some of our service providers, including the AI model providers, may process data outside the European Economic Area. Where this happens and is required by law, such transfers are intended to rely on appropriate safeguards, such as data processing agreements, the European Commission's standard contractual clauses, an adequacy decision, or another lawful transfer mechanism.
Children
The app is intended for users who are old enough to use it under applicable law and app-store rules. It is not designed for use by children without appropriate consent or supervision where required.
Contact
Privacy: privacy@oryen.app. Support: support@oryen.app.