Privacy Policy
Effective Date: March 11, 2026
FlexMeal, operated by Ngo, provides the FlexMeal mobile application (the "App"). This Privacy Policy explains how we collect, use, and protect your information when you use the App.
1. Information We Collect
Account Information: When you create an account, we collect your name, email address, phone number (optional), and profile photo (optional).
Authentication Data: We support sign-in via email/password, Apple Sign-In, and Google Sign-In. When you use social sign-in, we receive your name and email from the provider. We do not receive or store your social account passwords.
Payment Information: Payments are processed by Stripe. We do not store your full credit card numbers. Stripe collects and manages your payment details under their own privacy policy. For chefs, Stripe Connect collects banking and identity information for payouts.
Order Information: We store order details including items purchased, amounts, order status, and pickup locations.
Messages: If you use in-app messaging, we store message content to facilitate communication between customers and chefs.
Device Information: We collect device identifiers and push notification tokens to send you notifications about orders and messages.
Usage Data: We use Mixpanel to collect anonymized usage analytics such as screens viewed, features used, and app events. We use Sentry to collect crash reports and error logs to improve app stability.
2. How We Use Your Information
- To create and manage your account
- To process orders and payments
- To send push notifications about orders, messages, and updates
- To facilitate communication between customers and chefs
- To improve the App through analytics and crash reporting
- To prevent fraud and ensure security
3. Third-Party Services
We use the following third-party services that may collect data:
- Supabase — Database, authentication, and file storage
- Stripe — Payment processing and chef payouts
- Expo — Push notification delivery
- Sentry — Crash reporting and error tracking
- Mixpanel — Usage analytics
- Apple / Google — Social sign-in authentication
Each service operates under its own privacy policy. We encourage you to review their policies.
4. Data Sharing
We do not sell your personal information. We share data only as follows:
- With Stripe to process payments
- With other users as necessary for orders (e.g., your name is visible to the chef you order from)
- With service providers listed above to operate the App
- If required by law or to protect our rights
5. Data Retention
We retain your account data for as long as your account is active. Order history is retained for record-keeping and dispute resolution. You may request deletion of your account and associated data at any time.
6. Data Security
We use industry-standard security measures including encrypted connections (HTTPS/TLS), Row Level Security on our database, JWT authentication, and secure credential storage on your device. However, no method of transmission or storage is 100% secure.
7. Your Rights
You may:
- Access and update your personal information through the Edit Profile screen
- Delete your account by contacting us
- Opt out of push notifications through your device settings
8. Children's Privacy
The App is not intended for children under 13. We do not knowingly collect information from children under 13. If we learn that we have collected such information, we will delete it promptly.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes through the App or by email. Your continued use of the App after changes constitutes acceptance of the updated policy.
10. Contact Us
If you have questions about this Privacy Policy or want to request data deletion, contact us at: