Privacy Policy

Last Updated: February 24, 2026

1. Introduction

Welcome to Outta ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our shopping list application.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, display name, and authentication credentials
• Household Data: Household names, join codes, member information
• Shopping List Data: Item names, categories, prices, quantities, notes, and purchase history
• Store Preferences: Preferred stores and custom aisle orders

2.2 Automatically Collected Information

• Usage Data: Analytics events tracking feature usage (anonymized)
• Device Information: Device type, operating system, app version
• Activity Logs: Timestamps of actions like adding, claiming, or buying items

3. How We Use Your Information

We use your information to:

• Provide and maintain the Outta service
• Enable household collaboration and shopping list sharing
• Provide smart recommendations (auto-restock, frecency suggestions)
• Improve app performance and user experience
• Send push notifications about household activity (if enabled)
• Analyze usage patterns to improve features
• Prevent fraud and ensure security

4. Data Storage and Security

We use Firebase (Google Cloud Platform) to store and process your data. Your data is:

• Stored in secure, encrypted databases
• Protected by Firebase Security Rules preventing unauthorized access
• Backed up regularly for disaster recovery
• Transmitted over encrypted connections (HTTPS/TLS)

5. Data Sharing

We do NOT sell your personal information. We share data only in these limited circumstances:

• Within Your Household: Shopping list data is visible to all household members
• Service Providers: Firebase/Google Cloud for hosting and analytics
• Legal Requirements: If required by law or to protect our rights

6. Your Rights and Choices

You have the right to:

• Access: View all data associated with your account
• Correction: Update inaccurate information via in-app settings
• Deletion: Request account deletion (contact us)
• Export: Request a copy of your data
• Opt-Out: Disable analytics and notifications in settings

7. Data Retention

We retain your data:

• While your account is active
• For up to 90 days after account deletion (to allow recovery)
• Analytics data is anonymized and retained for up to 2 years

8. Children's Privacy

Outta is not intended for children under 13. We do not knowingly collect data from children. If you believe a child has provided us with personal information, please contact us immediately.

9. International Users

Your data may be transferred to and processed in the United States or other countries where Firebase operates. By using Outta, you consent to this transfer.

10. Changes to This Policy

We may update this privacy policy periodically. We will notify you of significant changes via email or in-app notification.

11. Third-Party Services

We use the following third-party services:

• Firebase Authentication: For secure login
• Firebase Firestore: For database storage
• Firebase Cloud Functions: For server-side logic
• Firebase Analytics: For usage tracking
• Firebase Cloud Messaging: For push notifications
• Google Sign-In: For authentication option

These services have their own privacy policies governing their use of information.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of sale (we don't sell data)
• Right to non-discrimination for exercising rights

13. GDPR Compliance (EU Users)

If you are in the European Union, you have rights under GDPR:

• Right to access your data
• Right to rectification
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object

Our lawful basis for processing: Performance of contract, legitimate interests, and consent (for optional features).

14. Contact Us

If you have questions about this privacy policy or want to exercise your rights, contact us:

• Email: privacy@outta.app
• Response Time: We aim to respond within 30 days

15. Cookies and Tracking

We use minimal tracking:

• Session cookies for authentication (required)
• Local storage for offline functionality (required)
• Firebase Analytics (can be disabled in settings)

This privacy policy is effective as of February 24, 2026 and supersedes all prior versions.