Privacy Policy
This policy is written in plain English. We collect as little data as possible, we don't sell it to anyone, and we use it only to make Nana work for you. If you have questions, email meetnanacooks@gmail.com.
Who we are
Nana is operated by [COMPANY NAME — add once incorporated], based in the United Kingdom. We are the data controller for the personal information described in this policy.
Contact: meetnanacooks@gmail.com
What data we collect and why
We collect only what we need to provide the service.
- Email address — collected by Stripe when you subscribe, used to send your access code and manage your membership. We do not receive your payment card details; these are handled entirely by Stripe.
- Payment information — processed and stored by Stripe. We never see or store your card number. See Stripe's privacy policy for details.
- Conversations with Nana — when you type something in the app, it is sent to Anthropic's Claude API to generate Nana's response. Anthropic may retain conversation data in line with their own policies. We do not store your conversations on our servers. See Anthropic's privacy policy for details.
- Ingredient inputs — when you use Fridge Brain, the ingredients you type are sent to the Anthropic API and are not stored by us after the session ends.
- Access code — stored locally on your device to remember that you are a member. This never leaves your device.
- Usage data — basic analytics (pages visited, features used) to help us improve the product. This data is anonymised and cannot be used to identify you.
Legal basis for processing (UK GDPR)
We process your personal data on the following legal bases:
- Contract performance — processing your payment and delivering the service you've subscribed to.
- Legitimate interests — improving the product using anonymised usage data. We balance this against your privacy rights and do not use this basis for anything intrusive.
- Legal obligation — retaining transaction records as required by UK law.
Who we share your data with
We share data only with the services needed to run Nana:
- Stripe — payment processing and subscription management.
- Anthropic — powers Nana's AI responses via the Claude API.
We do not sell your data. We do not share it with advertisers. We do not use it for any purpose other than providing the Nana service.
How long we keep your data
- Payment and subscription records: 7 years, as required by UK tax law.
- Email address: until you request deletion or your account is closed for 2+ years.
- Conversation data: not retained by us. Refer to Anthropic's retention policy.
- Usage analytics: aggregated and anonymised, retained indefinitely.
Your rights under UK GDPR
You have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Request deletion of your data
- Object to or restrict our processing
- Data portability — receive your data in a machine-readable format
- Withdraw consent where we rely on it
To exercise any of these rights, email meetnanacooks@gmail.com. We will respond within 30 days.
You also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk.
Cookies and local storage
The Nana app uses local storage on your device to remember that you are a member (your access code). This does not track you across websites and is stored only on your own device. We use minimal cookies for basic analytics. We do not use advertising cookies.
Children's privacy
Nana is not intended for use by anyone under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.
Changes to this policy
We may update this policy from time to time. We will notify members by email of any significant changes. The current version will always be available at this URL.
Contact
For any privacy questions: meetnanacooks@gmail.com