Privacy Policy

Who we are

Pukkala (the "Service") is operated from Paris, France. We're the data controller under GDPR for the personal data we process. Contact: [email protected].

What we collect

Account data: email address, username, optional bio, optional profile photo. Event data: audio you save, the acoustic features extracted from each recording (duration, peak intensity, spectral metrics, MFCCs), our derived classification and Pukkala Index, optional notes, optional location, the AI interpretation. Food log data: free-text descriptions and the parsed ingredient list. Social data: who you follow, your reactions, your comments. Device data: app version, OS version, anonymized crash logs. Product analytics: screen views, button taps, session identifiers, Pro/Free state, and recording, playback, save, purchase, and sharing errors.

Audio storage

Raw audio is recorded locally first. When you save an event, the recording is uploaded to Supabase Storage so playback and sharing work across devices. Saved audio, acoustic features, food-label snapshots, reactions, and comments are kept while the event and account exist. Deleting an event or deleting your account removes the associated audio from production storage.

Location

Location is opt-in. When you choose an approximate location tier, your raw coordinates never leave your device — they're fuzzed locally before upload. The fuzzed centroid is what shows on the public map. Pro users can choose a sharper exact-pin tier; everyone can switch future recordings to Private in Settings → Privacy.

Why we process it

To provide the Service (acoustic analysis, AI interpretation, social features, the map). To compute aggregate statistics (anonymized — your individual events aren't identifiable in the global counts shown on the welcome screen and map stat strip). To detect abuse and protect users. To debug app flows, purchase errors, recording errors, and playback errors through first-party product analytics. To provide customer support when you contact us.

Third parties

Supabase (supabase.com): database, authentication, storage hosting. Located in the EU when you sign up from the EU. NVIDIA (nvidia.com): AI processing for the interpretation text and food parsing, run on US-based infrastructure. We send extracted acoustic features (numbers describing the sound) and free-text food descriptions only — never raw audio, your email, or other directly-identifying information. If you do not want your acoustic features or food descriptions sent to NVIDIA, you can opt out of AI interpretation in Settings → Privacy. Mapbox (mapbox.com): map tile rendering. Sees IP and viewport coordinates but not your event data. RevenueCat (revenuecat.com): subscription management for Pukkala Pro. Sees your purchase history.

International data transfers

When acoustic features or food descriptions are sent for AI processing, they are processed by our third-party AI provider (NVIDIA) on US-based infrastructure. This means the data may leave the EU and be processed in the United States. By using AI interpretation features, you consent to this transfer. If you prefer to keep your data within EU/EEA infrastructure, you can disable AI interpretation in Settings → Privacy and rely on the deterministic local fallback instead.

Your rights (GDPR / CCPA)

You can: request a copy of your data; correct inaccurate data; delete your account and all data within 30 days (Settings → Account → Delete account); object to certain processing; restrict processing while a request is pending; withdraw consent at any time. Email [email protected] to exercise any of these. We respond within 30 days.

Data retention

Account and event data is kept for as long as your account exists. Raw product analytics events are kept for up to 180 days; aggregate counts may be retained indefinitely. After account deletion, we remove personal data from production within 30 days and from backups within 90 days. Anonymized aggregate statistics are retained indefinitely. Crash logs are kept for 90 days.

Security

Auth via magic-link OTP — no passwords stored. Database encrypted at rest. Row-level security ensures users can only read their own private data. HTTPS for all transport. We use industry-standard practices but no system is perfect — if a breach affects your data, we'll notify affected users within 72 hours of discovery.

Cookies and tracking

On the web companion (pukkala.com/e/[id]) we use a single first-party cookie to keep your session. We don't use third-party advertising or analytics cookies. The native app uses first-party product analytics to record screen views, button taps, and recording, playback, save, purchase, and sharing errors. We do not store raw audio, food text, comments, notes, email addresses, or precise GPS coordinates in analytics events. The native app also uses platform-provided crash reporting that you can disable in your device settings.

Children

Pukkala is not directed to children under 17. If you believe a child has created an account, contact [email protected] and we'll remove it.

Changes to this policy

When we make material changes we'll notify you in-app and via email at least 14 days before they take effect. Continued use after that means you accept the update.