Privacy Policy
Effective Date: February 24, 2026 | Version 1.0
Geographic scope: The Green Ledger app is currently available to United States residents only. This Privacy Policy is written for and governed by US law. If you are located in the European Union, European Economic Area, or United Kingdom, you are not authorized to use the app at this time.
Please read this policy carefully before creating an account. Green Ledger collects store location data and purchasing behavior as core parts of how the service works. Consent to all data practices described in this policy is required to create and use a Green Ledger account. If you do not agree, do not create an account.
Contents
1. About Green Ledger
Green Ledger, Inc. ("Green Ledger," "we," "us," or "our") is a food transparency company incorporated in Delaware and operating in the United States. We provide a mobile application that helps health-conscious consumers make informed grocery decisions by scanning products and receipts and providing expert-backed nutritional scores.
For purposes of applicable data protection laws, Green Ledger, Inc. is the data controller responsible for your personal information.
Privacy contact: privacy@greenledger.ai
2. Data We Collect
A. Account Data (Provided by You)
- Email address — used to create and manage your account and for login authentication.
- Company information — if you register as a business or brand partner: business name, and any lab reports or certifications you voluntarily upload.
B. Scan Data (Generated by Your Use of the App)
- Product attributes — ingredient lists, nutrition facts, certifications, and other label data extracted from product images you scan.
- Product scores — nutritional quality scores calculated by Green Ledger's scoring algorithms based on extracted product data.
- Receipt data — store name, product SKUs, pricing, and Healthy Eating Index (HEI) scores calculated from grocery receipts you scan.
- Scan history — a record of products and receipts you have scanned, stored in your account and tied to your user ID.
- Timestamps — the date (day-level precision) of each scan, stored to track pricing and product availability changes over time.
C. Store Location Data
Green Ledger records the name and general location (e.g., store name, neighborhood, city) of the retail location where you scan a product or receipt. We do not collect precise GPS coordinates; location is recorded at the store level.
This data is collected as a core part of the service. Green Ledger uses store location to build a geo-specific product and pricing database, which powers in-app features such as location-aware product availability and price comparisons. Store location data is retained internally by Green Ledger and is not shared with retail partners in identifiable form. See Section 4 for how consent to this collection works.
D. Camera and Images (Processed in Transit Only)
When you scan a product or receipt, your device's camera captures an image that is transmitted to Google's Gemini AI service for analysis. Green Ledger does not permanently store raw product or receipt images. Images are processed in transit and discarded after analysis. Only the extracted data (product attributes, scores) is stored.
E. Technical Data
- App version and device operating system type (for bug tracking and compatibility).
- We do not collect precise device identifiers, advertising IDs, or track you across other apps or websites.
3. How We Use Your Data
| Data | How We Use It |
|---|---|
| Email address | Account creation, authentication, and service communications |
| Product and receipt images | Sent to Google Gemini AI for label analysis; discarded immediately after |
| Extracted product attributes and scores | Displayed in your scan history; used to calculate and improve scoring accuracy |
| Store location | Building a geo-specific product and pricing database; powering location-aware in-app features. Retained internally — not shared with retail partners in identifiable form. |
| Pricing and receipt data | Your personal HEI scores; contributing to aggregate, non-personal product and pricing statistics used in retail partner reporting |
| Timestamps | Tracking price and availability changes over time; aggregate trend reporting |
We do not use your personal data to train AI models, display advertising, or sell your individual (non-aggregated) data to third parties.
4. Consent — Required to Use the App
By creating a Green Ledger account, you consent to all data practices described in this Privacy Policy, including:
- The collection of store location when you scan products or receipts.
- The use of your scan data (including store location, pricing, and product attributes) to build and continuously improve Green Ledger's proprietary product database.
- Green Ledger's use of aggregate, non-personal statistics derived from usage data for retail partner reporting (see Section 5).
These data practices are integral to how Green Ledger works. Every scan — whether of a new product, a new price, or a new location — updates Green Ledger's proprietary database, which improves the quality of information available to all users. The app is not available in a reduced-data mode. If you do not consent to these data practices, please do not create an account.
What Green Ledger shares with retail partners
Retail partners receive aggregate product and pricing statistics — for example, category-level pricing benchmarks or product availability patterns. These reports contain no personal information. Store location, timestamps, user IDs, email addresses, and individual scan records are not included in what retailers receive. Green Ledger's anonymization process removes all personal identifiers before any data is used in retail reporting.
Withdrawing consent
You may withdraw your consent to these data practices at any time by closing your account. Account closure stops all future data collection and triggers deletion of your personal data within 30 days (see Section 6). Because these data practices are core to the service, the app cannot be provided to users who have withdrawn consent.
To close your account, go to Settings → Account → Delete Account, or contact privacy@greenledger.ai.
Consent at account creation
When you create a Green Ledger account, you will be presented with a summary of the data practices described in this policy and asked to acknowledge your consent before your account is activated. A record of your consent — including the date and the version of this Privacy Policy in effect at the time — is stored with your account.
5. Data Sharing and Disclosure
Service Providers (Data Processors)
We share data with the following companies solely to operate the Green Ledger service. These providers are contractually required to use your data only as directed by Green Ledger and to maintain appropriate security measures.
| Provider | Purpose | Compliance |
|---|---|---|
| Supabase, Inc. | Database hosting, authentication, and API infrastructure | SOC 2 Type II |
| Google LLC (Gemini / Vertex AI) | AI analysis of product and receipt images | ISO 27001; SOC 2 |
| Expo / EAS (Expo, Inc.) | App delivery and over-the-air updates | SOC 2 |
Retail Partners
Green Ledger provides retail partners with aggregate product and pricing statistics derived from usage of the app. These reports contain no personal information. Before any data is used in retail reporting, all personal identifiers are removed — including store location, timestamps, user IDs, and email addresses. What retailers receive is statistical output (e.g., category-level pricing benchmarks, product availability patterns) that cannot be traced back to any individual user.
Legal Requirements
We may disclose personal information if required by law, court order, or governmental authority, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
Business Transfers
If Green Ledger is acquired, merged, or its assets are transferred, your data may be transferred as part of that transaction. We will notify you via the email address on your account before your data becomes subject to a different privacy policy.
Data Security
Green Ledger takes reasonable technical and organizational measures to protect your personal information against unauthorized access, loss, or misuse.
- Encryption in transit: All data transmitted between the app and Green Ledger's servers is encrypted using TLS (HTTPS). This includes account data, scan data, and store location information.
- Encryption at rest: Personal data stored in Green Ledger's database is encrypted at rest by Supabase, our cloud infrastructure provider (SOC 2 Type II certified).
- Images never stored: Product and receipt images are processed in memory during AI analysis and are never written to disk or stored by Green Ledger.
- Access controls: User data is accessible only to the authenticated account it belongs to, enforced at the database level via Supabase Row Level Security. Green Ledger staff access to user data is restricted and logged.
No method of electronic transmission or storage is 100% secure. While we use industry-standard safeguards, we cannot guarantee absolute security. If you have reason to believe your account has been compromised, contact us immediately at privacy@greenledger.ai.
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Account data (email, authentication records) | Until account deletion, or 3 years of account inactivity, whichever comes first |
| Scan history and product scores | Until account deletion |
| Store location data | Until account deletion |
| Product and receipt images | Not retained — processed in transit and discarded |
| Aggregated, de-identified data shared with partners | Aggregated data does not contain personal identifiers and may be retained beyond account deletion, consistent with applicable law |
| Consent records | Retained for legal compliance purposes, even after account deletion |
| Legal / compliance records | As required by applicable law |
When you delete your account, Green Ledger will delete or anonymize all personal data associated with your account within 30 days, except as noted above.
7. Your Privacy Rights
For All Users
- Access your data: You can view your scan history and account information within the app.
- Export your data: Request a machine-readable export of your personal data by contacting privacy@greenledger.ai.
- Delete your account: Delete your account and associated personal data via Settings → Account → Delete Account. We will complete deletion within 30 days.
- Withdraw consent: You may withdraw consent to Green Ledger's data practices at any time by closing your account. See Section 4.
California Residents (CCPA / CPRA)
Under the California Consumer Privacy Act, as amended by the California Privacy Rights Act, you have the following rights:
- Right to know: Request disclosure of the categories and specific pieces of personal information we have collected about you and the purposes for which it is used.
- Right to delete: Request deletion of personal information we have collected, subject to certain exceptions. Account deletion (Section 6) is the primary mechanism for this right.
- Right to correct: Request correction of inaccurate personal information.
- Right to opt out of sale or sharing of personal information: Green Ledger does not sell your personal information. The aggregate statistics shared with retail partners contain no personal information and are therefore outside the scope of CCPA's sale/sharing opt-out right. If you believe any personal information has been shared in a way not described in this policy, contact us at privacy@greenledger.ai.
- Right to non-discrimination: Green Ledger will not retaliate against you for exercising your CCPA rights.
To submit a CCPA request, contact privacy@greenledger.ai or visit our Support page. We will respond within 45 days.
CCPA Personal Information Categories Collected
| Category | Collected? | Sold or Shared with Third Parties? |
|---|---|---|
| Identifiers (email address, user ID) | Yes | No |
| Geolocation — store-level location (store name and general area; not precise GPS coordinates) | Yes (consent required at account creation) | No — retained internally; not included in retail partner reporting |
| Commercial information (products scanned, pricing, receipt data) | Yes | No personal information is shared. Aggregate, non-personal statistics derived from this data are used in retail partner reporting. |
| Visual information (product/receipt images) | Processed in transit; not stored | No |
| Inferences (product health scores) | Yes | No |
8. Children's Privacy
Green Ledger is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected information from a child under 13, please contact us at privacy@greenledger.ai and we will delete it promptly.
9. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email at least 14 days before the changes take effect and update the Effective Date above. If changes involve new or expanded data practices, we will seek renewed consent in the app before the change takes effect. Your continued use of the app after the effective date constitutes acceptance of the updated policy.
10. Contact Us
For privacy questions, data access and deletion requests, or to exercise any of the rights described in this policy:
- Email: privacy@greenledger.ai
- Support page: greenledger.ai/support
- Mail: Green Ledger, Inc., Attn: Privacy, [Registered Address]
We aim to respond to all privacy requests within 30 days (45 days for CCPA requests).
Pre-launch legal notice: Green Ledger intends to obtain legal review of this Privacy Policy from qualified privacy counsel before full public launch, particularly with respect to CCPA sensitive personal information obligations, the mandatory consent model, and data sharing practices with retail partners. This policy accurately reflects current data practices and will be updated as legal review is completed. Replace [Registered Address] with the company's official registered address before publishing.