Smply provides a clean, secure, and real-time experience to share grocery lists. We value your confidentiality. This policy details the minimum data we handle, how we process it, and how you retain full control.

Effective Date: July 7, 2026

1. Information We Collect

To run Smply without requiring complex accounts, passwords, or emails, we rely on a local identifier. We collect the following data to facilitate the list-sharing experience:

  • Device Identifier: A randomly generated anonymous UUID is created locally on your device during installation. This acts as your secure, unique credential to receive and send lists.
  • Profile Information: The first name, last name, and avatar selection (emoji preset or custom photo) you choose to customize your identity for your connections.
  • Push Notification Token: A Firebase Cloud Messaging (FCM) token to route real-time update notifications to your device.
  • Shared Lists & Connections: Active connection records (which user UUIDs are paired) and lists sent between them (item names, statuses, and category updates).
ID

Anonymous UUID

A locally generated key on your device. No email address, username, or passwords are ever required to sign up.

👤

Profile Info

A name and custom avatar image/emoji of your choice so lists are easily recognized by partners.

🔔

FCM Tokens

Used to send instant updates when a list is shared or updated.

2. Permissions Used & Rationale

Smply requests specific system permissions to function correctly. We only invoke them for direct user benefits:

  • Camera Access: Used exclusively to scan QR codes for establishing bidirectional connections. No image frame or camera feed is recorded or stored.
  • Notifications: Used to alert you instantly when a connection sends a new grocery list, updates an item, or completes a list.
📷

Camera (Scan Only)

Used strictly to scan QR codes to pair devices. No photos or video frames are captured or saved.

💬

Push Alerts

Notifies you immediately when a grocery list is sent, modified, or checked off by a connection.

3. Third-Party Services

We work with trusted third-party infrastructure to process updates and media:

  • Firebase Cloud Messaging (FCM): Delivers secure background notifications for updates.
  • Cloudinary: Handles hosting and content-delivery for optional custom user avatar uploads.
  • MongoDB Atlas: Securely hosts our database nodes where active lists and connection mappings reside.
Interactive Data Flow Map
Smply App FCM Cloudinary MongoDB
Smply App (Local Device)
Generates a secure UUID locally during installation. Tap other nodes to view what data is shared with them.

We use three core integrations to support list sharing:

🔥

Firebase Cloud Messaging

Handles secure transmission of real-time push notifications.

☁️

Cloudinary

Hosts custom profile picture uploads, if you choose to set one.

🍃

MongoDB Atlas

Maintains the active databases where active grocery list items are synchronized.

4. Data Retention & Control

We believe you own your data. Our practices include:

  • Immediate Sync & Clean: Shared lists are kept while active. When you remove a list, it is deleted from both our servers and your local storage.
  • Connection Removal: Breaking a connection immediately deletes the link metadata between you and that user.
  • Full Deletion: You can completely reset your identity and delete your profile by clearing the Smply app storage in your device Settings, which discards your local UUID. If you would like your database records purged, contact us directly at the email below.

Active Sync Cleanup

Deleting a grocery list clears it immediately from our servers and your devices.

🔌

Instant Disconnections

Unpairing with a contact immediately deletes the connection record linking your UUIDs.

🗑️

Complete Erasure

Resetting app data removes your UUID. Email us to instantly purge any database records.

5. Contact Us

For questions, privacy inquiries, or data deletion requests, you can reach out directly via: