Used on-device to show nearby restaurants. Never stored on our servers.
Google Sign-In only. We store your name and email in Firebase.
Shared content is sent to Google Gemini to extract venue details.
Your data is never sold or used for advertising purposes.
1. Overview
MapItEatIt ("the App", "we", "us") is a food discovery app that helps you save, organise, and revisit restaurants discovered on social media. This Privacy Policy explains what data we collect, why we collect it, and how it's stored.
By using MapItEatIt, you agree to the practices described in this policy. If you do not agree, please do not use the App.
2. Information We Collect
Account information
When you sign in with Google, we receive your name, email address, and profile photo via Google Sign-In. This information is stored in Firebase Authentication and Firestore to identify your account and associate saved places with you.
Saved places and collections
Restaurant names, addresses, Google Place IDs, cuisine tags, your visit ratings, notes, and collection membership are stored in Firebase Firestore under your user account.
Shared content
When you share an Instagram Reel, TikTok video, or screenshot to MapItEatIt via the iOS Share Extension, the URL or image is sent to our analyzeCapture / analyzeVideo Cloud Functions. These functions use Google Gemini to extract venue information. Shared content is processed transiently and is not permanently stored on our servers beyond what's saved to your Firestore collections.
Location data
With your permission, the App accesses your device location to centre the map, display nearby restaurants, and calculate travel times. Location data is processed on-device and via the Google Routes API for travel time estimates. We do not store a history of your location on our servers.
Push notification tokens
If you grant notification permissions, a Firebase Cloud Messaging (FCM) token is stored in Firestore to deliver proximity alerts and other in-app notifications.
3. How We Use Your Information
- To authenticate you and sync your saved places across devices.
- To process shared social media content and extract restaurant details using AI.
- To display your saved restaurants on the map and in lists.
- To calculate walking, transit, and driving times to nearby venues.
- To send proximity alerts when you are near a saved restaurant (if enabled).
- To power the AI craving search feature (matchCraving).
We do not use your data for advertising, profiling, or any purpose not listed above.
4. Third-Party Services
MapItEatIt relies on the following third-party services, each with their own privacy policies:
- Google Firebase — authentication, database (Firestore), cloud functions, and push notifications. Firebase Privacy
- Google Gemini API — AI processing of shared content and craving matching. Gemini Terms
- Google Places API — venue lookup, autocomplete, and place details. Google Privacy Policy
- Google Routes API — travel time calculations. Covered by Google Privacy Policy above.
- Google Sign-In — account authentication. Covered by Google Privacy Policy above.
5. Data Storage & Security
All user data is stored in Google Firebase infrastructure (Firestore), protected by Firebase Security Rules that restrict read/write access to the authenticated owner of each record. Data is encrypted in transit (TLS) and at rest by Firebase.
We do not operate our own database servers. Cloud Functions run in Google Cloud (region: us-central1) and do not retain logs of the content you share beyond standard Google Cloud logging.
6. Data Retention & Deletion
Your data is retained for as long as you have an active account. You may request deletion of your account and all associated data at any time by emailing us (see contact section below). Upon a deletion request, we will remove your Firestore data and Firebase Auth account within 30 days.
Note: if you delete the app without contacting us, your data will remain in Firestore until you submit a deletion request.
7. Children's Privacy
MapItEatIt is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
8. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access — request a copy of the data we hold about you.
- Correction — request correction of inaccurate data.
- Deletion — request deletion of your account and data.
- Portability — request your data in a machine-readable format.
- Objection — object to processing of your data.
To exercise any of these rights, please contact us using the email below. We will respond within 30 days.
9. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Effective" date at the top of the page. Continued use of the App after changes constitutes your acceptance of the updated policy. For significant changes, we will notify you via the App.
Questions?
If you have any questions about this Privacy Policy or how we handle your data, get in touch.
privacy@mapiteatit.com