Chof

Privacy Policy

Last Updated: June 19, 2026

Chof ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our mobile application, whether as an account holder or a guest user.

1. Information We Collect

Account Information

When you create an account, we collect your email address and password. If you use Sign in with Apple, we receive your Apple ID identifier and optionally your name and email.

Guest & Usage Data

You may use certain features of Chof, such as scanning chocolate bars, without creating an account. In these cases, we may collect a unique device identifier or "fingerprint" to enforce daily scan limits and ensure service quality.

User's Content

We collect photos of chocolate bars that you scan using your camera or select from your photo library. These images are uploaded to our servers to identify the product. If you are not signed in, these scans are temporarily associated with your device identifier.

Usage Activity

We track interactions such as the chocolate bars you scan, rate, and add to your lists to provide and improve our services.

2. How We Use Your Information

  • To provide and maintain the Chof service
  • To identify chocolate bars using AI analysis
  • To personalize your chocolate collection
  • To improve our product identification accuracy
  • To send service-related communications
  • To send occasional onboarding and activation emails that help you get started with Chof. We send these on the basis of our legitimate interest in helping new users get value from the service, and you can opt out of them at any time.

3. Subscription and Payment Data

If you purchase Chof Premium, your payment is processed directly by the Apple App Store or Google Play Store. We do not collect or store your full credit card details.

We receive subscription metadata (such as subscription status, product ID, and expiration dates) to provision your Premium access, managed via our provider RevenueCat.

4. Third-Party Services

Google Gemini AI

We send image data to Google's Gemini AI for the sole purpose of identifying chocolate bars. Google does not use this data to train their models.

Supabase

We use Supabase for authentication and database services. Your data is stored securely on Supabase infrastructure.

Sentry

We use Sentry to monitor app crashes and errors to improve the user experience. This may include device information and error context.

Braintrust

We use Braintrust to monitor and debug AI identification quality. We log operational metadata about AI calls. We do not store raw scan images in Braintrust.

RevenueCat

We use RevenueCat to manage cross-platform subscriptions and in-app purchases. RevenueCat receives anonymized app user IDs and purchase receipts to validate and provision your Premium access.

PostHog

We use PostHog for product analytics to understand how users interact with our app and to improve the user experience.

Resend

We use Resend to send transactional emails (such as password resets and confirmations) and occasional onboarding emails that help new users get started. Every non-essential email includes an unsubscribe option, and you can opt out at any time by replying to any message.

Mapbox

When you view our interactive maker map on the website, we use Mapbox to render the map. Mapbox may receive your IP address and map interaction data (such as the area you view and your zoom level) to deliver and improve the mapping service.

5. Data Security

We implement appropriate security measures to protect your personal information. All data transmission is encrypted using HTTPS.

6. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your data
  • Opt out of non-essential emails, and object to processing based on our legitimate interest

7. Account Deletion

You can delete your account at any time through the mobile app's Settings page. This will permanently remove all your data including scans, ratings, and personal information.

8. Children's Privacy

Chof is not intended for children under 13. We do not knowingly collect personal information from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the app or via email.

10. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at:

support@chof.nl