Privacy Policy
Butler AI is built upon a single foundational conviction: your personal information belongs to you, and you alone. This Privacy Policy sets out, with complete transparency, what data Butler AI collects, why, and how it is handled. We endeavour to use plain language throughout — a butler speaks plainly to those he serves.
1. The Short Version
Butler AI stores your dietary preferences, household details, meal history, and larder contents exclusively on your own device, using your browser's IndexedDB storage. None of this information is transmitted to our servers or shared with third parties for advertising purposes. The server-side component of Butler AI sees only an anonymous, randomly generated identifier — never your name, email address, or any personally identifiable information.
2. Information Collected on Your Device
The following data is stored locally on your device and never transmitted to Butler AI servers:
- Your preferred name (if you choose to provide one)
- Household size, dietary restrictions, and health goals
- Weekly food budget preferences
- Meal plan history and recipe favourites
- Larder inventory and food storage goals
- Meal feedback signals (swaps, skips, preferences) used for on-device learning
- Shopping list history
This data resides in your browser's IndexedDB. You may clear it at any time via your browser settings or from within the Butler AI application.
3. Information Transmitted to Our Servers
Butler AI's backend receives only the following:
- An anonymous UUID hash — a randomly generated identifier created on your device. It contains no personal information and cannot be reverse-engineered to identify you.
- Subscription status — a flag indicating your plan tier (Free, Basic, or Premium), held against your anonymous ID only.
- Meal plan generation requests — the nutritional constraints, budget, and dietary requirements needed to generate your plan. These are processed transiently and not stored against any identity.
- Standard server logs — IP address, request path, and timestamp, retained for up to 30 days for security and operational purposes.
4. Third-Party Services
Butler AI integrates with the following third-party services. Each is governed by its own privacy policy.
- Kroger API — used to fetch live grocery pricing. Kroger receives your postcode (if provided) to return local store prices. No personal profile is created.
- OpenAI (GPT-4o Vision) — used by Premium subscribers for the Recipe Photo Scanner feature. Images you submit are processed by OpenAI's API. Please review OpenAI's Privacy Policy for details on image handling.
- Open Food Facts — used for barcode product lookups. Queries are anonymised.
- Allrecipes.com — recipe data is sourced from Allrecipes at import time and stored in our database. We do not share user data with Allrecipes.
5. Cookies and Tracking
Butler AI does not use advertising cookies, tracking pixels, or third-party analytics. We do not employ remarketing or behavioural advertising of any kind. A single session cookie may be set for authentication purposes; it contains only your anonymous UUID and expires when you close your browser.
6. Children's Privacy
Butler AI is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided information through our service, please contact us and we shall delete it promptly.
7. Data Retention and Deletion
Because your personal data lives on your device, you may delete it at any time by clearing your browser's local storage or uninstalling the application. To request deletion of your anonymous server-side record (subscription status and logs), please contact us at privacy@butler.dev.
8. Security
All communications between your device and Butler AI servers are encrypted via TLS 1.3. Our servers are hosted on Replit and comply with industry-standard security practices. Given that sensitive personal data never leaves your device, the attack surface for a data breach of your personal information is minimal by design.
9. Changes to This Policy
We may update this Privacy Policy as the service evolves. Material changes will be communicated via the application's "What's New" modal. Continued use of Butler AI following such notice constitutes acceptance of the revised policy.
10. Contact
Questions regarding this Privacy Policy may be directed to privacy@butler.dev or via our Contact page. Butler endeavours to respond within two business days.