Skip to main content
DisharooDisharoo

Disharoo Privacy Policy

Effective Date: 9 June 2026 | Last Updated: 9 June 2026

Disharoo ("we", "us", or "our") is committed to protecting your personal information. This Privacy Policy explains what information we collect, how we use it, who we share it with, and your rights under the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By using the Disharoo app, you agree to the collection and use of information as described in this policy.

1. Who We Are

Disharoo (ABN 32 977 262 679) is a sole trader business based in Victoria, Australia.

Contact: hello@disharoo.com.au

For privacy-related enquiries, please email us and we will respond within 30 days.

2. What Information We Collect

2.1 Information You Provide

  • Name and email address (when you create an account)
  • Ingredients you enter to generate recipes
  • Recipes you save, create, or share
  • Photos you upload of meals or recipes
  • Dietary preferences or restrictions you choose to enter
  • Payment information (processed by Paddle — we do not store card details)

2.2 Information Collected Automatically

  • App usage data (features used, session duration, crash reports)
  • Device type, operating system, and browser type
  • IP address and approximate location (country/state level)
  • Analytics data to improve app performance

2.3 Information from Third Parties

If you sign in via a third-party service (e.g. Google), we receive your name and email address from that provider.

3. How We Use Your Information

We use your personal information to:

  • Provide and personalise the Disharoo service (including generating recipes from your ingredients)
  • Process your subscription and payments via Paddle
  • Improve and develop app features based on usage patterns
  • Send you transactional emails (account confirmation, password reset, receipts)
  • Respond to your support requests
  • Detect and prevent fraud, abuse, or security incidents
  • Comply with legal obligations

We will not use your information for purposes incompatible with the above without your consent.

4. AI-Powered Recipe Generation

Disharoo uses artificial intelligence to generate recipes from the ingredients you provide. When you submit ingredients or recipe prompts, this information is sent to third-party AI providers (currently OpenAI and Google Gemini Flash, both based in the United States) to generate recipe suggestions.

What this means for you:

  • The ingredients and prompts you enter are transmitted to AI provider servers (OpenAI and/or Google) for processing
  • We do not send your name, email, or account details to these providers — only the recipe-related content you input
  • OpenAI's data handling is governed by their own privacy policy and data processing agreements
  • Google's data handling is governed by Google's privacy policy and their AI/Gemini API terms
  • We have entered into data processing terms with these providers to minimise data retention on their end

If you have concerns about AI processing, you may contact us to discuss alternative options.

5. How We Share Your Information

5.1 Service Providers

We share information with trusted third-party providers who help us operate the app:

  • Supabase (database and authentication — hosted on AWS, Tokyo, Japan)
  • Paddle (payment processing — United Kingdom / United States)
  • OpenAI (AI recipe generation — United States)
  • Google (Gemini Flash AI recipe generation — United States)
  • Sentry or similar (error monitoring — United States)

All providers are bound by data processing agreements and are required to protect your information.

5.2 Social Sharing Features

If you choose to share a recipe or photo publicly within Disharoo, that content will be visible to other users. You can manage your shared content from your profile at any time.

5.3 Legal Requirements

We may disclose your information if required to do so by law, court order, or government authority, or to protect the rights and safety of our users.

5.4 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

6. International Data Transfers

Disharoo is based in Australia, but we use service providers located in Japan, the United States, and the United Kingdom. By using our app, your information may be transferred to and processed in these countries, which may have different privacy laws to Australia.

We take steps to ensure that overseas recipients handle your information in a manner consistent with the Australian Privacy Principles, including through contractual data protection obligations.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide our services. Specifically:

  • Account data: retained until you delete your account
  • Recipe and photo content: deleted within 30 days of account deletion
  • Payment records: retained for 7 years to meet financial record-keeping obligations
  • Usage/analytics data: retained in aggregated, de-identified form for up to 3 years

When you delete your account, we will delete or de-identify your personal information within 30 days, unless we are required to retain it by law.

8. Your Rights

Under the Australian Privacy Principles, you have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate, incomplete, or out-of-date information
  • Request deletion of your account and personal data
  • Opt out of direct marketing communications
  • Make a complaint about how we have handled your information

To exercise any of these rights, email us at hello@disharoo.com.au. We will respond within 30 days.

You can also delete your account directly within the app under Settings > Account > Delete Account.

9. Cookies and Tracking

As a Progressive Web App (PWA), Disharoo uses browser storage (local storage and session storage) to keep you logged in and remember your preferences. We do not use third-party advertising cookies.

We may use analytics tools to understand how the app is used in aggregate. This data is not used to identify you personally.

10. Children's Privacy

Disharoo is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

11. Security

We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification, or disclosure. Our security measures include:

  • Encryption of data in transit (TLS/HTTPS)
  • Encryption of data at rest (AES-256 via Supabase/AWS)
  • Row-level security on our database to ensure users can only access their own data
  • Regular security reviews

No method of transmission over the internet is 100% secure. If you believe your account security has been compromised, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you via email or an in-app notification at least 14 days before the changes take effect. Continued use of the app after that date constitutes acceptance of the updated policy.

The current version of this policy is always available within the app and at disharoo.com.au/privacy.

13. Complaints

If you are not satisfied with how we have handled your personal information, you may make a complaint to:

Office of the Australian Information Commissioner (OAIC)
Website: www.oaic.gov.au
Phone: 1300 363 992
Post: GPO Box 5218, Sydney NSW 2001

We encourage you to contact us first at hello@disharoo.com.au so we can attempt to resolve your concern directly.

© 2026 Disharoo. All rights reserved.