This is the privacy notice for Super. It tells you what we collect, why, where it lives, how long we keep it, and your rights. It also describes optional cloud AI, subscriptions and advertising we may introduce in future and how we'd handle your data then. See also the Terms of Use and EULA.
Who we are
the Super app (shared shopping lists) is operated by chaimagal, Modiin, Israel. We are the data controller.
What we collect
Super is a shared-list app, so some items become visible to people you invite.
| Category | Who can see it |
|---|---|
| Your email and handle | You, and anyone on a list you participate in (handle visible; email used for invite lookup) |
| Avatar photo | Same |
| List name, photo, pin state | All participants of that list |
| Items (name, category, count, checked state, favourite, price, photo) | All participants of that list |
| Who added an item | All participants (via items.user_id) |
| Purchase status | You only — store receipt, product ID, subscription state (if you buy anything) |
Not shared: your other lists, items in other lists, sign-in activity, device settings, anything from other apps.
Sharing model
A list has one owner (the creator) and zero or more members. The owner renames, pins, deletes, invites and removes. Members add, check, edit and delete items, and can leave. Enforced by RLS at the database.
Invites
Invites go by handle or email. The server resolves to a user id via our user-profile table. Unknown identifiers return "not found" without revealing whether an account exists. Rate-limited to prevent enumeration.
AI and data processing
Today, Smart Add parses pasted text into items using a small model that runs on your phone. The insights recap is also on-device. Nothing about these prompts or outputs is sent to us or to any third party.
We may add cloud-based AI features in future — for example, a larger model that understands longer recipes, a shared meal-planner, or voice dictation on underpowered devices. Before enabling any cloud AI feature, this section will name the cloud AI provider, the region it runs in, what we send, what is retained (we will contractually require no training on your content), and how to turn the feature off in Settings.
Where your data lives
Supabase (EU) Postgres + object storage. Photos compressed on your phone (target 50 KB, cap 100 KB) with EXIF stripped. TLS in transit, encryption at rest.
Sharing and third parties
We share data with service providers (processors) only as needed to run the features you use. We do not sell your data, and we do not use it to train AI models without your explicit, granular opt-in.
Processors used today:
- Supabase (Ireland / EU) — hosting, authentication, database, object storage.
- Apple and Google — distribution and store purchases.
Processor categories we may engage in future (each named here before it is enabled): cloud AI inference providers; crash reporting and product analytics; advertising networks and consent-management platforms; customer-support tooling; push notification gateways.
Subscriptions and payments
Super is free to install. If we introduce paid features or a subscription (for example, a household plan, unlimited shared lists, or AI features), purchases are processed exclusively through the App Store or Google Play. We never see or store card or bank details. Subscriptions auto-renew under the store's terms; cancel in your Apple ID or Google account. Statutory withdrawal and cancellation rights (EU 14-day, UK, Israel, California ARL, Australia ACL) are not affected.
Advertising
Super does not show advertising today. If we introduce advertising — for example, a sponsored-items placement inside shopping mode — this section will identify the ad partners, describe targeting, and document the data they receive.
Regardless of future changes: we will not knowingly advertise to users under 16; we will not permit targeting based on sensitive categories (religion, political views, sexual orientation, health) derivable from your shopping items; non-essential ad tracking will be opt-in in the EU/EEA/UK/Brazil; a "Do Not Sell or Share" control will be available to California and similar-state users.
International transfers
Account and list data are stored in the European Union. Transfers outside the EU (for example, to a US-based cloud AI provider) are covered by an adequacy decision where one applies, or by the European Commission's Standard Contractual Clauses with a transfer impact assessment and supplementary measures.
Retention and deletion
Items and lists are deletable at any time. Leaving a list removes your participant row; the list continues for everyone else. Account deletion removes your owned lists (with all items and participants), your profile, and your purchase history within 30 days. Backups containing your data roll off on their own lifecycle (up to 35 days).
Your rights
GDPR, UK GDPR, CCPA/CPRA, Israeli Protection of Privacy Law, LGPD, PIPEDA and similar laws grant access, correction, export, deletion, restriction, objection and consent-withdrawal rights. Items you added to someone else's list remain there until the owner or you delete the item itself. Contact support@chaimagal.com; we respond within 30 days (extendable to 60 with notice).
Children
Not directed at children under 13. We do not serve advertising to minors.
Security and changes
TLS, short-lived tokens, RLS, encryption at rest. 72-hour breach notification to the supervisory authority where required.
Material changes — including enabling cloud AI, introducing subscriptions, or introducing advertising — update the date at the top and are notified in-app and by email at least 30 days before taking effect.