MenuLens Privacy Policy

Last updated: 2026-02-01 · Effective: 2026-02-01

This Privacy Policy explains how MenuLens ("we", "us") collects, uses, and shares information when you use the MenuLens app and related services (the "Service"). MenuLens lets you photograph a restaurant menu and receive dish recognition, translation, and descriptions. We aim to keep data collection minimal and meaningful.

1. Information We Collect

  • Account information — when you sign in with Apple, we receive your name and email address. You may use Apple's "Hide My Email" private relay. An account is required to use core features such as menu recognition.
  • Menu photos — images you capture with the camera or select from your photo library for analysis. Images are compressed on your device before being sent for recognition.
  • Approximate location — only if you grant permission. We use it solely to derive a country-level region hint that improves translation; your precise GPS coordinates are not uploaded.
  • Voice input — when you use the in-conversation voice translation feature, audio is processed for speech recognition using Apple's Speech framework.
  • Dining preferences — taste and party-size preferences you set, stored on your device.
  • Subscription and entitlement status — derived from Apple App Store receipts and cached on your device.
  • Usage analytics — anonymized app-usage events tied to a per-installation identifier (Apple's identifierForVendor), not to your name.
  • Diagnostic and crash logs — aggregated, and do not include your menu photos.

2. How We Use Information

  • Recognize dishes from menu photos and provide translations and descriptions;
  • Personalize recommendations using your dining preferences and country-level region;
  • Process subscriptions and manage entitlements;
  • Diagnose technical issues and improve product reliability;
  • Comply with legal obligations.

3. Menu Photos & AI Processing

To recognize and translate a menu, the photo is compressed on your device and sent over an encrypted connection to our backend service. Our backend forwards the image and the accompanying text to a third-party AI model provider that performs the recognition, translation, and dish descriptions. Depending on routing, that provider may be located in mainland China or the United States (see "International Data Transfers").

Our servers do not store your menu photos or their contents. We retain only anonymized usage metadata — such as a request identifier, the model used, token counts, latency, and whether an image was included. Your menu sessions and the photos themselves are saved locally on your device and can be deleted by you at any time.

We do not use your photos to train AI models without your explicit, separate opt-in.

4. Data Sharing

We do not sell your personal information. We share data only with:

  • Third-party AI model providers that perform menu recognition, translation, and descriptions on our behalf;
  • Apple — for Sign in with Apple, receipt validation, and subscription management;
  • A self-hosted analytics service we operate, to understand aggregate, anonymized usage;
  • Public reference APIs (for example, currency-rate and encyclopedia services such as Wikipedia/Wikidata) queried to enrich dish details — these requests carry dish names, not your personal information.

Dish reference images may be loaded from public encyclopedias or external image search when you choose to open them.

5. Data Retention

  • Menu sessions, photos, dining preferences, and caches remain on your device until you delete them;
  • On our servers we keep only anonymized usage metadata; we do not retain your menu photos or their contents;
  • Subscription transaction records are retained as long as required by tax and accounting laws.

6. Your Rights & Choices

Subject to applicable law (including GDPR and CCPA where relevant), you may access, correct, delete, export, or object to the processing of your personal data.

  • Account deletion — deleting your account signs you out and revokes your server-side session. Because our servers do not retain your menu photos or their contents, there is minimal personal content stored server-side. To request erasure of any remaining account-associated records, contact us at the email below.
  • Analytics opt-out — to opt out of anonymized usage analytics, contact us and we will disable collection for your installation.

7. Children's Privacy

MenuLens is rated 4+ and is not directed to children under 13 (or the equivalent minimum age in your jurisdiction). If we learn that we have collected personal data from a child without verified parental consent, we will delete it promptly.

8. International Data Transfers

To provide recognition and translation, your menu images and text are processed by third-party AI providers that may be located in mainland China and the United States. Your data may therefore be processed in countries other than the one where you reside. When we transfer data internationally, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms recognized by your local law.

9. Security

We use industry-standard encryption in transit (HTTPS/TLS), store your sign-in credentials in the device Keychain, apply scoped access controls, and monitor for vulnerabilities. No system is perfectly secure — if you discover a vulnerability, please contact us responsibly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes will be highlighted in-app.

[email protected]