Privacy policy

Last updated: April 2, 2026. This is an in-house draft intended for review before broad public launch. Children’s privacy (including COPPA) is addressed below; consult qualified counsel before relying on this text as final.

Who we are

Dinner Management is a meal-planning and household food-organizing service offered under the FLW Apps family of applications (for example at dinner.flwapps.com). The party responsible for processing personal data for your deployment is the operator of that deployment (self-hosted operator or the hosted service provider you use).

What we collect

• Account data: username, password (stored as a secure hash), optional email, role and capability flags, and session identifiers.
• Household and collaboration data: household membership, invites, recipes, menus, pantry/shopping data, notifications, support tickets you submit, and similar content you or your household enters.
• Technical data: standard server logs (such as IP address, user agent, timestamps, and request paths) where enabled by the operator; optional structured request logging configured via environment variables.
• Integrations: if you connect optional services (for example billing or backups), we process the data those integrations require as described in their respective flows and settings.

How we use information

We use the data above to run the service: authenticate you, scope data to your household, deliver features you request, troubleshoot issues, comply with law, and communicate about the service when appropriate.

Children and teen accounts (decision #12)

Household admins may create and manage logins for minors in the same household (“managed” accounts). If you are a parent or guardian, you are responsible for deciding whether a minor should have an account and for the activity that occurs under that account.

We treat COPPA and applicable U.S. state children’s privacy laws as in scope for this product. This draft is not legal advice. Before marketing widely to families or collecting personal information from children under 13 without verifiable parental consent as required by law, you should obtain attorney review and implement any required consent, notices, and data practices.

Sharing

We do not sell your personal information. We share data only as needed to operate the service: for example with subprocessors the operator chooses (hosting, email delivery, payment processors if billing is enabled), when required by law, or to protect rights and safety.

Retention and deletion

We keep information for as long as your account and household use the service and for a period afterward as described in our Terms of service. Target policy includes a grace period after deletion requests before permanent purge so accidental requests can be reversed; your operator’s support process describes current timelines. Deployers maintain detailed procedures in the project documentation.

Security

We use reasonable technical and organizational measures appropriate to the deployment (for example TLS in production, password hashing, tenant-scoped access checks). No method of transmission or storage is 100% secure.

Your choices

Depending on deployment, you may update profile fields in Settings, leave a household, or contact support for access, correction, export, or deletion requests. Self-service export formats may be limited; support can assist where available.

Changes

We may update this policy. We will adjust the “Last updated” date and, where appropriate, provide additional notice (for example in the app or by email).

Contact

Questions: use Support in the app (signed-in) or the contact channel your operator publishes.