Privacy Policy

Last updated: March 20, 2026

1. Information We Collect

When you use WhatToBuy.app, we collect the following information:

  • Account information: Email address when you sign up.
  • Profile information: Display name, gender, date of birth, location, family members, and preferred stores — only what you choose to provide.
  • Search queries: The prompts you enter to generate shopping carts.
  • Usage data: Pages visited, features used, and general interaction patterns to improve the service.

2. How We Use Your Information

  • To generate personalized shopping cart recommendations tailored to your situation.
  • To improve the accuracy and relevance of product suggestions over time.
  • To save and retrieve your past carts.
  • To communicate service updates or respond to inquiries.
  • We do not sell your personal data to third parties.

3. Third-Party Services

We use the following third-party services to operate the app:

  • Supabase — authentication and data storage.
  • Anthropic Claude — AI model used to parse your prompts and generate gear lists.
  • Serper.dev — Google Shopping search results for product data.
  • Vercel — frontend hosting and analytics.

Each of these services has its own privacy policy. Your prompts may be processed by Anthropic’s API in accordance with their terms.

4. Data Retention

We retain your account and profile data for as long as your account is active. Search queries and generated carts are stored to allow you to revisit past results. You may request deletion of your account and associated data at any time by contacting us.

5. Cookies

We use cookies solely for authentication (to keep you signed in). We do not use advertising or tracking cookies.

6. Your Rights

You have the right to access, correct, or delete your personal data at any time. To exercise these rights or ask questions about your data, contact us at reach.whatshouldi@gmail.com.

7. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Continued use of the service after changes constitutes acceptance of the updated policy.