Effective date: May 22, 2026 Last updated: May 22, 2026
This Privacy Policy explains how Tim Johansson (“we”, “us”, “our”) collects, uses, and protects information when you use the Gott mobile application (the “App”). Gott is an iOS app for creating and sharing grocery lists.
We are committed to protecting your privacy and complying with the EU General Data Protection Regulation (GDPR) and Swedish data protection law.
The data controller responsible for your personal data is:
Tim Johansson Sweden Email: tim.johansson5@gmail.com
We collect only the information that is necessary to provide the App’s functionality.
Local-only use (guest mode). You can use the App without creating an account. In guest mode, your lists, items, and other content are stored only on your device, and we do not transmit that content to our servers. If you later choose to create an account, you can opt to migrate your existing local lists to your account; until you do so, no list content leaves your device.
Account information. When you sign in to Gott, we store an account identifier and, depending on the sign-in method you choose, your email address and display name. You may also choose to add a profile picture.
List and item content. We store the grocery lists, items, quantities, notes, categories, check states, and other content you create or share within the App.
Collaboration data. When you share a list with another user, we store information about which users have access to which lists and the actions taken on shared content (for example, items added or checked off) so that collaborators can see updates.
Activity data. We may store basic activity counters (such as the number of items checked off) to display statistics to you in the App.
Push notification tokens. If you allow notifications, we store a device push token (provided by Apple Push Notification service, APNs) so that we can deliver notifications to your device. We also store the APNs environment associated with that token (sandbox or production) so that notifications are routed correctly.
Photos and camera input. With your permission, you can take a photo or select an existing image of a recipe so the App can extract ingredients. The text recognition runs entirely on your device using Apple’s Vision framework. Recipe photos are not uploaded to our servers or to any third party, and the App does not retain them after the ingredients have been extracted.
Voice input. With your permission, you can dictate items by voice. Voice recognition is performed by Apple’s Speech framework, which may transmit short audio snippets to Apple for processing in accordance with Apple’s own privacy policy. We do not receive, store, or otherwise process your voice data ourselves.
On-device processing. Grocery item categorization and recipe ingredient extraction are performed entirely on your device using Apple’s on-device machine learning frameworks (Vision and Foundation Models). The contents of your lists and recipes are not sent to any third-party AI service for these features.
Crash, error, and performance diagnostics. To keep the App stable and secure, we use Sentry to collect automatic crash reports, error events, and aggregate performance data. These reports may include device type, operating system version, app version, language, locale, a non-persistent installation identifier, stack traces, breadcrumbs of recent in-app actions, and limited contextual data about the error. We have configured Sentry to minimize personal data; we do not deliberately attach your name, email, or list contents to crash reports. We use this data to diagnose and fix issues, and to monitor App performance trends in aggregate (analytics) so that we can prioritize improvements. We do not use Sentry data for advertising or to track you across other apps or websites.
Other technical data. We may also collect basic technical information such as device type, operating system version, app version, and language to keep the App stable and secure. We do not use this information to identify you personally.
We do not collect special category data (such as health, biometric, or financial data), and we do not knowingly collect data from children under 13.
We use your information to:
The legal bases under GDPR for these activities are: performance of a contract (Article 6(1)(b)), our legitimate interests in operating, securing, and improving the App (Article 6(1)(f)), your consent where required (Article 6(1)(a)), and compliance with legal obligations (Article 6(1)(c)).
We use the following third-party service providers, who act as data processors / sub-processors on our behalf:
We do not sell your personal data, and we do not share it with third parties for advertising purposes. We share data with service providers only to the extent necessary to operate the App, and we require them to safeguard your data.
Your data may be processed in countries outside the European Economic Area (for example, Sentry and Supabase may process data in the United States). Where this happens, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses.
We retain your data for as long as your account is active or as needed to provide the App. Crash and error reports collected via Sentry are retained for a limited period (typically up to 90 days) before being automatically deleted. You can request deletion of your account and associated data at any time by contacting us at tim.johansson5@gmail.com. After deletion, residual copies may remain in backups for a limited period before they are overwritten.
If you are located in the EU/EEA, you have the right to:
You may exercise any of these rights by emailing tim.johansson5@gmail.com. You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY).
We use industry-standard measures to protect your data, including encryption in transit (HTTPS/TLS), encrypted storage at rest provided by Supabase, and access controls. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Gott is not directed to children under 13, and we do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us so we can delete it.
We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date at the top of this document and, where appropriate, notify you through the App.
If you have any questions about this Privacy Policy or how we handle your data, contact us at:
Tim Johansson Email: tim.johansson5@gmail.com