Food @ Home legal
Privacy Policy
How Food @ Home collects, uses, stores, and protects personal information.
- Effective date
- May 10, 2026
- Version
- privacy-2026-05-10
Privacy Policy
Food @ Home, Inc. • Last Updated: May 10, 2026
Also see our Terms of Service.
Table of Contents
A. Information We Collect
B. Location & Address Data
C. Data Sharing Transparency
D. Transaction & Payment Security
E. Data Retention & Deletion
F. Security Standards
G. Cookie Disclosure
H. Your Rights
I. Device, IP & Security Logging
J. Account Security Responsibilities
K. Child Safety & Minors Restriction
L. Privacy Rights Disclosure
A. Information We Collect
We collect the following categories of personally identifiable information (PII) to operate the platform:
Names: First and last name, collected at account registration and stored on your user profile.
Email Addresses: Collected at registration and used for account access, order notifications, and platform communications.
Phone Numbers: Collected optionally for meetup coordination between Chefs and Customers during active orders.
Physical Addresses: Chef kitchen and pickup addresses are collected for marketplace listings, tax calculations, and order fulfillment. Customer pickup/meetup contact details are collected per-order.
Government ID: Identity verification for Chefs is processed via Stripe Identity. Government ID images and biometric data are handled exclusively by Stripe and are NOT stored on Food @ Home servers.
Payment Information: No raw card or banking data is stored by Food @ Home. Only Stripe-issued reference IDs are retained for order reconciliation.
B. Location & Address Data
Chef addresses and kitchen locations are stored securely and are never displayed publicly in full — only the city, state, and ZIP code are shown on public profiles.
A Chef's full street address is only revealed to a confirmed Customer after payment succeeds AND the order is accepted by the Chef, and only for the purpose of pickup fulfillment.
Address data is shared between Chef and Customer ONLY during an active order. Once an order is completed or cancelled, full address details are redacted from the customer-facing view.
ZIP codes are used for local discovery, tax rate calculations, and search ranking. They are not shared with third parties for advertising.
C. Data Sharing Transparency
We are transparent about exactly who we share data with and why:
We do NOT sell, rent, or trade your personal data to advertisers or data brokers.
Stripe (stripe.com): We share order totals, customer email, and Chef account IDs with Stripe to process payments, issue payouts, and conduct identity verification. Stripe's privacy policy governs their data handling.
Google Maps: When a user taps a pickup address link, the address string is sent to Google Maps via a standard URL query to open navigation. Google's privacy policy governs their data handling.
Legal Disclosure: We may disclose personal data if required by law, court order, subpoena, or to protect the rights, safety, and property of users or the platform.
Fraud Investigations: In the event of suspected fraud, chargeback abuse, financial crimes, or platform policy violations, we may share relevant account data, transaction records, and communications with payment processors, financial institutions, law enforcement agencies, or legal counsel as necessary to investigate and remedy the matter.
Aggregated, anonymized data (e.g., trending cuisines by region) may be used internally for product improvement and is never linked to individual users.
D. Transaction & Payment Security
Food @ Home does not store, access, or transmit full credit card numbers or banking credentials at any point.
All payment processing is handled exclusively through Stripe's PCI-DSS Level 1 compliant, end-to-end encrypted infrastructure.
Food @ Home stores only non-sensitive payment references (e.g., Stripe PaymentIntent IDs) for order reconciliation.
Stripe Connect is used to facilitate payouts to Chefs. Chef banking details are stored and managed by Stripe, not Food @ Home.
The 6-digit Verification PIN is generated per-order, single-use, and never reused or stored after fulfillment.
E. Data Retention & Deletion
You have the right to request access to or deletion of your personal data at any time.
To submit a Data Access Request or Account Deletion Request, email us at: support@foodathome.co — include your registered email address and the nature of your request.
We will respond to all requests within 30 days.
Upon account deletion, your profile, order history display, and personal details will be removed from active systems.
Transaction records, tax data, and financial records will be retained as required by applicable state and federal law (typically 7 years) even after account deletion. This data is held in secure, access-restricted archives solely for legal and accounting compliance.
Order records may also be retained if they are subject to an open dispute, chargeback, or legal hold.
Data associated with accounts terminated for fraud, payment abuse, prohibited items violations, or criminal conduct may be retained indefinitely for legal defense, regulatory compliance, and law enforcement cooperation purposes.
Submit a Data Access / Deletion Request — support@foodathome.co
F. Security Standards
All data transmitted between your browser and Food @ Home is encrypted using SSL/TLS (HTTPS). We enforce HTTPS across the entire platform — unencrypted HTTP connections are not permitted.
Payment data is processed through Stripe's PCI-DSS Level 1 certified infrastructure, the highest level of PCI compliance available.
Sensitive Chef documents are stored in private, access-controlled file storage and are never publicly accessible.
Access to production data is restricted to authorized platform administrators only.
We conduct regular reviews of our security practices and update them in response to new threats and industry standards.
G. Cookie Disclosure
Food @ Home uses a minimal set of essential cookies and browser storage. We do not use advertising, tracking, or analytics cookies.
Session Cookies: Used to keep you logged in during your browser session. These expire when you close your browser or log out.
Authentication Tokens: Stored in secure browser storage to maintain your login state across sessions. Required for the platform to function.
Cart Storage: Your shopping cart is saved in your browser's localStorage so items persist if you navigate away or need to log in before completing checkout. Cart data is local to your device and is cleared after a successful order.
We do NOT use third-party advertising cookies, cross-site tracking pixels, or behavioral analytics cookies.
H. Your Rights
Access: You may request a copy of the personal data we hold about you.
Correction: You may update your name, email, or profile details at any time via the Settings page.
Deletion: You may request full account deletion by emailing support@foodathome.co. See Section E for retention rules that apply.
Portability: You may request an export of your order history and profile data in a standard format.
Chefs may deactivate their storefront and request data deletion, subject to legal hold requirements for financial records.
Customers may delete their account through the Settings page or by contacting support.
I. Device, IP & Security Logging
For platform security, fraud prevention, abuse detection, and operational integrity purposes, Food @ Home automatically collects certain technical information when you access or use the platform:
IP Address Logging: Your Internet Protocol (IP) address is logged at the time of account creation, login events, order placement, and other significant platform actions. IP logs are used to detect account sharing, fraudulent activity, geographic anomalies, and unauthorized access.
Device and Browser Information: We collect device type, operating system, browser type and version, and screen resolution for security profiling, fraud detection, and platform compatibility purposes.
Device & Browser Fingerprinting: We may employ device or browser fingerprinting technologies strictly to enhance security, detect fraudulent accounts, and prevent unauthorized access.
Session Activity Logs: Login timestamps, session durations, page navigation patterns, and interaction data are retained for abuse detection and platform security purposes.
Platform Abuse Detection: Automated systems monitor for patterns consistent with scraping, bot activity, fake account creation, review manipulation, payment fraud, and other prohibited conduct. Accounts triggering abuse detection systems may be suspended pending review.
Fraud Monitoring: Transaction patterns, account behaviors, and payment activities are continuously monitored by automated fraud detection systems. Anomalous activity may trigger holds, investigations, or account restrictions.
Investigation-Related Data Disclosure: When required for active fraud, safety, or legal investigations, we may disclose relevant technical and account data to financial institutions, security partners, or law enforcement.
These logs are retained for security and legal compliance purposes and are accessible only to authorized platform administrators and, where required, law enforcement agencies.
We do NOT use device or IP data for advertising, behavioral profiling for marketing purposes, or sale to third parties.
J. Account Security Responsibilities
You are solely responsible for maintaining the confidentiality and security of your Food @ Home account credentials. Specifically:
You are responsible for all activity that occurs under your account, whether or not you authorized it.
You must immediately notify Food @ Home at support@foodathome.co if you suspect unauthorized access to your account, a data breach, or any security incident.
You must not share your account credentials, verification PINs, or access tokens with any third party.
Food @ Home is not liable for any loss, damage, or harm resulting from your failure to maintain account security or from unauthorized access resulting from your own negligence.
Food @ Home may, in its sole discretion, suspend or restrict access to your account if it detects anomalous activity, security risks, or evidence of credential compromise, without prior notice.
You acknowledge that Food @ Home cannot guarantee absolute security of any online platform and that you assume the inherent risks of transacting online.
K. Child Safety & Minors Restriction
Users must be 18 years of age or older to use the Food @ Home platform.
The platform does not knowingly collect, process, or store personal data from minors under the age of 18.
Accounts may be immediately removed and associated data deleted if underage use is detected or reported.
L. Privacy Rights Disclosure
Users may have additional rights under applicable state privacy laws (including access, deletion, and correction rights depending on jurisdiction). Requests regarding these privacy rights can be submitted via support@foodathome.co.
For data requests or privacy questions, contact us at support@foodathome.co. Also see our Terms of Service.