Effective date: TBD (set on publication) Last updated: 2026-05-17 Status: DRAFT — pending review by external counsel
This Privacy Policy explains how Paper Plane LLC ("Paper Plane", "we", "us", or "our"), a Puerto Rico limited liability company, collects, uses, shares, and protects personal information when you use the OMI mobile applications, the OMI smart-kitchen hub, and the related backend service (collectively, the "Service").
If you are reading this in Spanish, see Aviso de Privacidad, which is the controlling Spanish-language version for residents of Puerto Rico, Mexico, and other Spanish-speaking jurisdictions.
| Legal entity | Paper Plane LLC |
| Jurisdiction of organization | Commonwealth of Puerto Rico, United States |
| Registered date | 2026-04-27 |
| DUNS | obtained |
| Privacy contact | support@paperplanellc.com |
| Postal contact | Paper Plane LLC, c/o registered agent (Puerto Rico) |
For users in the European Economic Area, the United Kingdom, or Switzerland, Paper Plane LLC is the data controller and may be contacted at the same address.
We collect only what the Service needs to function. We do not sell personal information, and we do not use personal information for cross-context behavioral advertising.
| Category | Examples | Source |
|---|---|---|
| Account identifiers | Email address, display name, password hash, household name | You, at sign-up |
| Household relationships | Household member roles, invitation tokens you redeem | You + invited members |
| Photos | Photos of groceries, receipts, and pantry items you choose to scan | You, during a scan |
| Recipe + pantry content | Item names, expiration dates, quantities, shopping lists, recipes you save | You, while using the app |
| Communications | Messages you send to support@paperplanellc.com, feedback you submit in-app | You |
| Category | Examples | Purpose |
|---|---|---|
| Device + diagnostic data | Crash stack traces, performance traces, app version, OS version | Diagnose crashes, measure performance regressions |
| Approximate location for weather context | Used on-device only; not transmitted to or stored on our servers | Display local weather context next to pantry scans |
| Push notification endpoints | Apple APNs / Google FCM tokens; web push endpoints when applicable | Deliver pantry alerts and account notifications |
| Audit metadata | Actor identifier, action, timestamp, target resource | Security forensics and DSR fulfillment evidence |
We do not use cookies for advertising. We do not include any advertising SDK.
We use personal information to:
| Purpose | Legal basis |
|---|---|
| Account provisioning, sync, recipe generation | Article 6(1)(b) — contract performance |
| Product identification photos sent to AI sub-processors | Article 6(1)(b) — contract performance |
| Diagnostics + crash reporting | Article 6(1)(f) — legitimate interest in service quality |
| Audit logs | Article 6(1)(c) — legal obligation |
| ML-training opt-in | Article 6(1)(a) — explicit consent, withdrawable at any time |
We share personal information only with the categories of recipients listed here and only as needed to deliver the Service.
| Sub-processor | Role | Data shared | Region |
|---|---|---|---|
| Railway | Application hosting + PostgreSQL + image storage | All application data | United States |
| Anthropic, PBC | Claude API for product identification + recipe generation | Scan photos + prompt content (no persistent user identifier) | United States |
| OpenAI, L.L.C. | GPT-4o for vision and language, Whisper for transcription, TTS | Scan photos + voice transcript fragments | United States |
| Functional Software, Inc. (Sentry) | Crash + performance reporting | Stack traces + performance traces (no user identifier attached) | United States |
| Apple Push Notification service | iOS push delivery | Push tokens + notification payload | United States |
| Google Firebase Cloud Messaging | Android push delivery | Push tokens + notification payload | United States |
| Transactional email provider (TBD) | Verification, password reset, account notifications | Email address + transactional content | TBD |
We have a Data Processing Agreement (or equivalent) with each sub-processor, or we are in the process of executing one before the Service launches publicly.
We disclose personal information when we have a good-faith belief that the law requires it, when we need to defend our rights, or when we need to protect the safety of users or the public. We do not voluntarily disclose data to law enforcement without a valid legal process.
Our servers and sub-processors are based primarily in the United States. When we transfer personal information of users in the European Economic Area, the United Kingdom, Switzerland, or other jurisdictions with cross-border-transfer restrictions, we rely on the European Commission's Standard Contractual Clauses (or the equivalent UK or Swiss mechanism) and on additional safeguards documented in our internal Records of Processing Activities.
| Data class | Retention |
|---|---|
| Active account data | While the account is active |
| Account, after you request deletion | Soft-deleted on request, hard-deleted after a 30-day grace period |
| Audit logs | 24 months |
| Step-up authentication logs | 12 months |
| AI usage counters | 18 months (then aggregated, no per-user attribution retained) |
| Confirmed product-scan photos | 365 days |
| Unconfirmed product-scan photos | 90 days |
| Crash + performance traces | Per the active Sentry plan default (30-90 days) |
Active legal holds (regulatory inquiry, dispute) override deletion until the hold is lifted.
Regardless of where you live, you may request:
Send requests to support@paperplanellc.com with "DSR" in the subject line, or use Settings → Privacy in the app. We acknowledge within 48 hours and fulfill within 21 days, subject to identity verification.
In addition to the rights above, California residents have:
You have the right to lodge a complaint with your local supervisory authority. We will cooperate fully with any such authority.
See the Aviso de Privacidad for the Spanish-language explanation of Acceso, Rectificación, Cancelación, and Oposición.
The Service is not directed to children under 13 (or under 16 in the EEA). We do not knowingly collect personal information from children. If you believe we have collected information from a child, contact support@paperplanellc.com and we will delete it.
We use industry-standard measures to protect personal information, including:
No system is perfectly secure. If we discover a breach affecting your personal information, we will notify you and the appropriate regulator within the timeframes required by applicable law (typically 72 hours under the GDPR, without unreasonable delay under U.S. state laws).
OMI uses third-party AI services to identify products from photos and to generate recipes. AI output can be wrong. Always confirm allergens, ingredients, weights, and dietary information before consuming food prepared based on OMI recommendations. OMI is not a substitute for professional nutritional or medical advice. See the in-app disclaimer and the Terms of Service for further detail.
We will update this Policy when our practices change or when the law requires. Material changes will be announced at least 14 days before they take effect, in-app and at the email address on file. The "Last updated" date at the top of this document always reflects the current version.
Paper Plane LLC Privacy contact: support@paperplanellc.com Postal: c/o registered agent, Puerto Rico (address on file with the PR Department of State)
This document is a working draft prepared by the OMI iOS engineering team for review by external counsel. It is not yet effective and must not be relied on by any user until publication.