RationRefill logo RationRefill

Privacy Policy

Last updated: 30 May 2026

Plain English summary: RationRefill stores only the information needed to run the service — your email, username, and the food items you add. We don't sell your data, show you ads, or share your information with third parties. You can delete your account and all your data at any time.

1. Who We Are

RationRefill ("we", "us", "our") is a free food storage and expiry tracking service operated at rationrefill.com. If you have questions about this policy, contact us at support@rationrefill.com.

2. What Information We Collect

Account Information

When you register, we collect:

  • Username — chosen by you, used to identify your account
  • Email address — used for login, expiry alert emails, and account recovery
  • Password — stored as a secure one-way bcrypt hash; we never store or see your actual password
  • Account creation date — recorded automatically
  • Last login date — recorded each time you sign in

Inventory Data

The food items you enter are stored and linked to your account:

  • Item name, quantity, best-before date
  • Storage location and item type/category
  • Date the item was added

Preference Data

  • Your "expiring soon" threshold (default: 30 days)
  • Low stock threshold setting

Technical Data

  • Session cookies — temporary cookies that keep you logged in during a browser session. These expire when you close your browser or log out.
  • We do not use tracking cookies, analytics cookies, or advertising cookies.
  • We do not use Google Analytics, Facebook Pixel, or any third-party analytics.

3. How We Use Your Information

We use the information we collect to:

  • Operate your account and provide the food tracking service
  • Send you expiry alert emails (only when your items are nearing or past their best-before date)
  • Send a one-time welcome email when you register
  • Maintain the security and integrity of the service
  • Respond to your support requests

We do not use your data for advertising, profiling, or marketing beyond the transactional emails above.

4. Email Communications

We send two types of email:

  • Welcome email — sent once when you create your account
  • Expiry alerts — sent by our daily scheduled job to notify you of items expiring within your chosen threshold, or already expired

These emails are service-related and essential to the product. You can stop receiving expiry alerts by deleting all your items or deleting your account.

5. Data Sharing

We do not sell, rent, trade, or share your personal data with any third parties, except where required by law.

Your data is stored on our database server. No data is shared with analytics providers, advertising networks, or data brokers.

6. Data Retention

  • Your account data and inventory items are retained for as long as your account exists.
  • When you delete your account, all associated data — including your items, locations, types, and settings — is permanently deleted.
  • Email logs (tracking which emails were sent) are retained for operational monitoring purposes.

7. Security

We take reasonable steps to protect your data:

  • Passwords are hashed using bcrypt (PHP PASSWORD_DEFAULT) — never stored in plain text
  • All forms are protected with CSRF tokens to prevent cross-site request forgery
  • All database queries use prepared statements to prevent SQL injection
  • Login attempts are throttled to prevent brute-force attacks
  • Sessions are regenerated on login to prevent session fixation

No method of transmission over the internet is 100% secure. We encourage you to use a strong, unique password for your account.

8. Your Rights

You have the right to:

  • Access your data — all your data is visible in your dashboard and settings
  • Correct your data — update your username, email, and items at any time via Settings
  • Delete your data — delete individual items from your dashboard, or contact us to delete your entire account
  • Portability — contact us if you need an export of your data

If you are located in the European Union, you may also have rights under the GDPR. To exercise any of these rights, email us at support@rationrefill.com.

9. Children's Privacy

RationRefill is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of the service after changes constitutes acceptance of the revised policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy or how we handle your data, please contact us: