Privacy Policy

Effective: June 27, 2026  ·  Last updated: June 27, 2026

What this app is

Galbreath Kitchen is a personal meal-planning and household-management application operated by Christopher Galbreath for his own household use. It is not a commercial service. It has a single intended user. It is not offered to the public.

This privacy policy describes how the application handles data, primarily to satisfy third-party integration requirements (such as the Oura Cloud API) and to document the application's data-handling practices for the operator's own records.

Who this policy applies to

This policy applies to the single user of the application — currently Christopher Galbreath. The application is not used by third parties, customers, employees, or members of the public.

If access is ever extended to additional users, this policy will be updated and revised consent will be obtained.

What data the application stores

The application stores the following categories of data, all on infrastructure controlled solely by the operator:

• Profile information the user enters directly: name, preferences, dietary notes, household details
• Daily logs the user enters: meals, water intake, weight, exercise
• Recipes the user creates, edits, or generates with AI assistance
• Health-related information the user voluntarily enters, when the optional Health pillar is enabled: medical conditions, medications, health goals
• Third-party integration data when connected, including but not limited to Oura Ring data (sleep, activity, readiness, recovery, heart-rate-adjacent, oxygen-saturation, and other wellness measurements)
• OAuth credentials for third-party integrations, encrypted at rest using AES-256-GCM

Where data is stored

All application data is stored in a PostgreSQL database hosted on Railway, a cloud infrastructure provider. The database is accessible only to the operator. Application access is gated by Cloudflare Access authentication.

How data is used

Data is used solely to provide application functionality to the single user. Specifically:

• Meal-planning recommendations
• Daily and weekly summary views
• AI-assisted recipe generation (which sends user-supplied recipe descriptions to Anthropic's Claude API)
• Aggregated views of personal health and activity context

Data is not used for advertising, profiling, marketing, or sale to third parties. The application does not contain advertising. The application does not track users across other services or websites.

What data is shared with third parties

The following third-party services receive limited data in the course of normal application operation:

• Anthropic Claude API — receives the text of recipe descriptions the user enters when requesting AI-generated recipes, and weekly review summaries when requested. Does not receive Oura data, health information, or other profile data unless the user explicitly includes it in a prompt.
• Oura Cloud API — when the user connects their Oura Ring, the application exchanges OAuth credentials with Oura and reads health-and-activity data from Oura's servers. Data flows from Oura to the application, not the reverse.
• Railway — hosts the application and database infrastructure.
• Cloudflare — provides authentication and edge-network services.

Data is not sold. Data is not licensed. Data is not used for cross-context advertising.

Encryption

• OAuth tokens for third-party integrations (such as Oura) are encrypted at the application layer using AES-256-GCM before being written to the database.
• Other application data (recipes, daily logs, Oura sync results, profile information) is stored as application JSON. It is protected by the application's authentication boundary, the cloud provider's at-rest disk encryption, and database access controls. It is not field-by-field encrypted at the application layer.

Data retention

Data is retained for as long as the user finds it useful. The user controls retention through in-app tools, including:

• Deletion of individual logs, recipes, and notes
• "Export all data as JSON" for backup
• "Delete stored Oura data" for clearing third-party-integration data
• "Disconnect" for revoking third-party access

If the application is decommissioned, the underlying database and all data within it will be deleted.

User rights

As the single user is also the operator, all data-subject rights are exercised directly through application controls and database access. There is no separate request process.

Children

The application is not intended for or used by children under 13.

Changes to this policy

If the policy is updated, the "Last updated" date at the top of this document will change. For substantive changes that affect data handling, the application will require renewed consent before continuing to use any affected integration.

Contact

For questions about this policy: cagalbreath@gmail.com (or the contact email registered with the application).

---