Privacy Policy – Nemu
Last updated: 18/02/2026
This Privacy Policy describes how personal data of users of the Nemu application is processed.
1. Data Controller
Leonardo Pignataro
Email: rebyc.dev@gmail.com
Country: Italy
2. Service Overview
Nemu is an app designed to manage weekly meal planning, recipes, and grocery shopping lists.
The app can be used in two modes:
Local mode (without login)
All data remains exclusively on the user’s device.
Optional cloud mode (with login)
Some synchronization and collaboration features use Firebase services.
3. Types of Data Processed
3.1 Local Mode (No Login)
In local mode, all data entered by the user (menus, recipes, shopping lists, settings) is stored exclusively on the user’s device.
No data is transmitted to external servers.
3.2 Optional Cloud Mode (With Login)
If the user enables cloud features, the following data may be processed:
Account data (e.g. email, user identifier)
Application data (menus, recipes, shopping lists, groups, invitation codes, cloud settings)
Technical data required for service operation
3.3 Automatic Technical Data
When cloud features are used, certain technical data may be processed automatically, such as:
IP address
Device identifiers
Access and security logs
Diagnostic and error data (if present)
These data are processed only to ensure security, maintenance, and proper operation of the service.
4. Purpose of Processing
Data are processed exclusively to:
enable the functioning of the app
user authentication (if required)
data synchronization between devices and groups
collaborative group management
security and abuse prevention
technical maintenance of the service
Nemu does not use user data for advertising or commercial profiling purposes.
5. Legal Basis (GDPR)
Processing is based on:
performance of a service requested by the user (Art. 6(1)(b) GDPR)
compliance with legal obligations where applicable (Art. 6(1)(c) GDPR)
legitimate interest in ensuring service security and technical continuity (Art. 6(1)(f) GDPR)
6. Data Sharing and Third Parties
Nemu:
does not sell personal data
does not use advertising networks
does not perform commercial profiling
If cloud features are enabled, data may be processed through Google Firebase services (Authentication, Firestore, Cloud Functions), acting as Data Processor under Article 28 GDPR.
7. Data Retention
Local data
Remain on the device until the app is uninstalled or data are manually deleted.
Cloud data
Stored as long as the account or cloud functionality remains active, unless deletion is requested.
If the account is deleted, associated cloud data will be removed within a technically reasonable timeframe necessary to complete system deletion.
8. Security
Appropriate technical and organizational measures are adopted to protect data against unauthorized access, loss, destruction, or alteration, including application security rules and access controls for cloud data.
9. International Data Transfers
The use of cloud infrastructure may involve processing data outside the European Economic Area.
In such cases, appropriate safeguards are applied in accordance with applicable regulations, including Standard Contractual Clauses where applicable.
10. User Rights
Users may exercise the rights provided by Regulation (EU) 2016/679 (GDPR), including:
right of access
rectification
erasure
restriction of processing
objection where applicable
data portability where applicable
To exercise these rights:
Email: rebyc.dev@gmail.com
Users also have the right to lodge a complaint with the Data Protection Authority.
11. Children
The app is not designed to intentionally collect data from minors without parental involvement.
12. Changes to this Privacy Policy
This Privacy Policy may be updated over time.
Any changes will be published on this page.
13. Contact
For any privacy-related requests:
Email: rebyc.dev@gmail.com
Developer: Leonardo Pignataro
Country: Italy