Privacy Policy
Effective March 17, 2026 — Last updated May 7, 2026
This Privacy Policy describes how Prophit Technologies LLC, doing business as Prophitable ("Prophitable," "we," "us," or "our"), collects, uses, shares, and protects your personal information when you use our website, web application, and related services.
By using Prophitable, you agree to the collection and use of information as described below.
What We Collect
Information You Provide
-
Account information Your name, email address, and password (or Google profile info if you sign up with Google).
-
Organization information Company name, address, phone number, and logo (provided during onboarding).
-
Business data Everything you enter into Prophitable: ingredients, recipes, products, orders, costs, staff, customers, suppliers, and inventory. This data is yours. We process it to provide the service, but we don't own it. See "Your Data" below.
-
Payment information Collected and processed by Stripe. We never see or store your credit card number. We only receive your subscription status and billing dates.
Information Collected Automatically
-
Server logs Our hosting provider (Vercel) collects standard log data: IP address, browser type, and timestamps. Retained for up to 30 days.
-
Session cookie A single essential cookie from Supabase Auth keeps you logged in. Not used for tracking.
-
Feature flags LaunchDarkly receives anonymous data (your plan tier, not your name or email) to manage feature availability.
-
Meta Pixel (marketing site only) When you visit prophitable.io (for example, after clicking a paid ad on Facebook or Instagram), the Meta Pixel records the pageview and any subsequent free-trial signup. That's how we know which ad creative drove the visit. The pixel sets two cookies (_fbp and, if you arrived from a Meta ad, _fbc) and runs only on the marketing site. It doesn't run inside the application (app.prophitable.io). We don't pass your business data through the pixel, and we don't use it to retarget you with ads.
What We Don't Collect
-
No advertising or tracking pixels inside the application (app.prophitable.io). The Meta Pixel disclosed above runs only on prophitable.io for ad attribution.
-
No advertising cookies or tracking pixels
-
No third-party analytics (no Google Analytics)
-
No biometric data, government IDs, or health data
-
No data from children under 13
How We Use Your Information
We use your data to:
-
Run the service store your data, calculate costs, generate reports, manage your account
-
Process payments manage subscriptions through Stripe
-
Provide support respond to your questions and requests
-
Improve the product using anonymized, aggregated data (see below)
-
Measure paid-advertising effectiveness only on the marketing site, through the Meta Pixel, to learn which ad creative works
We don't retarget you with ads based on what you do inside the app, sell your data to third parties, or train AI models on your business data.
Third Party Services
We share data only with service providers that help us operate Prophitable:
Page | What They Receive | Reasoning |
|---|---|---|
Meta (Facebook/Instagram) | Pageview events on prophitable.io, browser ID, ad-click ID if you arrived from a Meta ad | Parse receipts into structured data for the receipt-scan feature. Zero retention — Anthropic doesn't store or train on your images. |
Anthropic | Receipt images you upload | Parse receipts into structured data for the receipt-scan feature. Zero retention — Anthropic doesn't store or train on your images. |
Vercel | IP address, request headers | Hosting and content delivery |
LaunchDarkly | Plan tier (anonymous) | Feature flag management |
Google Maps | Addresses you enter | Autocomplete and route calculation |
Stripe | Name, email, payment details | Payment processing |
Supabase | Account + business data | Database and authentication |
We do not sell your personal information to anyone.
Cookies
Inside the application (app.prophitable.io) we use two cookies, neither for advertising:
-
Supabase auth token (essential) — Keeps you logged in
-
LaunchDarkly (functional) — Stores feature flag state
That's it. No ad trackers, no analytics cookies, no third-party tracking pixels.
On the marketing site (prophitable.io), we additionally set two Meta Pixel cookies for paid-ad attribution:
-
_fbp identifies your browser to attribute ad-driven visits to specific Meta campaigns (90 days)
-
_fbc set only if you arrived from a Meta ad; records the ad click ID (90 days)
The Meta Pixel does not run inside the application. We don't use these cookies to retarget you with ads, and we don't share business data with Meta.
Your Data
-
You own your business data. Ingredients, recipes, products, orders, costs. All of it belongs to you. We have a limited license to process it while you use Prophitable, and that license ends when your account is deleted.
-
Aggregated data. We may use anonymized, aggregated data (data that can't be traced back to you or your business) for benchmarking and product improvement. For example, we might share that "food brands on Prophitable have an average ingredient cost ratio of X%." We will never identify your business.
Data Retention
What Happens | How Long We Keep Your Data |
|---|---|
Payment records | Retained by Stripe per legal requirements (up to 7 years) |
You request deletion | Deleted within 30 days |
You cancel | Data preserved for 90 days (read-only) |
You have an active subscription | All data retained |
To request data deletion, email percy@prophitable.io.
Security
-
All data encrypted in transit (TLS) and at rest (AES-256)
-
Multi-tenant isolation via row-level security. No one can access another organization's data.
-
Passwords hashed with bcrypt
-
Credit card data tokenized by Stripe before it reaches us (it doesn't)
No system is 100% secure, but we take reasonable measures to protect your information.
Your Privacy Rights
California Residents
Under the CCPA, you have the right to:
-
Know what personal information we collect about you
-
Delete your personal information
-
Correct inaccurate information
-
Opt out of the sale of your personal information — though we don't sell it
All Users
Under the CCPA, you have the right to:
-
Access your data by logging in
-
Update your info in Settings
-
Export your data by emailing us (self-serve export coming soon)
-
Delete your account by emailing percy@prophitable.io
Where Your Data Lives
Prophitable is hosted in the United States. If you use Prophitable from outside the US, your data is transferred to and processed in the US. By using Prophitable, you consent to this transfer.
Children
Prophitable is not for anyone under 13. We don't knowingly collect information from children.
Changes to the Policy
If we make material changes, we'll update this page and notify you by email. Continued use after changes means you accept the updated policy.
Contact
Prophit Technologies LLC
DBA Prophitable
Torrance, CA 90501