Privacy Policy
Melon, a consumer mobile application operated by AnyHope Corp.
This Privacy Policy explains how AnyHope Corp., an Ontario corporation doing business as “Melon” (“we,” “us,” “our,” or the “Company”), collects, uses, discloses, and protects personal information in connection with the Melon mobile application and related services (collectively, the “Services”).
Melon helps you make informed food decisions. By scanning a product barcode, you can view ingredient analysis, food additive information, a nutrition breakdown, a food processing assessment, an overall health score, dietary compatibility indicators (including halal, kosher, vegan, and vegetarian), and suggested healthier alternatives. Melon also helps you discover trusted local food sources such as farms, ranches, farmers’ markets, butchers, and specialty producers.
We are committed to handling your personal information responsibly and in accordance with applicable privacy laws, including Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), Quebec’s Act respecting the protection of personal information in the private sector (“Law 25”), Canada’s Anti-Spam Legislation (CASL), and United States state privacy laws such as the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA).
Please read this Privacy Policy carefully. By creating an account or using the Services, you acknowledge that you have read and understood it. If you do not agree, please do not use the Services. If you have questions, contact us using the details in Section 21 (Contact Us and Privacy Officer).
Summary of Key Points
This summary highlights important points. Full details appear in the sections that follow.
What we collect: Account details (such as your name and email), authentication identifiers, device and usage information, subscription records, and — only if you choose to provide them — your dietary and religious preferences and your location.
Sensitive information: Halal and kosher preferences reflect religious beliefs and are treated as sensitive personal information. We collect them only with your explicit consent and use them solely to score product compatibility for you.
How we use it: To operate and secure the Services, authenticate you, provide product and dietary information, manage subscriptions, and meet legal obligations.
Selling and advertising: We do not sell your personal information and we do not use it for targeted advertising or cross-context behavioural advertising.
Payments: Subscriptions are processed by the Apple App Store and Google Play. We never receive or store your full payment card details.
Your choices: You may access, correct, or delete your information, withdraw consent, and adjust device permissions at any time.
Children: The Services are intended for users 18 years of age and older.
1. About This Privacy Policy
Scope
This Privacy Policy applies to personal information we process through the Melon application on iOS and Android and through related support and communications. It does not apply to third-party products, websites, or services that we do not control, even where they are linked from or integrated with the Services.
Where the Services are offered
Melon is currently offered to users in Canada and the United States. As we expand into additional regions, we will update this Privacy Policy and provide any further disclosures required by the laws of those regions.
Changes to your relationship with us
“Personal information” means information about an identifiable individual. Where this Policy refers to “you,” it means the individual using the Services.
2. Information We Collect
We collect the categories of personal information described below, depending on how you interact with the Services and the choices you make.
2.1 Information you provide to us
Account information: your name (if you choose to provide it), email address, an encrypted password (for email/password sign-up), and the authentication provider you use.
Profile and preferences: dietary preferences (such as vegan or vegetarian) and religious preferences (such as halal or kosher), saved products, favourites, and product history that you create within the app.
User content: reviews, ratings, and saved businesses you submit through the Local Sources feature.
Communications: information you provide when you contact us for support or otherwise correspond with us.
2.2 Information collected automatically
When you use the Services, we and our service providers automatically collect certain technical and usage information:
Device information: device model, operating system and version, app version, language, time zone, device identifiers, and IP address.
Usage information: barcode scans, in-app searches, features used, and interactions with the Services.
Diagnostic information: crash reports, error logs, and performance data used to maintain and improve the reliability and security of the Services.
This information is used primarily to operate, secure, troubleshoot, and improve the Services. We do not use it to build advertising profiles.
2.3 Dietary and religious preferences (sensitive information)
Halal and kosher preferences reflect religious beliefs, which are treated as sensitive (or “special category”) personal information under several privacy laws. We collect these preferences only when you choose to set them, and we use them for a single purpose: to calculate and display dietary compatibility for the products you view. We do not use these preferences for advertising, and we do not disclose them to third parties except to the service providers that host the Services on our behalf. You may change or remove these preferences at any time in the app. See Section 4 (Consent and Legal Bases) for how we obtain your explicit consent.
2.4 Information from third parties
When you choose to sign in using Apple or Google, we receive limited profile information from that provider, such as a unique identifier and the email address associated with your account, in accordance with your settings with that provider. We do not purchase personal information from data brokers, and we do not collect information about you from public databases or marketing partners for advertising purposes.
3. How We Use Your Information
We use personal information for the following purposes:
To create and manage your account and authenticate you when you sign in;
To provide the core features of the Services, including product analysis, health scoring, dietary compatibility, and healthier-alternative suggestions;
To provide the Local Sources feature and, where you permit it, location-based results;
To process and manage subscriptions and verify purchases;
To communicate with you about your account, security, and service-related matters;
To maintain, secure, troubleshoot, and improve the Services and prevent fraud and abuse;
To comply with legal obligations and to establish, exercise, or defend legal claims; and
To protect the vital interests and safety of users and others.
We will not use your personal information for materially different, unrelated, or incompatible purposes without first providing notice or obtaining your consent where required by law.
4. Consent and Legal Bases
Consent under Canadian law
Under PIPEDA and Quebec Law 25, we rely on your consent to collect, use, and disclose personal information. Consent may be express (for example, when you actively set a dietary or religious preference) or, where permitted, implied from the circumstances and your use of a feature (for example, basic account and device information necessary to operate the Services). You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice; withdrawing consent may limit or prevent your use of certain features.
Explicit consent for sensitive information
We collect and use your halal, kosher, and other dietary preferences only with your explicit, opt-in consent, obtained at the time you choose to set those preferences in the app. You may revoke this consent at any time by editing or deleting your preferences, after which we will stop using them for compatibility scoring.
Other lawful grounds
In limited circumstances, applicable law permits us to process personal information without consent — for example, to detect or prevent fraud, to comply with a subpoena or other legal requirement, or to protect an individual’s vital interests. As we expand into other regions, we will identify any additional legal bases (such as those under the EU/UK GDPR) that apply.
5. App Permissions
The Services request only the device permissions needed to deliver specific features. You can grant or revoke each permission at any time in your device settings.
Camera: used solely to scan product barcodes. Barcode scanning is performed to identify products; we do not store photographs or video from your camera.
Location (optional): used, only with your permission, to find nearby Local Sources, calculate distances, and improve local results. You may use the rest of the app without granting location access.
Push notifications (optional): used, only with your permission, to send account, subscription, feature, and important service notifications.
We do not request access to your contacts, microphone, Bluetooth, calendar, SMS, phone logs, or device health data.
6. How We Share Your Information
We do not sell your personal information. We share personal information only in the limited circumstances described below.
Service providers: with vendors that process personal information on our behalf and under contract, solely to provide services to us (such as cloud hosting, authentication, diagnostics, and payment verification). These providers are listed in
Section 7 (Third-Party Services and Sub-Processors).
Legal and safety: where we believe disclosure is necessary to comply with applicable law or legal process, to enforce our terms, to detect or prevent fraud or security issues, or to protect the rights, property, or safety of users and others.
Business transfers: in connection with a merger, financing, acquisition, or sale of all or part of our business, subject to appropriate confidentiality protections and the terms of this Privacy Policy.
Where required by applicable United States state law, you may request a list of the specific or categories of third parties to whom we have disclosed personal information, as described in Section 19.
7. Third-Party Services and Sub-Processors
We rely on the trusted providers below to deliver the Services. Each processes personal information only as needed for the stated purpose. We encourage you to review their privacy policies.
Provider
Purpose
Information involved
Privacy policy
Supabase
Authentication, database, and cloud infrastructure
Account credentials, profile, and app data
supabase.com/privacy
Apple
Sign in with Apple and App Store In-App Purchases
Authentication identifier and purchase verification
apple.com/legal/privacy
Sign in with Google and Google Play Billing
Authentication identifier and purchase verification
policies.google.com/privacy
Open Food Facts
Product, ingredient, and nutrition data
Scanned product identifiers (no account information)
openfoodfacts.org/privacy
We may also engage providers for diagnostics and crash reporting, push notification delivery, and mapping and location services that support the Local Sources feature. These providers receive only the information needed to perform their function. We will keep this section current as our provider list changes, and you may request further details using the contact information in Section 21.
8. Third-Party Sign-In (Apple and Google)
The Services let you register and sign in using Sign in with Apple or Sign in with Google. When you do, the provider authenticates you and shares a limited set of profile information with us, such as a unique identifier and an email address, according to your settings and the provider’s policies. Authentication is managed through Supabase Authentication on our behalf.
We use this information only to create and secure your account and to operate the Services. We do not control, and are not responsible for, how Apple or Google process your information; please review their privacy policies to understand and manage your choices.
9. Local Sources, Location Data, and User Reviews
Location data
If you enable the Local Sources feature and grant location permission, we process your approximate or precise location to show nearby food sources, calculate distances, and improve local results. Location is processed only while you use the feature, and you can disable it at any time as described in Section 5 (App Permissions).
Mapping and place data
To power Local Sources, we use third-party mapping and place-information providers. Where necessary to return relevant results, a coarse or precise location or a search area may be shared with these providers to perform the lookup. We do not share your account identity with them for advertising purposes.
Reviews and ratings
If you submit a review or rating for a local food source, it may be visible to other users of the Services, together with a display name or similar identifier you choose. Please do not include sensitive personal information in reviews. You may request removal of content you have submitted by contacting us.
10. Subscriptions and Payments
Melon offers an optional premium subscription on monthly and annual terms. Subscriptions are sold and processed exclusively through the Apple App Store (In-App Purchases) and Google Play (Google Play Billing).
We do not receive or store your full payment card number or security code. We receive only purchase-related information such as your subscription status, purchase verification, expiration, and the purchase platform, which we use to provide and manage premium features.
Subscriptions renew automatically until cancelled. You can manage or cancel a subscription through your Apple subscriptions settings or your Google Play subscriptions settings. Cancellation and refund terms are governed by the applicable app store.
11. Marketing and Communications
We send communications that are necessary to operate the Services, such as security alerts, subscription notices, important service updates, and responses to your inquiries. These transactional messages are part of providing the Services.
We do not sell your personal information, share it for targeted advertising, or use it for cross-context behavioural advertising. If we ever send commercial electronic messages, we will do so in accordance with Canada’s Anti-Spam Legislation (CASL), including obtaining any required consent and providing an unsubscribe mechanism. You can opt out of optional push notifications at any time in your device settings.
12. Cookies and Tracking Technologies
Melon is a mobile application and does not rely on advertising cookies. We and our service providers use device identifiers and similar technologies for authentication, security, diagnostics, and basic analytics necessary to operate and improve the Services. We do not use these technologies for cross-context behavioural advertising.
Because there is no consistent industry standard for browser “Do-Not-Track” signals, we do not currently respond to them. If a recognized standard is adopted, we will update our practices and this Policy accordingly.
13. International Data Transfers
We are based in Canada, and personal information may be stored and processed in Canada and the United States by us and by the service providers listed in Section 7. Privacy laws in these countries may differ from those in your home jurisdiction, and personal information may be accessible to courts, law enforcement, and authorities in those countries in accordance with their laws.
Where required, we use appropriate safeguards for international transfers, such as contractual protections (including Standard Contractual Clauses) with our service providers. You may contact us to request further information about these safeguards.
14. Data Retention
We retain personal information only for as long as necessary to fulfil the purposes described in this Privacy Policy, including to operate the Services, maintain your account, comply with legal obligations, resolve disputes, prevent fraud, and enforce our agreements.
When personal information is no longer needed, we delete or anonymize it, or, where deletion is not immediately possible (for example, in secure backups), we isolate it from further processing until deletion can occur. Account information is generally retained for the life of your account and deleted following account closure, subject to limited retention required by law.
15. How We Protect Your Information
We maintain reasonable administrative, technical, and physical safeguards designed to protect personal information, including:
Encryption of data in transit using HTTPS/TLS;
Secure authentication and the use of authentication tokens;
Access controls that limit who can access personal information;
Use of reputable, secured cloud infrastructure; and
Routine security updates and monitoring.
No method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential and for using the Services in a secure environment. If we become aware of a security incident affecting your personal information, we will notify you and the appropriate authorities as required by applicable law.
16. Children’s Privacy
The Services are intended for users who are 18 years of age or older. We do not knowingly collect personal information from anyone under 18. By using the Services, you represent that you are at least 18 years old.
If we learn that we have collected personal information from a person under 18, we will deactivate the account and take reasonable steps to delete the information promptly. If you believe a minor has provided us with personal information, please contact us using the details in Section 21.
17. Automated Decision-Making and Artificial Intelligence
We do not use automated decision-making or profiling to make decisions about you that produce legal or similarly significant effects, and we do not use artificial intelligence to evaluate or make decisions about individual users.
Product scores, dietary compatibility indicators, and similar outputs are informational tools generated from product data and the preferences you set; they are not decisions about you. We may use artificial intelligence internally for ordinary business purposes such as software development, drafting support, documentation, and content creation, but not to make automated decisions about users or to process personal information beyond those internal purposes.
18. Your Privacy Rights — Canada
If you are in Canada, you have rights under PIPEDA and, for Quebec residents, under Quebec Law 25, including the right to:
Access the personal information we hold about you and obtain information about how it has been used and disclosed;
Request correction of inaccurate or incomplete personal information;
Withdraw your consent, subject to legal or contractual restrictions and reasonable notice;
Request deletion of your account and associated personal information; and
For Quebec residents, request that computerized personal information be communicated in a structured, commonly used technological format (data portability) and obtain information about any automated processing, where applicable.
To exercise these rights, contact our Privacy Officer using the details in Section 21. We will respond within the timeframes required by law. If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada or, for Quebec residents, the Commission d’accès à l’information du Québec.
19. Your Privacy Rights — United States
If you are a resident of a U.S. state with a comprehensive consumer privacy law (such as California, Colorado, Connecticut, Texas, Virginia, and others), you may have the rights described below, subject to verification and legal exceptions:
To know and access the personal information we have collected about you;
To correct inaccurate personal information;
To delete personal information;
To obtain a portable copy of personal information you provided;
To opt out of the sale of personal information, targeted advertising, and certain profiling — noting that we do not sell personal information or use it for targeted advertising;
To limit the use of sensitive personal information; and
To be free from discrimination for exercising your rights.
Categories of personal information we collect
The following table reflects the categories of personal information we collect, using the categories defined under California law as a reference.
Category
Examples
Collected
Identifiers
Name, email address, account name, IP address, device identifiers
Yes
Customer records
Name and contact information
Yes
Protected classifications
Religious beliefs reflected in halal/kosher preferences (sensitive)
Yes (limited)
Commercial information
Subscription status and purchase records
Yes
Internet/network activity
App usage, searches, and feature interactions
Yes
Geolocation data
Approximate or precise location, with your permission (sensitive)
Yes (with consent)
Audio/visual information
Photographs, audio, or video
No
Biometric information
Fingerprints, faceprints, or voiceprints
No
Professional/employment
Employment or job history
No
Education information
Student records
No
Inferences/profiling
Profiles created to predict characteristics
No
Sensitive personal information
We collect limited sensitive personal information — your religious/dietary preferences and, with your consent, your precise location — only to provide the features you request. We do not use or disclose sensitive personal information for purposes of inferring characteristics or for advertising.
How to exercise your rights
Submit a request using the contact details in Section 21. We will verify your request using information associated with your account. You may use an authorized agent where permitted by law. If we decline your request, you may appeal by replying to our decision; if your appeal is denied, you may contact your state attorney general.
California “Shine the Light”
California residents may request information about disclosures of personal information to third parties for their direct marketing purposes. We do not disclose personal information to third parties for their own direct marketing.
20. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will revise the “Last Updated” date above and, if the changes are material, provide additional notice within the app or by another reasonable method. Your continued use of the Services after an update takes effect constitutes acknowledgement of the revised Policy, except where additional consent is required by law.
21. Contact Us and Privacy Officer
If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact our Privacy Officer:
Mehmet Ali Okmen, Owner and Privacy Officer
AnyHope Corp. (operating as Melon)
Ontario, Canada
Email: support@themelon.app
We will acknowledge and respond to your request within the timeframes required by applicable law.
