Privacy Policy

Last updated: February 28, 2026

CraveMap ("the App") is operated by Amjad Hussein ("I", "me", "my"), an individual developer. This privacy policy explains what data I collect, why I collect it, how I handle it, and your rights regarding your information.

I take your privacy seriously. I only collect what is necessary to make CraveMap work.

What I Collect and Why

Information You Provide

  • Instagram URLs: When you share an Instagram post to CraveMap, the URL is sent to my server to extract restaurant information. I store the URL to link it to the place record.
  • Location data: CraveMap uses your device location (with your permission) to center the map on your current position. Your precise location is never sent to my server — it stays on your device.

Information Generated by the App

  • Place data: When you share a post, the App processes it to extract: restaurant name, address, coordinates, cuisine type, dish recommendations, and photo URLs. This data is stored on my server so you can access your saves across sessions.
  • Video transcripts: If the Instagram post contains a video, I transcribe it to better understand the content. The transcript is stored alongside the place record.

Information I Do Not Collect

  • I do not require you to create an account.
  • I do not collect your name, email address, or phone number through the App.
  • I do not collect or store your Instagram credentials.
  • I do not track your browsing activity or use advertising trackers.
  • I do not sell your data to anyone, period.

Third-Party Services

To power the AI enrichment pipeline, your shared Instagram post data passes through the following third-party services:

  • Apify — scrapes public Instagram post data (caption, location tag, media URLs). Privacy Policy
  • OpenAI — transcribes video audio using the Whisper model. Privacy Policy
  • Google (Gemini) — analyzes video content for visual observations and menu items. Privacy Policy
  • Anthropic (Claude) — parses captions to extract restaurant names, classifies cuisine, and extracts dish recommendations. Privacy Policy
  • Google Places API — looks up restaurant details (address, coordinates, photos). Privacy Policy
  • Google Cloud Platform — hosts the backend infrastructure (Cloud Run, Cloud SQL, Cloud Storage). Privacy Notice

I only share the minimum data necessary with each service to perform its function. None of these services receive your device location or personal identity information.

Data Storage and Security

  • Data is stored in a PostgreSQL database hosted on Google Cloud SQL in the United States (us-central1 region).
  • Media files (video uploads) are stored in Google Cloud Storage.
  • All data in transit is encrypted via TLS/HTTPS.
  • Database connections use encrypted channels.
  • I use environment variables and Google Secret Manager for all API credentials — they are never exposed in code or logs.

Data Retention and Deletion

Your place data is retained for as long as you use the App. You can delete any saved place at any time by swiping to delete in the App. When you delete a place:

  • The place record is immediately removed from the database.
  • Associated media files are deleted from Cloud Storage.
  • Database backups may retain the data for up to 30 days before being cycled out.

Your Rights

You have the right to:

  • Access your data — all your saved places are visible in the App.
  • Delete your data — swipe to delete any place, or contact me to delete all your data.
  • Know what data I collect — this policy describes everything.
  • Opt out — you can stop using the App at any time. I do not track you outside of it.

If you are a California resident, you have additional rights under the CCPA. If you are in the EU/EEA, you have rights under the GDPR. In either case, contact me and I will honor your request.

Children's Privacy

CraveMap is not directed at children under 13. I do not knowingly collect personal information from children. If I learn that I have collected data from a child under 13, I will delete it promptly.

Changes to This Policy

I may update this policy from time to time. When I do, I will update the "Last updated" date at the top. If the changes are significant, I will make reasonable efforts to notify you (for example, through an in-app notice).

Contact

If you have questions about this privacy policy or want to exercise your data rights, email me at support@cravemap.app.

This privacy policy is adapted from the Basecamp open-source policies, which are available under a Creative Commons Attribution 4.0 license.