Privacy Policy
Last updated: June 25, 2026
Introduction
Qelo is a product of Saleso Innovations AS, a company registered in Norway (“Saleso,” “we,” “us,” or “our”). We provide the Qelo mobile application (the “App”) and the website at qelo.app (the “Site”) to help you discover restaurants and meals, save favourites, and see personalised suggestions based on your preferences.
This Privacy Policy describes how we collect, use, disclose, and protect information when you use the App or Site. By using either, you agree to this policy. If you do not agree, please do not use the App or Site.
Information we collect
Guest sessions: You can use the App and purchase a subscription without registering or providing any personal information. To operate the App and link your subscription, we automatically create an anonymous guest session through Convex Auth that is identified only by a randomly generated identifier and session tokens; it does not include your name, email, or other personal details.
Sign-in and account data (optional): Signing in is optional and is used to sync your subscription and preferences across your devices. If you choose to sign in from the App's Settings, we receive identifiers and basic profile information from your sign-in provider (Apple Sign In, Google, or X) through Convex Auth, and we associate your existing guest data with that account.
Account and device information: We collect identifiers associated with your device, app version, and diagnostics needed to operate and improve the App.
Network and security data: We process your IP address (which we may store in hashed form), device attestation signals (such as Apple App Attest/DeviceCheck), and request metadata to verify legitimate use, prevent fraud and abuse, apply rate limits, and keep the service secure.
Preferences and content you provide: Diet and meal preferences, saved restaurants and dishes, onboarding answers, map filters, and similar inputs you choose to store in the App are kept on your device unless we state otherwise.
Usage and analytics data: How you interact with the App (feature usage, performance data, and product analytics events sent to PostHog) to maintain reliability, fix bugs, and improve the product.
Location information: If you grant permission, we collect or derive approximate or precise location to power map, search, and nearby-restaurant features. You can change location permissions in iOS Settings.
Purchase data: Subscription status and related transaction metadata are processed by Apple and our subscription partner (RevenueCat) as described below; we do not receive your full payment card details from those providers.
Website waitlist: If you submit your email on qelo.app to get notified at launch, we store that address in our backend (Convex) to contact you about availability.
Communications: If you contact us, we retain the content of your message and contact details you provide.
How we use information
To provide, personalise, and improve the App (including recommendations, maps, search, and saved items).
To create and operate guest sessions and optional sign-in, manage subscriptions, and keep sessions secure.
To process subscriptions, restore purchases, and show entitlement status.
To manage the marketing waitlist and send launch notifications you signed up for on qelo.app.
To send optional notifications if you enable them (for example, reminders or product updates), subject to your device settings.
To secure the App and Site, verify legitimate devices and requests (including via IP address and device attestation), detect and prevent fraud and abuse, apply rate limits, and comply with law.
To analyse usage (including PostHog event data) in order to improve performance and features.
Legal bases (EEA/UK/Switzerland users)
Where applicable privacy laws require a legal basis, we rely on: performance of a contract (providing the App or Site you request); legitimate interests (security, product improvement, and communications consistent with your expectations); consent (where required, such as certain notifications, analytics, or waitlist signups); and compliance with legal obligations.
How we share information
We do not sell your personal information. We share information only as described in this policy.
Service providers (subprocessors) that help us run the App and Site may process information on our behalf, under contractual terms that require protection and limited use. Depending on how you use the App or Site, these may include:
• Apple — app distribution, Sign In with Apple, In-App Purchases, and related platform services.
• Google and X — OAuth sign-in when you choose those providers in the App.
• RevenueCat — subscription management, entitlements, and purchase analytics.
• Convex — backend authentication, subscription status, and waitlist storage.
• PostHog — product analytics and event tracking in the App.
• Mapbox and related location/places providers — maps, search, geocoding, and place information.
• Google (including Gemini) — automated generation and analysis of restaurant menus, dish nutrition and health information, and editorial food content shown in the App.
• Perplexity — searching for and discovering restaurant menu sources used to build menu and dish information.
• Cloud infrastructure providers — hosting, security, queues, and delivery of API endpoints.
Some information and content in the App (for example, menu data, dish analysis, scores, recommendations, and food articles) is created or processed using automated and artificial-intelligence systems, including the providers listed above. The search queries, location, and preferences you provide may be sent to these providers to deliver these features.
We may disclose information if required by law, to enforce our terms, or to protect rights, safety, and security.
If we are involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction, subject to this policy or equivalent protections.
Retention
We retain information for as long as needed to provide the App and Site, comply with law, resolve disputes, and enforce our agreements. Retention periods vary depending on the type of data and whether it is still needed for a legitimate purpose.
Your rights and choices
Location: Control access in iOS Settings → Qelo → Location.
Notifications: Control in iOS Settings → Qelo → Notifications.
Subscriptions: Manage or cancel through your Apple ID subscription settings.
Access, correction, deletion, portability, and objection: Depending on your region, you may have rights regarding personal data we hold (including waitlist email and account data). Whether you use the App as a guest or with an account, you can delete your data in the App's Settings; this removes your guest session or account and your subscription profile from our servers and clears local app data. You may also contact us at the email below. We may need to verify your request.
EEA/UK/Switzerland users may have the right to lodge a complaint with a supervisory authority.
Children
The App and Site are not directed to children under 13 (or the minimum age required in your jurisdiction), and we do not knowingly collect personal information from children. If you believe we have collected such information, contact us and we will take appropriate steps to delete it.
International transfers
We may process and store information in the United States and other countries where we or our service providers operate. Those countries may have different data protection laws than your own. Where required, we use appropriate safeguards for cross-border transfers.
Security
We use reasonable technical and organisational measures designed to protect information. No method of transmission or storage is completely secure; we cannot guarantee absolute security.
Changes to this policy
We may update this Privacy Policy from time to time. We will post the updated version in the App, on qelo.app, and revise the “Last updated” date. Material changes may be communicated through the App, the Site, or other reasonable means where appropriate.
Contact us
Saleso Innovations AS (Norway) is the data controller responsible for the personal information described in this Privacy Policy.
Questions about this Privacy Policy: support@saleso.technology