Last updated: March 2, 2026
ShelfScout ("we," "our," "us") is a community-powered price and inventory tracking app for Walmart stores. This policy explains what data we collect, why, and how we protect it.
Account information: When you sign up, we collect your email address, a password (stored as a secure hash — we never see your actual password), and your zip code. Your zip code helps us show you nearby stores.
Location data (GPS): When you use the scanner or open the app, we may request your device's GPS coordinates. We use this to determine which Walmart store you are near so your price scan is recorded at the correct location, and to notify you of nearby deals. We do not track your location in the background, store location history, or build movement profiles.
Scan data: When you scan a product barcode or Walmart shelf QR code, we collect the product identifier (UPC or Walmart ID), the price you enter, the inventory status you select, and the store where the scan occurred. This data is shared with the ShelfScout community to help other users find prices.
Device information: We may collect basic device information such as device type, operating system version, and app version for crash reporting and compatibility purposes.
Analytics & diagnostics: We collect anonymized app usage events (such as app opens and screen views), crash reports, and device identifiers to improve ShelfScout. See Section 5 for details on the services involved.
Advertising identifier: Google AdMob may access your device's advertising ID to serve ads. You can reset or opt out of ad personalization in your device settings.
Google Sign-In: If you choose to sign in with Google, we receive your display name, email address, and Google account ID from Google. We do not receive your Google password.
Google AdMob: We display ads through Google AdMob to keep the app free. AdMob may collect device identifiers and usage data according to Google's Privacy Policy. You can opt out of personalized ads in your device settings.
Firebase Cloud Messaging: We use Firebase to send push notifications about price changes on your watchlist. You can disable notifications in your device settings at any time.
Firebase Analytics: We use Firebase Analytics to understand how the app is used (e.g., session starts, screen views). Firebase may collect device identifiers and usage data according to Google's Privacy Policy.
Firebase Crashlytics: We use Firebase Crashlytics to collect crash reports, stack traces, and device state information so we can identify and fix bugs.
Google Sign-In: If you sign in with Google, authentication is handled by Google's sign-in service. We only receive your name, email, and Google account ID.
Supabase: Our backend data is hosted on Supabase (cloud infrastructure). Data is encrypted in transit and at rest.
ShelfScout Analytics: We operate our own analytics service to track anonymized app events (such as app opens and notification interactions). This data is associated with your account ID and processed on our own servers to improve the app experience.
Push notification tokens: We store your device's push notification token on our servers so we can deliver price drop alerts. Tokens are deactivated when you log out and deleted when you delete your account.
Price scans you submit are visible to other ShelfScout users. This is the core function of the app — crowdsourced price data. Your scans are associated with your account for verification purposes, but other users only see the price, inventory status, and store — not your email or identity.
We retain your account data for as long as your account is active. Scan data is retained to maintain the community price database. If you delete your account, your personal information (email, zip code) is removed. Historical scan data may be retained in anonymized form.
You can:
ShelfScout is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it.
We use industry-standard security measures including encrypted connections (HTTPS/TLS), hashed passwords, and secure cloud infrastructure. No system is 100% secure, but we take reasonable steps to protect your data.
Your data may be processed by services located outside your country, including Cloudflare (global content delivery network), Supabase (United States), and Google services (global infrastructure). By using ShelfScout, you consent to the transfer of your data to these services.
We may update this policy from time to time. We will notify you of significant changes through the app or by email. Continued use of ShelfScout after changes constitutes acceptance of the updated policy.
Questions or concerns about your privacy? Reach us at: