Short version: We never sell your personal information. The only data that leaves Silo is anonymized, aggregate price trends - no names, no accounts, no shopping histories attached. That's our business model and our hard line.
Silo is operated by Stillridge Labs ("Stillridge Labs", "we", "us", "our"), a sole proprietorship registered in Alberta, Canada. Stillridge Labs is a registered trade name; the legal entity behind Stillridge Labs is its sole proprietor, Todd Zmetana. If you have questions about this policy, contact us at [email protected].
When you create a Silo account, we collect:
We do not ask for or store your home city, neighbourhood, or street address. Your region for community features is inferred at query time from the stores you choose to follow or shop at, never recorded as a "home location" on your account.
When you scan a product and log a price, we collect the product barcode, store location, price, and timestamp. This is the community data that makes Silo work. Price submissions are attributed to your account internally for moderation and anti-spam purposes, but are displayed to other users without your name or identity attached.
Your shopping list, pantry contents, and trip history are stored on our servers to sync across devices and enable household sharing. Within Silo, this data is private to your account and household and is never shown to other users.
This data may be included in the de-identified aggregate statistics described in section 3.3, subject to the same minimum-sample-size thresholds and exclusion of any personal or household identifiers. Your individual shopping list and your individual pantry are never sold or shared.
We may collect basic technical information such as device type, operating system version, and app version for debugging and service improvement. If you enable price alerts, we also store a device-specific push notification token so we can deliver those alerts; the token is cleared if you disable alerts or delete your account. We do not use third-party analytics SDKs. We do not use third-party crash reporting services.
When you use the "find nearby stores" feature, Silo requests your device's location to identify stores close to you. This request happens only when triggered by you - Silo does not track your location in the background. Your precise GPS coordinates are not retained in your user record.
Silo also uses your device's location, when available, to surface prices from stores near your current position in your shopping list. This proximity lookup happens at the moment you open or refresh your list. The coordinates are used only to filter and rank stores by distance for that request and are not retained in your user record. You can use Silo without granting location access; in that case, the shopping list falls back to your followed stores and best-known prices overall.
Silo also uses your device's location to verify that price submissions and confirmations are made at the store where the price was observed. This GPS check happens only at the moment you submit or confirm a price - the coordinates are used to match against the selected store's location and are not retained in your user record. Price submissions that cannot be GPS-verified may be rejected to maintain community data integrity. Users with verified contributor status may bypass this check. Location is never requested in the background and "Always On" permission is never required.
If you create or join a household, members of that household can see shared list and pantry data. Household membership is by explicit invitation only (invite code).
If you add a new product or a new store location to the Silo catalog, that submission becomes part of the public dataset other users see. Submissions are attributed to your account internally so we can review them for accuracy, prevent abuse, and contact you if a submission needs follow-up; publicly, catalog entries do not show who created them. When you submit a store, the address text you enter is sent to OpenStreetMap Nominatim to geocode the location (see Section 10). We may also send a notification email to Stillridge Labs administrators when a new product or store is submitted; that internal notification includes the submission details and your account email so the data can be reviewed.
We may analyze aggregate usage patterns (e.g., which screens are visited most, how often scans occur) to prioritize features and fix bugs. This analysis is done internally on anonymized aggregate data.
Silo's free tier is partly funded by licensing de-identified aggregate research data to market analysts, research firms, and other B2B customers. Three kinds of aggregate statistics may be included:
All released figures are subject to strict aggregation rules: a minimum of 100 households per data point, sub-metro geography only when the population exceeds 500 households, weekly or coarser time granularity, and brand- or category-level rollups for low-volume items. No names, no emails, no accounts, no household identifiers, no individual shopping lists, and no individual pantries are ever included in or derivable from these releases. Think of it as the same shape of insight a research firm produces from a survey panel, with stricter privacy.
Silo user data is stored on servers located in Canada.
We use industry-standard security practices including encrypted connections (TLS), bcrypt password hashing, and JWT-based authentication. Auth tokens on iOS devices are stored in the iOS Keychain via expo-secure-store.
No system is perfectly secure. In the event of a data breach affecting personal information, we will notify affected users as required by applicable privacy and breach-notification law in their jurisdiction (including PIPEDA for Canadian residents and applicable US state breach-notification statutes).
As a Canadian resident, you have rights under PIPEDA including:
To exercise any of these rights, email [email protected]. We will respond within 30 days.
This section supplements the rest of this Privacy Policy and applies only to California residents. It is provided to comply with the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).
In the past 12 months, Silo has collected the following CCPA-enumerated categories of personal information from California residents:
We do not collect biometric information, audio or visual recordings, professional information, education information, or any sensitive personal information beyond what is listed above. We do not draw inferences about you for profiling, advertising, or scoring purposes.
All personal information is collected directly from you when you create an account, use the app, or contact us.
We use this information to provide and maintain the service, sync your data across your devices, authenticate you, send transactional email, verify price submissions, and improve the app. See sections 3 and 5 for details.
We do not sell or share your personal information, and we do not engage in cross-context behavioral advertising. We have not sold or shared personal information in the past 12 months and we have no plans to do so.
The aggregate research data described in section 3.3 (price trends, pantry penetration and restock cadence, and shopping list intent) is de-identified using the aggregation rules described in that section. It does not contain personal information and is not subject to CCPA sale or sharing requirements.
Because we do not sell or share personal information, we do not maintain a "Do Not Sell or Share My Personal Information" link. You are welcome to confirm this in writing by emailing [email protected].
As a California resident you have the right to:
To exercise any of the rights above, email [email protected] with the subject line "California Privacy Request" and tell us which right you wish to exercise. We will verify your identity by matching the email address on file with your Silo account and may ask for additional information if needed.
We will respond within 45 days. If we need more time, we will tell you within that period and respond within an additional 45 days (90 days total maximum).
You may designate an authorized agent to submit a request on your behalf. The agent must provide proof of your written authorization, and we will still verify your identity directly before processing the request.
California Civil Code Section 1798.83 ("Shine the Light") permits California residents to request information about disclosures of personal information to third parties for direct marketing purposes. Silo does not share personal information with third parties for their direct marketing purposes.
Silo is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has created an account, please contact us and we will delete the account promptly.
Silo uses the following third-party services in its operation:
If you purchase a Pro subscription, Apple (App Store) or Google (Play Store) will share limited transaction data with us, including an anonymized purchaser ID, country, and subscription state. This is used solely to verify and manage your subscription entitlement.
We do not use advertising networks, social media pixels, or behavioural tracking SDKs.
We do not send unsolicited marketing emails. If you sign up via our website to receive a launch notification (for example, to be notified when the iOS or Android app is available), we will send you a single notification email for that event - submitting your email address constitutes your opt-in consent under CASL. If we add a newsletter or broader promotional communications in the future, they will also be opt-in only and you can unsubscribe at any time.
We may update this privacy policy as the service evolves. If we make material changes to how we handle personal data, we will notify you by email or by a prominent notice in the app at least 14 days before the change takes effect. The "Effective date" at the top of this page will always reflect the current version.
Questions, concerns, or requests regarding your privacy: