Your Privacy Matters to Us. This Privacy Policy explains how RecipeAI collects, uses, stores, shares, and protects your personal information when you use our mobile application and web services. By using RecipeAI, you consent to the data practices described in this policy.
1. Information We Collect
We collect various types of information to provide and improve our Service. The categories of information we collect include:
1.1 Account and Profile Information
When you create an account with RecipeAI, we collect:
- Authentication Data: Email address, password (encrypted), or OAuth tokens from Google or Apple
- Profile Information: Name, display name, username, profile picture or avatar
- Authentication Method: Whether you signed up via email, Google, or Apple Sign-In
- Account Status: Free or premium subscriber, subscription tier, active status
- Account Creation Date: Timestamp of when your account was created
1.2 User Preferences and Settings
To personalize your experience, we collect and store:
- Dietary Restrictions: Vegetarian, vegan, gluten-free, dairy-free, and other dietary preferences
- Allergies: Food allergies and intolerances you specify
- Cuisine Preferences: Your preferred cuisines (Italian, Mexican, Asian, etc.)
- Recipe Categories: Preferred meal types (breakfast, lunch, dinner, desserts, etc.)
- Keywords: Custom keywords for recipe personalization
- Notification Settings: Push notification preferences and consent
- Measurement Units: Metric or Imperial measurement preferences
- Language Preferences: Interface language settings
1.3 Recipe and Content Data
When you use RecipeAI's features, we collect:
- Uploaded Images: Food photographs you upload for recipe generation
- Generated Recipes: AI-generated recipe content including titles, descriptions, ingredients, and instructions
- Custom Recipes: Recipes you manually create or edit
- Recipe Metadata: Cooking time, difficulty level, servings, categories, and tags
- Recipe Images: Associated images for each recipe (uploaded or generated)
- Favorites: Recipes you mark as favorites with timestamps
- Creation/Modification Dates: When recipes were created or last updated
1.4 Usage and Generation Data
We track your usage of the Service to manage limits and improve features:
- Generation History: Number and types of recipe generations (single, multiple, calorie analysis)
- Generation Timestamps: Dates and times of recipe generation requests
- Monthly Usage Counters: Number of generations used in the current billing period
- Feature Usage: Which features you use and how frequently
- Search Queries: Recipe searches you perform within the app
- User Interactions: Taps, swipes, and navigation patterns (anonymized)
1.5 Subscription and Payment Information
For premium subscribers, we collect:
- Subscription Status: Active, cancelled, expired, or paused
- Subscription Plan: Plan name, tier, and pricing information
- Billing Period: Start date, end date, and renewal date
- Payment Processor Data: Stripe customer ID and subscription ID (no credit card details are stored by us)
- Transaction History: Purchase dates and amounts (via Stripe)
- Cancellation Status: Whether your subscription is set to cancel at period end
Note: Payment card details are processed and stored by Stripe, not by RecipeAI. We never have access to your full credit card numbers.
1.6 Device and Technical Information
We automatically collect technical information about your device and usage:
- Device Type: Smartphone, tablet, or web browser
- Operating System: iOS, Android, or web platform version
- Device Identifiers: Unique device IDs, advertising IDs (if permitted)
- App Version: Version of the RecipeAI app you're using
- IP Address: Your Internet Protocol address for approximate location
- Connection Type: WiFi, cellular, or other network information
- Browser Information: Browser type and version (for web users)
1.7 Location Data
We collect approximate location information:
- IP-Based Location: Approximate location derived from your IP address (country, region, city)
- Purpose: Used for analytics, regional content, and service improvements
- Precision: We do not collect precise GPS location unless explicitly permitted
1.8 Analytics and Behavioral Data
Through Firebase Analytics and similar tools, we collect:
- Session Duration: How long you spend in the app
- Screen Views: Which screens and features you access
- User Flow: Navigation paths through the application
- Crash Reports: Technical data about app crashes or errors
- Performance Metrics: Load times, response times, and technical performance
- Event Tracking: Specific actions like "recipe generated," "image uploaded," "favorite added"
1.9 Communications and Support
When you contact us:
- Support Requests: Content of your support inquiries and our responses
- Feedback: Product feedback, feature requests, and bug reports
- Email Communications: Email correspondence history
- Communication Preferences: Your preferences for receiving updates and notifications
2. How We Collect Information
We collect information through various methods:
2.1 Information You Provide Directly
- During account registration and profile setup
- When you upload images for recipe generation
- When you create, edit, or save recipes
- When you set preferences, dietary restrictions, and allergies
- When you contact customer support
- When you subscribe to premium plans
2.2 Information Collected Automatically
- Through Firebase Analytics embedded in the app
- Via cookies and similar tracking technologies on our website
- Through server logs recording API requests and responses
- Via crash reporting and error tracking systems
- Through authentication systems (Firebase, Google, Apple)
2.3 Information from Third Parties
- OAuth Providers: Limited profile information from Google or Apple when you use social login
- Payment Processors: Transaction and subscription status from Stripe
- Analytics Services: Aggregated usage data from Firebase and Google Analytics
3. How We Use Your Information
We use your information for the following purposes:
3.1 Core Service Functionality
- Account Management: Create, maintain, and secure your account
- Authentication: Verify your identity and enable secure login
- Recipe Generation: Process your images through AI to generate personalized recipes
- Personalization: Customize recipes based on your dietary preferences, allergies, and cuisines
- Recipe Storage: Save, organize, and retrieve your recipes
- Search Functionality: Enable you to search through your saved recipes
- Favorites Management: Track and display your favorite recipes
3.2 Subscription and Billing
- Process premium subscription payments
- Manage subscription status and renewals
- Enforce generation limits for free and premium users
- Track monthly usage and reset counters
- Handle cancellations and refund requests
- Provide access to the customer billing portal
3.3 Service Improvement and Development
- Analyze usage patterns to improve features
- Train and improve our AI models (using anonymized data)
- Identify and fix bugs, errors, and technical issues
- Develop new features based on user behavior
- Optimize app performance and load times
- Conduct A/B testing for feature improvements
3.4 Communication and Support
- Respond to customer support inquiries
- Send service-related notifications (generation limits, subscription status)
- Provide technical support and troubleshooting
- Send important updates about Terms of Service or Privacy Policy changes
- Notify you of new features or improvements (if you've opted in)
3.5 Security and Fraud Prevention
- Detect and prevent fraudulent activity and abuse
- Monitor for unusual usage patterns or suspicious behavior
- Protect against unauthorized access to accounts
- Enforce our Terms of Service and Acceptable Use Policy
- Respond to legal requests and comply with regulations
3.6 Analytics and Business Operations
- Understand user demographics and behavior trends
- Measure feature adoption and engagement
- Calculate retention rates and user lifetime value
- Make data-driven business decisions
- Generate anonymized, aggregated reports for internal analysis
4. How We Share Your Information
We do not sell your personal information. We share your information only in the following limited circumstances:
4.1 Third-Party Service Providers
We share information with trusted service providers who assist in operating our Service:
| Service Provider | Purpose | Data Shared |
|---|---|---|
| Firebase / Google Cloud | Authentication, database, analytics | Account info, recipes, user data, analytics events |
| OpenAI | AI recipe generation | Uploaded images, recipe generation requests |
| Stripe | Payment processing | Email, subscription data, transaction history |
| Unsplash / Pexels | Stock recipe images | Image search queries |
| Google Sign-In | OAuth authentication | Google account email, name, profile picture |
| Apple Sign-In | OAuth authentication | Apple ID, email (may be private relay), name |
These providers are contractually obligated to protect your data and use it only for the purposes we specify. They may not use your information for their own purposes.
4.2 Legal and Compliance Requirements
We may disclose your information when required by law or to protect our rights:
- In response to subpoenas, court orders, or legal processes
- To comply with government regulations and legal obligations
- To protect the rights, property, or safety of RecipeAI, our users, or the public
- To enforce our Terms of Service and prevent fraud or abuse
- In connection with legal claims, disputes, or investigations
4.3 Business Transfers
If RecipeAI is involved in a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred to the new entity. We will notify you of any such change and provide options regarding your data.
4.4 Aggregated and Anonymized Data
We may share aggregated, anonymized, or de-identified data that cannot reasonably identify you with:
- Business partners for research and analytics
- Advertising networks (without personal identifiers)
- Academic researchers for studies (with appropriate safeguards)
- The public in blog posts or reports about service usage trends
4.5 With Your Consent
We may share your information with third parties when you explicitly consent, such as when you choose to connect your account to other services or platforms.
5. Data Storage and Security
5.1 Where We Store Your Data
Your data is stored securely using industry-leading cloud infrastructure:
- Primary Database: Google Cloud Firestore (US-based servers)
- Authentication: Firebase Authentication (Google Cloud infrastructure)
- File Storage: Firebase Cloud Storage for images and media
- Geographic Location: Data centers primarily located in the United States
- Data Redundancy: Automatically replicated across multiple data centers for reliability
5.2 Security Measures
We implement comprehensive security measures to protect your information:
- Encryption in Transit: All data transmitted between your device and our servers uses TLS/SSL encryption
- Encryption at Rest: Data stored in databases is encrypted using AES-256 encryption
- Password Security: Passwords are hashed and salted using industry-standard algorithms (bcrypt)
- Access Controls: Strict authentication and authorization for accessing user data
- Regular Security Audits: Periodic reviews of security practices and infrastructure
- Monitoring: Automated systems monitor for suspicious activity and security threats
- Secure APIs: API endpoints require authentication tokens and rate limiting
- Payment Security: PCI-DSS compliant payment processing through Stripe
5.3 Data Retention
We retain your information for as long as necessary to provide the Service and comply with legal obligations:
- Active Accounts: Data retained while your account is active
- After Account Deletion: Most data deleted within 30 days; some data retained for legal compliance (transaction records, up to 7 years)
- Backup Systems: Deleted data may persist in backups for up to 90 days before permanent deletion
- Analytics Data: Aggregated, anonymized analytics may be retained indefinitely
- Legal Requirements: Data related to legal disputes or investigations retained as required by law
5.4 Security Limitations
While we strive to protect your information, no system is 100% secure. Potential risks include:
- Unauthorized access due to password compromise (secure your credentials)
- Vulnerabilities in third-party services we rely upon
- Social engineering or phishing attacks targeting users
- Insider threats or employee misconduct (mitigated by access controls)
You are responsible for maintaining the security of your account credentials. If you suspect unauthorized access, contact us immediately.
6. Your Privacy Rights and Choices
6.1 Access and Portability
You have the right to:
- Access Your Data: Request a copy of the personal information we hold about you
- Data Portability: Export your recipes, preferences, and data in a machine-readable format
- View Your Information: Access and review your profile, recipes, and settings within the app
To request a data export, contact us at support@recipe-ai.io.
6.2 Correction and Updates
You can update most information directly through the app:
- Edit your profile information (name, avatar)
- Update dietary preferences, allergies, and cuisines
- Modify or delete saved recipes
- Change notification settings
- Update email address (requires verification)
If you need assistance updating information, contact our support team.
6.3 Deletion and Account Closure
You have the right to delete your account and data:
- In-App Deletion: Use the "Delete Account" feature in app settings
- Web Request: Visit our Account Deletion page for detailed instructions
- Email Request: Contact support@recipe-ai.io to request account deletion
- What Gets Deleted: Profile, recipes, images, preferences, and personal information
- What May Be Retained: Transaction records (legal requirement), anonymized analytics, backup copies (temporary)
- Timing: Most data deleted within 30 days; backups purged within 90 days
Note: Account deletion is irreversible. You will lose access to all saved recipes and data. For complete information about the deletion process, please visit our Account Deletion page.
6.4 Marketing and Communications
You can control communications from RecipeAI:
- Email Unsubscribe: Click "unsubscribe" in any marketing email
- Push Notifications: Disable in app settings or device settings
- Service Notifications: Cannot be disabled (account security, subscription status, policy changes)
6.5 Cookie and Tracking Preferences
For web users, you can control cookies through:
- Browser settings to block or delete cookies
- Opt-out of Firebase Analytics tracking (if available in your region)
- Advertising ID reset or limitation (iOS and Android device settings)
6.6 Regional Privacy Rights
For Users in the European Union (GDPR)
If you are located in the EU, you have additional rights under GDPR:
- Right to Access: Obtain confirmation of data processing and a copy of your data
- Right to Rectification: Correct inaccurate or incomplete personal data
- Right to Erasure: Request deletion of your personal data ("right to be forgotten")
- Right to Restriction: Limit how we process your data in certain circumstances
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw consent for data processing at any time
- Right to Lodge a Complaint: File a complaint with your local data protection authority
For Users in California (CCPA/CPRA)
California residents have rights under the California Consumer Privacy Act:
- Right to Know: Request disclosure of personal information collected
- Right to Delete: Request deletion of personal information
- Right to Opt-Out: We do not sell personal information, so this does not apply
- Right to Non-Discrimination: Equal service regardless of privacy rights exercise
- Right to Correct: Request correction of inaccurate personal information
For Users in Other Regions
Depending on your location, you may have additional privacy rights under local laws. Contact us to learn about rights applicable in your jurisdiction.
6.7 Exercising Your Rights
To exercise any privacy rights:
- Email: support@recipe-ai.io with subject line "Privacy Rights Request"
- In-App: Use settings and account management features
- Verification: We may ask for verification to protect your account security
- Response Time: We will respond within 30 days (may extend to 60 days for complex requests)
7. Children's Privacy
RecipeAI is not intended for children under the age of 13, and we do not knowingly collect personal information from children under 13.
- Age Requirement: You must be at least 13 years old to create an account
- Parental Notice: If we learn we have collected data from a child under 13, we will delete it immediately
- Parental Rights: Parents who believe their child has provided us with information should contact support@recipe-ai.io
- Verification: We may implement age verification mechanisms to enforce this policy
For users aged 13-17, we recommend parental or guardian involvement in account creation and use of the Service.
8. Cookies and Tracking Technologies
8.1 Types of Cookies We Use
Our website and services use cookies and similar tracking technologies:
- Essential Cookies: Required for authentication, security, and core functionality
- Analytics Cookies: Firebase Analytics to understand usage patterns (can be disabled)
- Preference Cookies: Remember your settings and preferences
- Session Cookies: Temporary cookies that expire when you close your browser
- Persistent Cookies: Remain on your device until expiration or deletion
8.2 Third-Party Tracking
Third-party services integrated into RecipeAI may use their own cookies:
- Google Analytics / Firebase: Usage analytics and event tracking
- Stripe: Payment processing and fraud detection
- OAuth Providers: Google and Apple for social login functionality
8.3 Managing Cookies
You can control cookies through:
- Browser settings (Chrome, Safari, Firefox, etc.) to block or delete cookies
- Mobile device settings to reset or limit advertising IDs
- Firebase opt-out (where available)
Note: Disabling essential cookies may affect app functionality.
9. International Data Transfers
RecipeAI operates globally but stores data primarily in the United States:
- Cross-Border Transfers: If you access the Service from outside the US, your data may be transferred to and processed in the US
- Adequate Protections: We rely on standard contractual clauses and adequate safeguards for international transfers
- EU-US Data Transfers: We comply with applicable frameworks and regulations for EU data transfers
- Local Laws: You are responsible for ensuring your use of the Service complies with local data protection laws
10. Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in our practices or legal requirements:
- Notification Methods: In-app notifications, email, and updates to the "Last Updated" date
- Material Changes: Significant changes will be prominently announced with advance notice
- Continued Use: Your continued use after changes constitutes acceptance of the updated policy
- Review Regularly: We encourage you to review this policy periodically
- Prior Versions: Previous versions available upon request
11. Third-Party Links and Services
RecipeAI may contain links to third-party websites, services, or content:
- No Responsibility: We are not responsible for the privacy practices of third-party sites
- External Policies: Third-party sites have their own privacy policies that govern your use
- Review Policies: We encourage you to read privacy policies of any third-party services you access
- No Endorsement: Links do not imply endorsement of third-party practices or content
12. Data Breach Notification
In the event of a data breach that affects your personal information:
- We will notify affected users via email within 72 hours of discovery (as required by law)
- Notification will include the nature of the breach, types of data affected, and steps we're taking
- We will provide recommendations for protecting your account and information
- We will notify relevant regulatory authorities as required by applicable laws
13. Contact Us About Privacy
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
- Email: privacy@recipe-ai.io or support@recipe-ai.io
- Subject Line: Include "Privacy Inquiry" or "Privacy Rights Request"
- In-App Support: Use the support feature within the RecipeAI application
- Response Time: We will respond to privacy inquiries within 30 days
- Website: recipe-ai.io
14. Data Controller Information
For the purposes of data protection laws, the data controller responsible for your personal information is:
- Service Name: RecipeAI
- Email: privacy@recipe-ai.io
- Website: recipe-ai.io
Thank you for trusting RecipeAI with your data. We are committed to protecting your privacy and handling your personal information responsibly. This Privacy Policy is designed to be transparent about our data practices. If you have any questions or concerns, please don't hesitate to contact us.