Privacy Policy

1.1 Information You Provide to Us

We collect information you voluntarily provide, including:

• Account Information: Name, email address, password, profile photo
• User Content: Recipes, photos, comments, reviews, meal plans, shopping lists
• Payment Information: Billing address, payment method (processed securely by Stripe)
• Communications: Messages you send to our support team
• Dietary Preferences: Allergies, dietary restrictions, medical nutrition needs

1.2 Automatically Collected Information

When you use our Service, we automatically collect certain information:

• Usage Data: Pages viewed, features used, search queries, interaction patterns
• Device Information: IP address, browser type, operating system, device identifiers
• Location Data: Approximate location based on IP address (not GPS tracking)
• Cookies and Similar Technologies: Session cookies, preference cookies, analytics cookies

1.3 Information from Third Parties

We may receive information from:

• OAuth Providers: If you sign in with Google or Facebook, we receive basic profile information
• Payment Processors: Transaction confirmations from Stripe
• Analytics Services: Aggregated usage statistics (anonymized)

We use your information to:

• Provide, maintain, and improve our Service
• Process your transactions and send confirmations
• Send you account notifications, security alerts, and service updates
• Personalize your experience with recipe recommendations
• Process OCR and AI features (recipe extraction, ingredient substitutions)
• Respond to your support requests and communications
• Detect and prevent fraud, abuse, and security incidents
• Analyze usage patterns to improve features and user experience
• Comply with legal obligations and enforce our Terms of Service
• Send marketing communications (only with your explicit consent)

For users in the European Economic Area (EEA), we process your data based on:

• Consent: For marketing communications and optional features
• Contract: To provide the Service you've signed up for
• Legitimate Interests: For service improvement, fraud prevention, and security
• Legal Obligation: To comply with applicable laws

We may share your information with:

4.1 Service Providers

• Anthropic (Claude AI): For recipe processing and AI features
• Stripe: For secure payment processing
• Resend: For transactional emails (verification, password resets)
• Cloud Hosting: For data storage and service infrastructure

4.2 Legal Requirements

We may disclose your information if required to:

• Comply with legal obligations or court orders
• Enforce our Terms of Service
• Protect our rights, property, or safety
• Investigate fraud or security incidents

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

We implement enterprise-grade security measures to protect your data:

• Encryption: SSL/TLS encryption for data in transit, AES-256 for data at rest
• Password Security: bcrypt hashing with 12 salt rounds
• Access Controls: Role-based access, principle of least privilege
• Monitoring: Continuous security monitoring and logging
• Vulnerability Management: Regular security audits and penetration testing
• Data Backups: Regular encrypted backups with disaster recovery

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

You have the following rights regarding your data:

6.1 Access and Portability

You can request a copy of your personal data in a machine-readable format. Go to Settings > Privacy > Download My Data.

6.2 Correction

You can update your account information at any time through your profile settings.

6.3 Deletion

You can delete your account and associated data at Settings > Privacy > Delete Account. Some data may be retained for legal compliance.

6.4 Opt-Out of Marketing

You can unsubscribe from marketing emails by clicking "Unsubscribe" in any email or adjusting your preferences in Settings > Notifications.

6.5 Cookie Preferences

You can manage cookie preferences through your browser settings. Note that disabling cookies may limit Service functionality.

6.6 Do Not Track

We currently do not respond to "Do Not Track" browser signals.

We use the following types of cookies:

We retain your information for as long as necessary to:

• Provide the Service to you
• Comply with legal obligations
• Resolve disputes and enforce agreements
• Prevent fraud and abuse

Upon account deletion, we delete or anonymize your data within 30 days, except where retention is required by law.

Our Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will delete it immediately.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@chefcecil.com.

Your information may be transferred to and processed in the United States or other countries where our service providers operate.

For EEA users, we ensure adequate safeguards through Standard Contractual Clauses approved by the European Commission.

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy on this page
• Updating the "Last Updated" date
• Sending you an email notification (for significant changes)

Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or our data practices, please contact us: