Privacy Policy

Effective Date: January 1, 2025

Last Updated: January 1, 2025

1. Introduction

Welcome to Recipe Easy! We're committed to protecting your privacy and being transparent about how we handle your data. This Privacy Policy explains how we collect, use, share, and protect your information when you use our AI-powered recipe generation platform.

1.1 Who We Are

Recipe Easy is an AI-powered platform that helps you create delicious recipes from your available ingredients. We believe in privacy by design and data minimization.

1.2 Scope of This Policy

This Privacy Policy applies to:

Our website and web application
All Recipe Easy services and features
Communications between you and us
Data collected through third-party integrations

1.3 Your Privacy Rights

You have important rights regarding your personal data, including the right to access, correct, delete, and control how your information is used. We'll explain these rights in detail below.

2. Information We Collect

We collect information to provide you with the best possible recipe generation experience. Here's exactly what we collect and why:

2.1 Information You Directly Provide

Account Information

Email address (for account creation and communication)
Password (encrypted and stored securely)
User role (regular user or administrator)
Authentication method (email/password or Google OAuth)

Recipe Generation Data

Ingredients you select or enter
Cooking preferences and dietary restrictions
Serving size requirements
Cooking time preferences
Difficulty level preferences
Cuisine type preferences
Custom ingredients you add to our database

Communications

Messages you send to our support team
Feedback and suggestions you provide
Survey responses (if you choose to participate)

2.2 Information We Automatically Collect

Usage Analytics

Features you use and how often
Number of recipes generated
Image generation requests
Time spent on different parts of our platform
Click patterns and navigation behavior
Error logs and performance data

Technical Information

IP address (for security and analytics)
Browser type and version
Operating system
Device type and screen resolution
Referral source (how you found us)
Session duration and frequency

Credit System Data

Current credit balance
Credit usage history
Transaction records (for future paid features)

2.3 Third-Party Service Data

We integrate with trusted third-party services that may collect additional information:

Authentication Services

Supabase: Secure user authentication and account management
Google OAuth: If you choose to sign in with Google

Infrastructure Services

Cloudflare: Content delivery, security, and database services
AI Model Providers: Recipe generation services (Qwen Plus, GPT-4o Mini)
Image Generation Services: Visual content creation (WanX, Flux Schnell)

2.4 Analytics and Performance Monitoring

Google Analytics 4

Website traffic and user behavior
Page views and session data
Conversion tracking and goal completion
Demographic insights (age range, interests - when available)
Device and browser analytics

Microsoft Clarity

User interaction heatmaps
Session recordings (anonymized)
Click and scroll behavior
Form interaction analysis
Performance optimization data

What Analytics Help Us Do:

Improve user experience and interface design
Identify and fix technical issues
Understand which features are most valuable
Optimize performance and loading times
Make data-driven product decisions

3. How We Use Your Information

We use your information for specific, legitimate purposes to provide and improve our service:

3.1 Core Service Delivery

Account Management: Create and maintain your user account
Authentication: Verify your identity and secure your account
Recipe Generation: Process your ingredients and preferences to create personalized recipes
Image Creation: Generate visual representations of recipes
Credit Management: Track your usage and manage the credit system
Feature Access: Provide appropriate features based on your account type

3.2 Service Improvement

AI Enhancement: Improve our recipe generation algorithms (using aggregated, anonymized data)
User Experience: Optimize our interface and features based on usage patterns
Performance Optimization: Identify and resolve technical issues
Feature Development: Develop new features based on user needs and feedback

3.3 Communication and Support

Customer Support: Respond to your questions and resolve issues
Service Updates: Notify you of important changes or new features
Security Alerts: Inform you of security-related matters affecting your account
Feedback Collection: Gather your input to improve our service

3.4 Legal and Security

Fraud Prevention: Detect and prevent abuse of our service
Legal Compliance: Meet our legal obligations and protect our rights
Security Monitoring: Protect against unauthorized access and security threats
Terms Enforcement: Ensure compliance with our Terms of Service

4. Data Storage, Retention & Security

4.1 Recipe Data Policy

Critical Information: We DO NOT store your generated recipes. Here's what this means:

Recipes are created in real-time during your session
No recipe content is saved to our servers or databases
You must save recipes to your device if you want to keep them
Once you close your browser or navigate away, recipes are gone forever
This approach protects your privacy and ensures your recipes remain yours

4.2 Image Data Handling

Generated Images: Not permanently stored on our servers
Image Metadata: We may retain technical information about image generation for service improvement
Download Responsibility: You must download images during your session to keep them
Temporary Processing: Images exist only during generation and immediate display

4.3 User Account Data

What We Store:

Account credentials (encrypted passwords, email addresses)
User preferences and settings
Credit balance and usage history
Account creation and last login dates

Where We Store It:

Supabase: Account information and authentication data
Cloudflare D1: Credit system data and usage analytics
Secure Infrastructure: All data is encrypted in transit and at rest

4.4 Data Retention Periods

Account Data: Retained while your account is active
Credit Data: Retained for account management and fraud prevention
Analytics Data: Aggregated data retained for up to 2 years
Support Communications: Retained for up to 1 year after resolution
Deleted Accounts: All personal data deleted within 30 days of account deletion

4.5 Security Measures

Encryption: All data encrypted in transit (HTTPS) and at rest
Access Controls: Strict access controls and authentication requirements
Regular Audits: Regular security assessments and vulnerability testing
Incident Response: Comprehensive security incident response procedures
Third-Party Security: All service providers meet high security standards

5. Data Sharing and Third-Party Disclosure

We respect your privacy and do not sell, rent, or trade your personal information. Here's when and how we may share your data:

5.1 Service Providers

We share limited data with trusted third-party services that help us operate Recipe Easy:

Essential Service Providers:

Supabase: User authentication and account management (email, encrypted passwords, user IDs)
Cloudflare: Content delivery, security, and database services (usage data, IP addresses)
AI Model Providers: Recipe generation services (ingredient lists, preferences - no personal identifiers)
Image Generation Services: Visual content creation (recipe descriptions - no personal identifiers)

Analytics Providers:

Google Analytics: Website usage data (anonymized where possible)
Microsoft Clarity: User interaction data (anonymized session recordings)

5.2 Legal and Safety Requirements

We may disclose your information when required by law or to protect safety:

Legal Compliance: Court orders, subpoenas, or legal process
Safety Protection: Preventing harm to users or the public
Rights Protection: Protecting our intellectual property and legal rights
Fraud Prevention: Detecting and preventing fraudulent activities

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets:

You'll be notified in advance of any ownership changes
Your data rights will be preserved under the new ownership
You'll have the option to delete your account before the transfer

5.4 What We Never Do

No Data Sales: We never sell your personal information to third parties
No Marketing Lists: We don't share your information for marketing purposes
No Unauthorized Access: We don't allow unauthorized access to your data
No Recipe Sharing: Since we don't store recipes, we can't share them

6. Your Privacy Rights and Choices

You have significant control over your personal information. Here are your rights and how to exercise them:

6.1 Access Rights

What You Can Access:

All personal information we have about you
How we've used your information
Who we've shared your information with
How long we'll retain your information

How to Access: Email us at contact@recipe-easy.com with "Data Access Request" in the subject line.

6.2 Correction and Update Rights

What You Can Correct:

Account information (email, password)
User preferences and settings
Any inaccurate personal information

How to Correct: Update through your account settings or contact us for assistance.

6.3 Deletion Rights (Right to be Forgotten)

What Gets Deleted:

All account information
Credit balance and usage history
Personal preferences and settings
Support communication history

How to Delete: Use the account deletion feature in your settings or contact us.

Important: Deletion is permanent and cannot be undone.

6.4 Data Portability

What You Can Export:

Account information
Usage history
Custom ingredients you've added
Support communication history

How to Export: Contact us with a "Data Export Request."

6.5 Opt-Out Rights

Analytics Opt-Out:

Google Analytics: Install the Google Analytics Opt-out Browser Add-on
Microsoft Clarity: Adjust your browser's privacy settings
All Tracking: Enable "Do Not Track" in your browser settings

Communication Opt-Out:

Service updates: Cannot opt out (essential for security and functionality)
Marketing communications: We don't send marketing emails currently

6.6 Objection Rights

You can object to:

Processing of your data for analytics purposes
Use of your data for service improvement
Automated decision-making (though we don't currently use this)

How to Object: Contact us with specific objections, and we'll work to accommodate your preferences.

7. Cookies and Tracking Technologies

We use various technologies to enhance your experience and understand how you use our service:

7.1 Essential Cookies

Authentication Cookies:

Keep you logged in during your session
Remember your login preferences
Secure your account access

Functional Cookies:

Remember your language preference
Store your ingredient selections during recipe generation
Maintain your session state

7.2 Analytics Cookies

Google Analytics Cookies:

Track page views and user behavior
Measure website performance
Understand user demographics (when available)

Microsoft Clarity Cookies:

Record user interactions for analysis
Generate heatmaps and session recordings
Identify usability improvements

7.3 Managing Cookies

Browser Controls:

Most browsers allow you to control cookies through settings
You can block, delete, or restrict cookies
Note: Blocking essential cookies may affect functionality

Opt-Out Tools:

Google Analytics Opt-out Add-on
Browser "Do Not Track" settings
Third-party privacy tools

8. International Data Transfers and Legal Compliance

8.1 Data Location

Primary Servers: United States (Cloudflare global network)
Authentication Data: Stored with Supabase (global infrastructure)
Analytics Data: Processed by Google and Microsoft (global services)

8.2 Legal Basis for Processing (GDPR)

We process your data based on:

Contract Performance: To provide our service as agreed
Legitimate Interests: To improve our service and ensure security
Consent: For analytics and non-essential features (where required)
Legal Obligations: To comply with applicable laws

8.3 International Users

For EU/UK Users:

We comply with GDPR and UK GDPR requirements
You have enhanced rights under these regulations
Data transfers are protected by appropriate safeguards

For California Users:

We comply with CCPA (California Consumer Privacy Act)
You have specific rights under California law
We don't sell personal information as defined by CCPA

9. Children's Privacy (COPPA Compliance)

9.1 Age Requirements

Our service is not intended for children under 13
We do not knowingly collect personal information from children under 13
If you're under 18, please get parental permission before using our service

9.2 Parental Rights

If you believe we've collected information from a child under 13:

Contact us immediately at contact@recipe-easy.com
We'll delete the information promptly
We'll take steps to prevent future collection

10. Changes to This Privacy Policy

10.1 How We Handle Updates

Material Changes: We'll notify you by email and prominent website notice
Minor Updates: Posted on this page with updated "Last Updated" date
Your Options: You can review changes and decide whether to continue using our service

10.2 Change History

We maintain a record of significant privacy policy changes. Contact us if you'd like to review previous versions.

11. Contact Us and Data Protection

11.1 Privacy Questions and Requests

Email: contact@recipe-easy.com

Subject Lines:

"Privacy Policy Question" - General privacy inquiries
"Data Access Request" - To access your personal data
"Data Deletion Request" - To delete your account and data
"Data Export Request" - To receive a copy of your data
"Privacy Rights Exercise" - For other privacy rights

11.2 Response Times

General Inquiries: Within 48 hours
Data Rights Requests: Within 30 days (as required by law)
Urgent Security Matters: Within 24 hours

11.3 Data Protection Officer

For complex privacy matters or if you're not satisfied with our response, you may contact our Data Protection Officer at the same email address with "DPO" in the subject line.

---

This Privacy Policy is effective as of the date listed above. By using Recipe Easy, you acknowledge that you have read, understood, and agree to this Privacy Policy. We're committed to protecting your privacy and will continue to update our practices to maintain the highest standards of data protection.