Privacy Policy

We collect information you give us and information we need to run Cookd. This list is not exhaustive: if you type, upload, save, send, or otherwise provide something in Cookd, we may keep it so the app can work and so we can support, secure, and improve the service.

• Account details, such as your email address, username, display name, avatar, account settings, and password authentication data.
• Content and activity you choose to add, such as cooks, recipes, descriptions, ingredients, instructions, ratings, links, comments, photos, image crop settings, co-cooks, likes, saves, follows, invitations, and referrals.
• Feedback, support requests, privacy requests, and other messages you send us.
• Technical information, such as device and browser details, IP address, app pages viewed, cookies, browser storage, session identifiers, security logs, referrals, invite prompts, preferences, analytics signals, and approximate location inferred from network data.

• Create accounts, keep people signed in, protect sessions, prevent abuse, and send account verification or password reset messages.
• Show the product features you use, including profiles, recipes, feeds, likes, follows, co-cooks, saved content, photos, and comments.
• Store, resize, and display uploaded images and recipe content.
• Respond to support, safety, privacy, and feedback requests.
• Understand what is working, fix bugs, improve performance, and decide what to build next.
• Follow legal obligations and enforce our Terms of Service.

Cookd is a social recipe app, so some information is meant to be visible. Other Cookd users may see your username, display name, avatar, public profile, cooks, recipe photos, comments, co-cook tags, and visible social actions such as follows or likes where the product displays them.

We do not show other users private account details like your email address, password credentials, private storage records, or internal security logs. Cookd administrators may access account, content, and technical records when needed to run, secure, support, moderate, or legally protect Cookd.

We use a small set of service providers to run Cookd. They may process information only as needed to provide their services to us.

• Supabase for account authentication, database records, session management, and file storage for uploaded images.
• PostHog for product analytics, feedback surveys, usage events, and exception capture when analytics is configured.
• Railway for hosting Cookd application services and related operational logs.
• Cloudflare for DNS, traffic routing, caching, security, and network protection.
• Resend, through SMTP, for account confirmation and password reset emails when email delivery is enabled.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising.

• By creating an account or using Cookd, you understand that we use information as described in this policy.
• You can update your display name and avatar in settings, and you can delete your account from the settings page.
• You can control cookies and browser storage through your browser. Some are required for login, security, and core app features.
• If an optional use depends on your consent, you can withdraw that consent by asking us through GitHub Discussions. Some features may stop working if they need that information.

Anyone can ask us about their data. You can request a copy of personal information we have about you, ask us to correct it, ask us to delete it, or ask questions about how we use or share it.

Depending on where you live, including Canada, Quebec, California, and other U.S. states, you may also have specific legal rights to access, correction, deletion, portability, disclosure details, or to challenge how we handle your personal information.

To make a request, start a discussion through Reci-App GitHub Discussions. We may need to verify that the account is yours before we act on a request. We try to respond within 30 days unless the law requires or allows a different timeline.

• We keep personal information for as long as we need it for the reasons in this policy, unless we need to keep it longer for legal, security, backup, fraud prevention, or dispute reasons.
• We use safeguards that fit the sensitivity of the information, including HTTP-only auth cookies and CSRF protections for authenticated requests.
• Information may be processed in Canada, the United States, or other places where Cookd or its providers operate. Privacy laws may differ from place to place.

Cookd is not directed to children under 13. Do not create an account if you are under 13. If we learn we collected personal information from a child under 13 without appropriate consent, we will delete it.

We may update this policy as Cookd changes. The effective date above shows when this version started. If we make important changes, we will post them in the app or communicate them when required by law. The Terms of Service are available at /terms.