Privacy Policy

Last updated: March 1, 2025

1. Introduction

Welcome to What's Cookin. This Privacy Policy explains how we collect, use, and safeguard your information when you use our web application and the "What's Cookin" Chrome Extension. By using What's Cookin, you agree to the practices described in this policy.

2. Information We Collect

We collect only the information necessary to provide our service:

  • Account information — your email address and display name, provided either directly or via Google Sign-In.
  • App data — recipes, ingredients, shopping lists, and preferences you create within the app.
  • Webpage Content (Chrome Extension Only) — when you explicitly click the extension to clip a recipe, we temporarily read the HTML content, meta tags, and images of your currently active tab to extract recipe information. We do not track your browsing history or record background tabs.
  • Usage & error data — basic analytics and crash reports to understand how the app is used, identify bugs, and improve stability (e.g., page views, recipe clipping success rates).

3. Google Sign-In

If you choose to sign in with Google, we receive your name, email address, and profile picture from Google. We do not receive access to your Google Drive, Gmail, contacts, or any other Google services. We use this information solely to create and identify your What's Cookin account.

4. How We Use Your Information

  • To provide, maintain, and improve the What's Cookin service.
  • To authenticate you and keep your account secure.
  • To save and sync your recipes, fridge inventory, and shopping lists across the web app and Chrome extension.
  • To send transactional emails (e.g., password reset, magic link sign-in).

5. Data Sharing

We do not sell, rent, or share your personal information with third parties for marketing purposes. We use the following trusted service providers to operate the app:

  • Supabase — database and authentication hosting.
  • OpenAI — AI-powered recipe and ingredient features.
  • Vercel — web application hosting.
  • Sentry & PostHog — error tracking and anonymous usage analytics.

Each of these providers processes data only as necessary to provide their services and is bound by their own privacy policies.

6. Data Retention & Deletion

Your data is retained for as long as your account is active. If you wish to delete your account and all associated data, please contact us at the email below and we will process your request within 30 days.

7. Security

We use industry-standard security measures including encrypted connections (HTTPS), secure authentication via Supabase, and row-level security on our database to protect your data.

8. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of the app after changes constitutes acceptance of the updated policy.

9. Contact

If you have any questions about this Privacy Policy or your data, please contact us at: roberto.bandeiram@gmail.com