JustCook Privacy Policy

Effective Date: [Date to be determined] Last Updated: [Date to be determined]

Introduction

Welcome to JustCook. We are committed to protecting your privacy and being transparent about how we collect, use, and safeguard your personal information. This Privacy Policy explains our practices regarding the data we collect through the JustCook mobile application, website, and related services (collectively, the "Service").

By using JustCook, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use the Service.

Contact Information:

Email: [support@justcook.com] Website: [https://www.justcook.com]

1. Information We Collect

We collect several types of information from and about users of our Service to provide, maintain, improve, and personalize your experience.

1.1 Information You Provide Directly

Account Information:

  • Email address (required for account creation)
  • Password (encrypted and stored securely)
  • User ID (automatically generated)
  • Account preferences and settings

Recipe and Cooking Content:

  • Recipes you create, import, or save (including titles, ingredients, instructions, images, sources, and notes)
  • Custom cookbooks and recipe collections you organize
  • Recipe ratings and personal modifications
  • Photos you upload or capture for recipes
  • Text and URLs you input for recipe import

Meal Planning and Grocery Data:

  • Meal plans and weekly schedules you create
  • Grocery lists and shopping items
  • Meal planning preferences and dietary restrictions

User Feedback:

  • Customer support inquiries and communications
  • Feedback ratings on AI-parsed recipes (1-5 satisfaction scores)
  • Bug reports and feature requests
  • Survey responses (if you choose to participate)

1.2 Information Collected Automatically

Usage and Analytics Data:

  • Features you use and how often (recipe imports, AI generations, meal planning, etc.)
  • Time spent in the app and session frequency
  • Recipe views, searches, and filters applied
  • Navigation patterns and user interface interactions
  • Device information (device type, operating system, app version)
  • Crash reports and error logs

AI Processing Data:

  • Raw text you submit for AI parsing
  • AI model used (e.g., GPT-4o-mini)
  • AI confidence scores for parsed ingredients and instructions
  • Processing time and token usage
  • User corrections to AI-generated content
  • Success/failure status of AI operations

Technical and Performance Data:

  • IP address and general location (city/region level, not precise location)
  • Browser type and version
  • Time zone and language preferences
  • API response times and performance metrics
  • Storage usage and data sync status

1.3 Information from Third-Party Sources

Recipe Import Data:

  • When you import recipes from third-party websites or social media, we collect the content you choose to import, including recipe text, images, and source URLs
  • We do not access or collect data from these sources beyond what you explicitly import

OAuth and Social Authentication (if implemented):

  • If you choose to sign in with a third-party service (e.g., Apple Sign-In, Google), we may receive basic profile information such as your name and email address

1.4 Information We Do NOT Collect

We do not collect:

  • Precise geolocation data (GPS coordinates)
  • Contact lists or address books
  • Photos from your device (except those you explicitly select for recipe uploads)
  • Payment card information (handled by Apple/Google through in-app purchases)
  • Social media posts or messages (unless you explicitly import recipes from them)
  • Health or medical information
  • Biometric data

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 To Provide and Maintain the Service

  • Create and manage your account
  • Process and store your recipes, meal plans, and grocery lists
  • Sync your data across multiple devices via cloud storage
  • Enable recipe import from various sources (web, photos, social media, text)
  • Generate and display nutritional information using USDA data
  • Provide customer support and respond to your inquiries

2.2 To Process Content with AI Technologies

  • Parse and normalize recipe text using OpenAI's GPT-4o-mini
  • Extract recipe information from photos using Google Cloud Vision API
  • Generate custom recipes based on your prompts
  • Match ingredients to USDA nutritional database
  • Calculate recipe nutrition and calorie information
  • Improve parsing accuracy through machine learning

2.3 To Improve and Personalize the Service

  • Analyze usage patterns to understand which features are most valuable
  • Identify and fix bugs, errors, and performance issues
  • Develop new features and improvements based on user behavior
  • Optimize AI parsing accuracy using user corrections and feedback
  • Conduct research and analysis to enhance the Service
  • A/B test new features and interface designs

2.4 To Manage Subscriptions and Usage

  • Track your subscription status (Trial, Premium)
  • Monitor feature usage (currently unlimited for Premium users)
  • Process payments through Apple App Store or Google Play Store
  • Send subscription-related notifications (trial reminders, renewal confirmations)
  • Prevent fraud and abuse

2.5 To Communicate with You

  • Send important service updates and security alerts
  • Respond to customer support requests
  • Notify you about new features and updates
  • Request feedback and conduct surveys (optional)
  • Send marketing communications (only with your consent, and you can opt out anytime)

2.6 For Analytics and Business Operations

  • Monitor Service performance, uptime, and reliability
  • Track API costs and resource usage for operational planning
  • Generate aggregated, anonymized statistics about app usage
  • Comply with legal obligations and enforce our Terms of Service
  • Detect, prevent, and address fraud, security issues, or technical problems

3. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties. We share your information only in the following limited circumstances:

3.1 Third-Party Service Providers

We work with trusted third-party companies to help us provide, maintain, and improve the Service. These providers have access to your information only to perform specific tasks on our behalf and are obligated to protect your information.

Infrastructure and Backend Services:

  • Supabase (Database and Storage): Stores your account data, recipes, meal plans, and images. Data is encrypted at rest and protected by Row Level Security policies.
  • Supabase Auth: Manages user authentication and session management.

AI and Machine Learning:

  • OpenAI (GPT-4o-mini): Processes recipe text you submit for parsing, normalization, and generation. We send only the recipe content you choose to import or generate, not your entire recipe library or personal information.
  • Google Cloud Vision API: Processes photos you take of recipe pages for OCR (optical character recognition). Only images you explicitly upload are sent to Google.

Payment Processing:

  • RevenueCat: Manages subscription status and in-app purchase validation. We do not handle or store payment card information—all payments are processed by Apple App Store or Google Play Store.

Analytics and Monitoring:

  • Mixpanel: Collects usage analytics to help us understand how users interact with the Service. Data is anonymized where possible.
  • Sentry: Monitors errors and crashes to help us improve app stability. Error reports may include device information and stack traces but do not include recipe content.

USDA Data:

  • We use publicly available USDA FoodData Central database for nutritional information. No personal data is shared with USDA.

3.2 Legal Requirements and Protection

We may disclose your information if required to do so by law or if we believe such action is necessary to:

  • Comply with legal obligations, court orders, or government requests
  • Enforce our Terms of Service and investigate violations
  • Protect the rights, property, or safety of JustCook, our users, or the public
  • Detect, prevent, or address fraud, security, or technical issues

3.3 Business Transfers

If JustCook is involved in a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice in the Service before your information is transferred and becomes subject to a different privacy policy.

3.4 Aggregated and Anonymized Data

We may share aggregated, anonymized data that does not identify you personally with third parties for research, marketing, or analytics purposes. For example:

  • "80% of users import recipes from web URLs"
  • "Average AI parsing confidence score is 0.92"
  • "Most popular meal planning day is Sunday"

3.5 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing. For example, if we introduce recipe sharing features in the future, you would control what content you choose to share publicly.

4. Data Storage and Security

4.1 Where We Store Your Data

Your data is primarily stored in Supabase cloud infrastructure, which uses Amazon Web Services (AWS) data centers. Supabase provides encryption at rest and in transit, and all data is protected by Row Level Security (RLS) policies ensuring you can only access your own data.

4.2 How We Protect Your Data

We implement industry-standard security measures to protect your information, including:

  • Encryption: All data transmitted between your device and our servers is encrypted using TLS/SSL. Data at rest is encrypted in our database.
  • Authentication: Passwords are hashed and salted using industry-standard algorithms. We support secure authentication methods.
  • Access Controls: Strict access controls limit who can access user data. Employees and contractors only have access on a need-to-know basis.
  • Row Level Security: Database policies ensure users can only access their own recipes and data.
  • Regular Security Audits: We regularly review our security practices and update them as needed.
  • Monitoring: We use Sentry for error monitoring and security incident detection.

4.3 Data Retention

Active Accounts: We retain your information for as long as your account is active or as needed to provide the Service.

Account Deletion: When you delete your account:

  • Your recipes, meal plans, cookbooks, and grocery lists are permanently deleted within 30 days
  • Your personal information (email, account data) is deleted within 30 days
  • Some data may be retained for longer periods if required by law or to resolve disputes

Grace Period: If your subscription expires or you don't subscribe after the trial, we retain your data for 30 days to allow you to resubscribe and regain access. After 30 days, your data may be permanently deleted.

Anonymized Data: Aggregated, anonymized analytics data may be retained indefinitely for research and service improvement purposes.

Legal Retention: Some data may be retained longer if required by law, such as transaction records for tax purposes.

4.4 Data Backup and Recovery

We maintain regular backups of your data to prevent data loss due to technical failures. Backups are encrypted and stored securely. In the event of a system failure, we can restore your data from backups.

4.5 Limitations

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee the absolute security of your information. You use the Service at your own risk.

5. Your Privacy Rights and Choices

Depending on your location, you may have certain rights regarding your personal information. We are committed to honoring these rights regardless of where you live.

5.1 Access and Portability

Right to Access: You can access, review, and download your personal information at any time through the app settings.

Data Export: You can request a copy of your data in a portable format (JSON or CSV) by contacting us at [support@justcook.com]. We will provide your data within 30 days of your request.

5.2 Correction and Update

Right to Correct: You can update or correct your account information, recipes, and preferences directly in the app at any time. If you need assistance, contact us at [support@justcook.com].

5.3 Deletion

Right to Delete: You can delete your account at any time by:

  • Using the account deletion feature in the app settings (Settings → Account → Delete Account)
  • Contacting customer support at [support@justcook.com]

Upon deletion:

  • All your recipes, meal plans, and personal data will be permanently deleted within 30 days
  • Your subscription will be cancelled (no refunds for remaining subscription period)
  • Some information may be retained as required by law or to resolve disputes

5.4 Marketing Communications

Right to Opt-Out: You can opt out of marketing emails by:

  • Clicking the "unsubscribe" link in any marketing email
  • Adjusting your notification preferences in app settings
  • Contacting us at [support@justcook.com]

Note: You cannot opt out of essential service communications (e.g., security alerts, subscription confirmations) while your account is active.

5.5 Do Not Sell My Information

California Residents: We do not sell your personal information to third parties, and we have not sold personal information in the past 12 months. If our practices change, we will update this policy and provide you with the ability to opt out.

5.6 Additional Rights for EU/UK Residents (GDPR)

If you are located in the European Union or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to Restriction: You can request that we restrict processing of your personal information in certain circumstances.
  • Right to Object: You can object to our processing of your personal information for direct marketing or legitimate interests.
  • Right to Withdraw Consent: Where we rely on consent, you can withdraw it at any time.
  • Right to Lodge a Complaint: You can file a complaint with your local data protection authority if you believe we have violated your privacy rights.

Legal Basis for Processing (GDPR):

  • Contract Performance: We process your data to provide the Service you've signed up for.
  • Legitimate Interests: We process data to improve the Service, prevent fraud, and ensure security.
  • Consent: For marketing communications and optional features, we rely on your explicit consent.

5.7 Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: You can request details about the categories and specific pieces of personal information we collect, use, disclose, and sell (we don't sell).
  • Right to Delete: You can request deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out: You can opt out of the sale of personal information (we don't sell).
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
  • Right to Correct: You can request correction of inaccurate personal information.
  • Right to Limit Use of Sensitive Personal Information: You can limit our use of sensitive personal information (if applicable).

How to Exercise Your Rights:

Email us at [support@justcook.com] or use the in-app settings. We will verify your identity and respond within 45 days (may be extended by 45 days with notice).

6. Children's Privacy

JustCook is not intended for children under the age of 13, and we do not knowingly collect personal information from children under 13. If you are under 13, please do not use the Service or provide any information to us.

If we learn that we have collected personal information from a child under 13 without parental consent, we will delete that information as quickly as possible. If you believe we have collected information from a child under 13, please contact us immediately at [support@justcook.com].

Note for Parents: If you are a parent or guardian and you believe your child has provided us with personal information, please contact us so we can delete it.

7. International Data Transfers

JustCook is operated from [Your Country/Region], and your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

Data Transfer Mechanisms:

  • For EU/UK users, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission for data transfers to countries outside the EU/EEA.
  • We ensure that all third-party service providers provide adequate data protection consistent with this Privacy Policy and applicable laws.

By using the Service, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection laws.

8. AI and Machine Learning Data Usage

8.1 How We Use AI

JustCook uses artificial intelligence to enhance your experience by:

  • Parsing unstructured recipe text into organized ingredients and instructions
  • Extracting recipes from photos of cookbooks or handwritten notes
  • Generating custom recipes based on your prompts
  • Normalizing ingredient names and measurements
  • Matching ingredients to nutritional databases

8.2 AI Service Providers

OpenAI (GPT-4o-mini):

When you import or generate a recipe, we send your recipe text to OpenAI for processing. OpenAI's data usage is governed by their API Data Usage Policies, which state that they do not use API data to train their models unless you opt in.

Google Cloud Vision API:

When you take a photo of a recipe, we send the image to Google Cloud Vision for OCR processing. Google's data usage is governed by their Cloud Privacy Notice.

8.3 AI Learning and Improvement

User Corrections: When you correct AI-parsed ingredients, measurements, or instructions, we store these corrections to improve our parsing algorithms. This data includes:

  • The original text that was parsed
  • The AI's interpretation
  • Your corrections
  • Confidence scores

Anonymization: AI learning data is anonymized where possible and is not linked to your personal identity in our training datasets.

Opt-Out: If you do not want your corrections used for AI improvement, please contact us at [support@justcook.com].

8.4 AI Accuracy and Limitations

AI-generated content may contain errors, inaccuracies, or biases. We provide confidence scores to indicate the reliability of AI parsing, but we encourage you to review and verify all AI-generated content before using recipes.

9. Cookies and Tracking Technologies

9.1 What We Use

We use the following technologies to collect information:

Local Storage:

We store data locally on your device (using AsyncStorage or similar technologies) to:

  • Keep you logged in
  • Cache recipes for offline access
  • Store app preferences and settings
  • Improve app performance

Analytics Cookies/SDKs:

We use Mixpanel and similar analytics tools to collect usage data. These tools may use cookies or device identifiers to track sessions and user behavior.

Session Tokens:

We use authentication tokens to maintain your logged-in session securely.

9.2 Third-Party Cookies

Our Service does not currently use third-party advertising cookies. However, if you visit our website (if applicable), it may use cookies for analytics. You can control cookies through your browser settings.

9.3 Your Choices

Mobile Devices:

  • iOS: Settings → Privacy & Security → Tracking → Toggle off "Allow Apps to Request to Track"
  • Android: Settings → Google → Ads → Opt out of Ads Personalization

Web Browsers:

Most browsers allow you to refuse or delete cookies. Consult your browser's help documentation.

Do Not Track:

We currently do not respond to Do Not Track (DNT) signals, as there is no consistent industry standard for DNT.

10. Third-Party Links and Services

The Service may contain links to third-party websites, services, or content (e.g., recipe source websites, social media platforms). We are not responsible for the privacy practices of these third parties.

What This Means:

  • When you click a link to a third-party website, you leave our Service
  • Third-party sites have their own privacy policies
  • We do not control or endorse third-party content

Our Recommendation:

Review the privacy policies of any third-party sites or services you visit.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or Service features. When we make material changes, we will notify you by:

  • Posting the updated Privacy Policy with a new "Last Updated" date
  • Sending an email notification to the email address associated with your account
  • Displaying a prominent notice in the Service or via push notification

Your Continued Use:

Your continued use of the Service after the effective date of the updated Privacy Policy constitutes your acceptance of the changes. If you do not agree to the updated Privacy Policy, you must stop using the Service and may delete your account.

Review Regularly:

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Email: [support@justcook.com] Website: [https://www.justcook.com] Mail: [Your Physical Address, if applicable]

Response Time: We will respond to your inquiry within 30 days (or as required by applicable law).

Data Protection Officer (if applicable): [DPO contact information, if you designate one]

13. Additional Information for Specific Regions

13.1 European Union and United Kingdom

Data Controller: JustCook is the data controller for your personal information.

Representative (if applicable): [EU Representative contact, if required]

Supervisory Authority: You have the right to lodge a complaint with your local data protection authority. A list of EU data protection authorities is available at https://edpb.europa.eu/about-edpb/board/members_en.

13.2 California

Categories of Personal Information Collected (Last 12 Months):

  • Identifiers (email, user ID, IP address)
  • Commercial information (subscription status, purchase history)
  • Internet activity (usage data, interactions with the Service)
  • User-generated content (recipes, meal plans, photos)
  • Inferences (preferences, characteristics)

Business Purposes for Collection:

  • Providing and maintaining the Service
  • Processing transactions
  • Improving the Service
  • Customer support
  • Security and fraud prevention

Third Parties with Whom We Share Information:

  • Service providers (Supabase, OpenAI, Google, RevenueCat, Mixpanel, Sentry)
  • Legal authorities (when required by law)

Sale of Personal Information: We do not sell personal information.

13.3 Other States with Privacy Laws

If you reside in states with comprehensive privacy laws (e.g., Virginia, Colorado, Connecticut, Utah), you may have rights similar to those described in the CCPA section. Please contact us to exercise your rights.

14. Data Processing Addendum (For Business Customers)

If you are using JustCook on behalf of a business or organization, and applicable data protection laws require a data processing agreement, please contact us at [support@justcook.com] to execute a Data Processing Addendum (DPA).

By using JustCook, you acknowledge that you have read, understood, and agree to this Privacy Policy.

Summary of Key Points (TL;DR):

What we collect: Account info, recipes, meal plans, usage data, AI processing data ✅ Why we collect it: To provide the Service, improve AI, sync across devices, and provide support ✅ Who we share with: Service providers (Supabase, OpenAI, Google), payment processors, analytics tools ✅ We DON'T sell your data: Never have, never will ✅ Your rights: Access, correct, delete, export your data anytime ✅ Security: Industry-standard encryption, access controls, and monitoring ✅ Contact us: [support@justcook.com] for questions or to exercise your rights

Thank you for trusting JustCook with your recipe data! 🍳