Privacy Policy

Cookkit ("we", "our", or "the App") is a privacy-first recipe and pantry management application designed for personal use. We are committed to protecting your privacy and being transparent about our data practices. This Privacy Policy outlines how we process your information in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and relevant local privacy frameworks.

Cookkit is built to minimize data collection while providing personalized recipe recommendations and pantry management features. We collect only the information necessary to provide our core services:

Purpose: To provide personalized recipe recommendations and track your pantry inventory. Data Use: Your ingredients, dietary preferences, and recipe history are used to generate AI-powered meal suggestions and manage expiration tracking. Storage: Data is stored locally on your device and optionally synced to your personal cloud storage (iCloud/Google Drive) for cross-device access.

Service Providers: OpenAI GPT API and similar AI services Purpose: To analyze your pantry contents and generate personalized recipe suggestions. Data Flow: Your ingredient lists and dietary preferences are securely transmitted over TLS-encrypted connections to AI providers for recipe generation; results are returned immediately to Cookkit. Data Retention: Cookkit does not store your requests on external servers. AI providers retain request data for up to 30 days solely for abuse-monitoring and safety auditing, after which it is deleted. Your data is not used to train their models.

Purpose: To allow you to scan ingredient labels and add items to your pantry quickly. Data Use: Images are processed locally on your device for text recognition and are not saved or uploaded to any server. Storage: No local or remote retention of camera images.

Purpose: To optionally sync your pantry data and recipe preferences across your devices. Data Control: Data is stored only in your personal cloud account (iCloud, Google Drive), governed by their respective privacy terms. Access: We do not have access to, nor do we control, any cloud-stored data.

We do not collect or process: • Your name, email address, phone number, or address (unless you voluntarily provide it for support) • Your device's unique ID (IDFA, IMEI, etc.) • Your contact list, calendar, or SMS history • Your behavioral usage logs beyond basic app functionality • Your precise or coarse location data • Any personally identifiable information from recipe searches

For users located in the European Union or regions covered by the GDPR, our legal basis for processing is your explicit consent when granting system-level permissions (camera, cloud storage, etc.). For users in California (CCPA), we affirm: • We do not "sell" or "share" your data with any third party • You are entitled to request information, opt out of any future data sharing, and request deletion of any stored data For users in China, we do not collect or process personal information subject to localization or cross-border transfer restrictions.

Even though we minimize data collection, we implement industry-standard practices: • End-to-end encrypted connections for AI API requests • Local data encryption on your device • No use of cookies, fingerprinting, or analytics SDKs beyond essential app functionality • All data flows either remain on-device or pass through secure, vetted channels

Depending on your location, you may have the following rights: • Access: You may request confirmation of what data we process (most data remains on your device) • Correction/Deletion: All data you create is controlled via your device or cloud settings • Consent Withdrawal: You may revoke camera, cloud access, or AI features anytime through app settings • Complaint: You may contact your regional data authority, or contact us directly for prompt resolution We are committed to respecting your privacy rights globally.

Cookkit is designed to be safe and appropriate for users aged 13 and above. We do not knowingly collect personal data from children under 13. The app contains minimal data collection, no behavioral tracking, and focuses on local data storage. If you are a parent or guardian and believe that your child has inadvertently shared any personal information while using Cookkit, please contact us at cookkit01@gmail.com. We will investigate and address any such concerns immediately.

We may revise this Privacy Policy to reflect changes in functionality, law, or regulatory guidance. We will notify you of significant updates via in-app notices. Continued use of the app after an update constitutes acceptance of the revised terms.

If you have any questions, concerns, or data-related requests, please contact: 📧 Email: cookkit01@gmail.com We respond to all requests within 15 business days.