Privacy Policy

1. Introduction

Welcome to Kitchen Assistant. We are committed to protecting your privacy and ensuring transparency about how we handle your personal information. This Privacy Policy explains how we collect, use, share, and protect your information when you use our mobile application and website.

                        Key Points:
                        We only collect information necessary to provide our services
We never sell your personal data to third parties
You have control over your data and can request its deletion
We comply with GDPR and other privacy regulations
Camera data is processed locally and not permanently stored

                    

Kitchen Assistant is operated by Kitchen Assistant Team, located in Vienna, Austria. We are committed to complying with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

2. Information We Collect

2.1 Information You Provide Directly

Account Information: Email address, display name, and password when you create an account
Profile Information: Dietary preferences (vegetarian, vegan, gluten-free, etc.), cuisine preferences, cooking intolerances, and preferred language
Recipe Data: Recipes you save as favorites, search history, and cooking preferences
Shopping Lists: Shopping list items, quantities, categories, and notes you create
Social Sharing: Information about platforms where you share content to earn points (platform names and sharing timestamps only - we do not access your social media accounts)
Communication: Messages you send through our contact forms or support channels
Premium Subscriptions: Subscription status, purchase receipts, and payment information (processed securely by third-party payment providers)
Promotion Codes: Usage of promotional codes and their expiration dates

2.2 Information Collected Automatically

App Usage Data: Features used, time spent in app, recipe search queries, and ingredient lookups
Device Information: Device type, operating system version, app version, language settings
Camera Data: Images captured for ingredient recognition (processed locally and sent to our AI service for analysis, then deleted immediately after processing)
Log Data: IP addresses, access times, error logs, and crash reports
Analytics: Aggregated usage statistics to improve our services (anonymized)

2.3 Points System Data

To manage our points system fairly, we collect:

Social media platforms where you share content (platform names only)
Date and time of sharing activities
Points balance and redemption history
Whether you have redeemed your points reward (to prevent multiple redemptions)

2.4 Ingredient Recognition Data

                        Important: When you use our camera feature to recognize ingredients:
                        Photos are processed on your device and sent to Clarifai API for ingredient identification
Images are not permanently stored on our servers or Clarifai's servers
Only the detected ingredient names are saved to your account
You can manually add, edit, or delete detected ingredients

                    

3. How We Use Your Information

3.1 Primary Purposes

Service Provision: To provide and maintain Kitchen Assistant's core features including recipe search, ingredient recognition, and shopping list management
Account Management: To create and manage your user account, preferences, and settings
Points System: To track points earned through social sharing and manage premium access rewards
Personalization: To customize recipe recommendations based on your dietary preferences, cuisine choices, and intolerances
Premium Features: To manage subscription status and provide premium functionality
Communication: To respond to your inquiries, provide customer support, and send important service updates
Recipe Search: To connect with Spoonacular API and provide relevant recipe results based on your ingredients
Ingredient Recognition: To process camera images and identify ingredients using Clarifai AI technology

3.2 Legal Basis for Processing (GDPR)

Contract Performance: Processing necessary to provide our app services and features
Legitimate Interest: Improving our services, preventing fraud, and app analytics
Consent: Social sharing for points, marketing communications, and optional premium features
Legal Obligation: Compliance with applicable laws and payment processing requirements

4. Information Sharing

We do not sell your personal information to third parties.

We may share your information only in the following limited circumstances:

4.1 Service Providers

We work with trusted third-party service providers who assist us in operating our services:

Firebase (Google Cloud): For user authentication, data storage, and cloud functions
Spoonacular API: For recipe data and search functionality (only search queries are sent, not personal information)
Clarifai: For ingredient recognition from camera images (images processed and immediately deleted)
Google Play Billing: For secure in-app purchase and subscription processing
Firebase Analytics: For usage statistics (anonymized data only)

4.2 Legal Requirements

We may disclose information when required by law or to:

Comply with legal processes or government requests
Protect our rights, property, or safety
Prevent fraud or security threats
Enforce our terms of service

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the transaction, subject to appropriate safeguards and user notification.

4.4 Social Sharing

When you choose to share recipes or shopping lists through social media platforms, this sharing is handled directly by your device's sharing capabilities. We only track that sharing occurred for points calculation - we do not access your social media accounts or posts.

5. Data Security

We implement industry-standard security measures to protect your information:

5.1 Technical Safeguards

Encryption: Data is encrypted in transit using HTTPS/TLS and at rest using Firebase security
Authentication: Secure user authentication through Firebase Auth
Access Controls: Limited access to personal data on a need-to-know basis
Regular Updates: Security patches and updates applied promptly
Monitoring: Continuous monitoring for security threats and anomalies

5.2 Organizational Safeguards

Staff Training: Regular privacy and security training for team members
Privacy by Design: Security considerations built into all system designs
Incident Response: Procedures in place for security incident response
Regular Audits: Periodic security assessments and vulnerability testing

5.3 Data Breach Response

In the unlikely event of a data breach:

We will assess and contain the breach immediately
Affected users will be notified within 72 hours
Relevant authorities will be notified as required by law
We will provide guidance on protective measures you can take

                        Your Role in Security: Use strong, unique passwords and keep your app updated. Never share your account credentials with others.
                    

6. Your Rights and Account Deletion

                        Account Deletion: You can permanently delete your Kitchen Assistant account and all associated data at any time. This process is irreversible.
                    

6.1 Your Privacy Rights (GDPR)

Under GDPR and other privacy laws, you have the following rights regarding your personal information:

Right to Access: Request a copy of the personal information we hold about you
Right to Rectification: Request correction of inaccurate or incomplete information
Right to Erasure: Request deletion of your personal information (account deletion)
Right to Restrict Processing: Request limitation of how we process your data
Right to Data Portability: Request transfer of your data to another service
Right to Object: Object to certain types of data processing
Right to Withdraw Consent: Withdraw consent for data processing at any time

6.2 Account Deletion Options

You can delete your Kitchen Assistant account using either of these methods:

Option 1: In-App Deletion (Recommended)

The easiest way to delete your account is directly within the Kitchen Assistant app:

Open Kitchen Assistant app
Go to Settings → Account Management
Tap "Delete Account"
Confirm your decision
Your account will be deleted immediately

Option 2: Web-Based Deletion

If you cannot access the app, you can request account deletion through our website:

Delete Account via Website

This option requires email verification for security purposes.

6.3 What Gets Deleted

When you delete your account, we permanently remove:

Account Information: Email, profile, preferences, and settings
Recipe Data: All saved recipes, favorites, and search history
Shopping Lists: All shopping lists, items, and notes
Points and Achievements: Points balance and sharing history
Premium Status: Subscription status and promotion code usage
Usage Data: App usage statistics and analytics data
Communication: Support messages and contact history

6.4 Data Deletion Timeline

Immediate: Account becomes inaccessible and app data is deleted
Within 48 hours: All personal data removed from active systems
Within 30 days: Data removed from backups and logs (except where legally required)
Final confirmation: Email sent when deletion is complete

6.5 Information We May Retain

For legal, safety, and operational reasons, we may retain certain limited information:

Transaction Records: Payment receipts for tax and accounting purposes (anonymized)
Legal Compliance: Information required by law to be retained
Security Logs: Anonymized security and fraud prevention data
Aggregated Analytics: Anonymous usage statistics that cannot be traced back to you

                        Important: Account deletion is permanent and cannot be undone. If you're experiencing issues with the app, consider contacting our support team first - we may be able to help resolve your concerns without deleting your account.
                    

6.6 Data Export Before Deletion

Before deleting your account, you can request a copy of your data:

In-App Export: Use the "Export Data" feature in app settings
Email Request: Contact us at Contact Email
Data Format: JSON format containing all your personal data
Delivery Time: Within 30 days of your request

6.7 Exercising Your Rights

To exercise any of your privacy rights, you can:

Use In-App Controls: Available in Settings → Privacy & Data
Contact Us: Email Contact Email
Response Time: We respond to privacy requests within 30 days
Verification: We may need to verify your identity before processing requests

7. Cookies and Tracking

7.1 Website Cookies

Our website uses cookies and similar technologies:

Essential Cookies: Required for website functionality
Analytics Cookies: Help us understand website usage (Google Analytics)
Performance Cookies: Improve website speed and performance

7.2 Mobile App Tracking

Firebase Analytics: Anonymized usage statistics and crash reporting
No Third-Party Tracking: We do not use advertising trackers or share data with ad networks
Local Storage: App preferences stored locally on your device

7.3 Managing Cookies

You can control cookies through your browser settings or by:

Disabling cookies in your browser (may affect functionality)
Using private/incognito browsing mode
Clearing cookies and website data regularly

8. Third-Party Services

Our app integrates with third-party services for enhanced functionality:

8.1 Firebase (Google Cloud)

Purpose: User authentication, data storage, and analytics
Data Shared: Account information, app usage data
Privacy Policy: Google Privacy Policy

8.2 Spoonacular API

Purpose: Recipe search and nutritional information
Data Shared: Search queries and ingredient lists (no personal information)
Privacy Policy: Spoonacular Privacy Policy

8.3 Clarifai

Purpose: Ingredient recognition from camera images
Data Shared: Images for processing (deleted immediately after analysis)
Privacy Policy: Clarifai Privacy Policy

8.4 Google Play Billing

Purpose: Secure payment processing for subscriptions
Data Shared: Purchase receipts and subscription status
Privacy Policy: Google Privacy Policy

For our points system, we enable sharing to social media platforms. We do not access your social media accounts directly; sharing is handled through platform-provided sharing mechanisms.

9. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

9.1 Active Account Data

Account Information: Retained while your account is active
Recipe Data: Retained until you delete recipes or your account
Shopping Lists: Retained until manually deleted or account deletion
Usage Analytics: Aggregated data retained for up to 2 years

9.2 After Account Deletion

Personal Data: Deleted within 30 days of account deletion
Transaction Records: Retained for 7 years for tax and legal purposes (anonymized)
Security Logs: Retained for 1 year for fraud prevention (anonymized)
Backup Data: Deleted from backups within 90 days

9.3 Legal Requirements

Some data may be retained longer if required by law, such as transaction records for tax purposes or to resolve legal disputes.

10. International Data Transfers

Your data may be processed in countries outside the European Economic Area (EEA). We ensure adequate protection through:

10.1 Safeguards for Data Transfers

Google Cloud (Firebase): Uses Standard Contractual Clauses and adequacy decisions
United States: Transfers covered by EU-US Data Privacy Framework
Encryption: All data encrypted in transit and at rest
Access Controls: Strict limitations on who can access your data

10.2 Your Rights for International Transfers

You have the right to:

Request information about safeguards in place for data transfers
Object to transfers under certain circumstances
Request that your data be processed only within the EU (where technically feasible)

11. Children's Privacy

Kitchen Assistant is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

11.1 Age Verification

We do not request birth dates during registration
Our app store listings specify age restrictions
Parents should supervise children's device usage

11.2 If We Discover Child Data

If we discover that we have collected information from a child under 13:

We will delete the information immediately
We will terminate the account
We will notify the app stores if applicable

11.3 Parental Rights

Parents or guardians can:

Contact us to request deletion of their child's information
Request information about data we may have collected
Use device parental controls to restrict app downloads

12. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements.

12.1 How We Notify You

When we make changes, we will:

Update the "Last Updated" date at the top of this policy
Notify you in-app for material changes
Send email notifications for significant changes (if you've opted in)
Post prominently on our website for major updates

12.2 Material Changes

For material changes that affect your rights or how we use your data:

We will provide at least 30 days' notice
You will have the opportunity to opt out or delete your account
Continued use of the app constitutes acceptance of changes

12.3 Version History

Previous versions of this policy are available upon request. Contact us if you need to review earlier versions.

13. Contact Us

Privacy Questions

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: Contact Email

Address:
Kitchen Assistant Team
Vienna, Austria

Contact Form: Use our contact form

13.1 Response Times

Privacy Requests: Within 30 days
General Inquiries: Within 48 hours
Account Issues: Within 24 hours
Security Concerns: Immediate response

13.2 What to Include

When contacting us about privacy matters, please include:

Your registered email address
Clear description of your request or concern
Any relevant account information
Preferred method of response

                        Effective Date: This Privacy Policy is effective as of June 28, 2025, and was last updated on June 28, 2025.
                    

Table of Contents