Cookie Kitchen logoCookie Kitchen

Privacy Policy

Cookie does not sell personal information, does not provide advertisers access to personal data, and does not send protected profile records to public AI model providers for personalization.

Overview

Cookie is an AI-powered home cooking companion that helps people decide what to cook, use ingredients before they expire, organize pantry inventory, and cook with confidence.

This Privacy Policy describes how Cookie collects, uses, discloses, stores, protects, and deletes personal information when you use our apps, websites, AI cooking assistant, recipe features, pantry tools, reminders, subscriptions, support channels, and related services.

Cookie is not a grocery delivery company, food delivery platform, nutrition diagnosis service, weight-loss program, medical platform, healthcare provider, or emergency service. Nutrition information, recipes, cooking suggestions, and AI responses are informational and may not be suitable for every person, allergy, medical condition, ingredient, appliance, or kitchen.

Personalization stays focused

Dietary preferences, allergies, cuisine preferences, cooking goals, and related profile signals are used to operate Cookie's personalization layer and recommendation features.

AI requests are minimized

When third-party AI models are used, Cookie sends only the minimum contextual information needed to answer the request.

No advertising sale

Cookie does not sell personal information and does not build advertising profiles for third-party advertisers.

User control matters

You can request access, correction, deletion, portability, restriction, objection, withdrawal of consent, appeal, or complaint where applicable.

Information We Collect

We collect different information depending on how you use Cookie, what you choose to provide, your device settings, your subscription status, and the features available in your region. We do not collect every item from every user.

CategoryExamplesPurpose
AccountEmail address, display name, optional profile image, account creation date, account status.Create your account, identify you in the app, provide support, and maintain account continuity.
AuthenticationEmail sign-in data, Google Sign-In data, Apple Sign-In data, login method, tokens, security events.Authenticate users, protect accounts, detect suspicious access, and prevent abuse.
Profile and onboardingName, age, height, weight, dietary preference, allergies, cuisine preferences, cooking goals, household preferences.Personalize recipes, home-screen recommendations, pantry suggestions, reminders, and cooking experiences.
Pantry and inventoryIngredients, quantities, units, expiry dates, freshness status, manual edits, deletions, low inventory signals.Track ingredients, reduce food waste, recommend recipes from inventory, and send relevant reminders.
Recipe and cooking activitySaved recipes, favorites, recipe history, cooking sessions, step progress, recipe scaling, macros, calories, protein, fat, carbohydrates, difficulty, cooking time.Operate recipe features, remember progress, support recommendations, and improve product quality.
AI conversations and searchAsk Cookie prompts, mood-based requests, occasion-based requests, substitution questions, technique questions, generated responses, feedback, safety signals.Respond to requests, maintain AI quality and safety, detect misuse, and troubleshoot issues.
NotificationsPush tokens, reminder preferences, expiry alerts, low inventory reminders, quiet hours, opt-in or opt-out state.Send reminders you request and avoid sending reminders you have disabled.
Subscriptions and paymentsSubscription status, plan, trial state, renewal state, entitlement records, app-store receipt references, payment processor references.Provide paid features, manage subscriptions, process refunds, prevent fraud, and maintain financial records.
Device and diagnosticsDevice type, operating system, app version, language, region, anonymous device identifiers, crash reports, performance diagnostics, feature flags.Keep Cookie reliable, fix bugs, measure performance, and understand compatibility.
Usage analyticsFeature usage, screen views, session duration, referral source, aggregate trends, experiment assignment.Improve onboarding, prioritize features, understand product health, and identify confusing flows.
Security logsAuthentication events, fraud signals, abuse reports, IP-derived approximate location, rate limits, audit logs.Protect users, secure infrastructure, investigate abuse, and enforce our terms.
Support and feedbackSupport interactions, screenshots you provide, feedback, feature requests, beta participation, survey responses, email delivery metadata.Respond to you, resolve issues, improve Cookie, and document support outcomes.

Some information, including allergies, dietary preferences, health-related goals, age, height, and weight, may be considered sensitive in some jurisdictions. Cookie uses this information only for the features and personalization you request, subject to applicable law and available controls.

Local Personalization

Cookie performs personalization primarily on the user's device through Cookie's proprietary recommendation engine, ranking algorithms, embeddings, and vector database.

Profile information such as dietary preferences, allergies, cuisine preferences, and cooking goals is processed for personalization inside Cookie. This profile information is not transmitted to third-party AI providers for personalization.

  • Dietary preferences help Cookie rank recipes and avoid suggestions that conflict with your choices.
  • Allergy information helps Cookie reduce unsuitable recommendations, but you must still check labels and use judgment.
  • Cuisine preferences help Cookie adapt recommendations to the foods and cooking styles you like.
  • Cooking goals help Cookie suggest meals that fit goals such as saving time, meal planning, trying new recipes, eating healthier, or reducing waste.

Cookie may still sync account, subscription, backup, support, security, and operational data when needed to provide the service, maintain continuity, prevent abuse, or comply with law. We design those systems to minimize unnecessary transfer of sensitive profile details.

AI Data Handling

Cookie uses proprietary AI systems and third-party AI models, including providers such as OpenAI, Anthropic, and additional providers that may change over time. AI features include Ask Cookie, recipe discovery, substitutions, cooking techniques, step-by-step assistance, weather-aware recommendations, and future voice-capable guidance.

Cookie never intentionally transmits these items to third-party AI providers as part of a model request: names, email addresses, account identifiers, authentication credentials, user profile records, dietary preferences, allergies, cuisine preferences, cooking goals, or complete pantry inventories tied to an identifiable user.

Only the minimum contextual information necessary to answer a request is transmitted. For example, a model request may include the cooking question you typed, the current recipe step, the ingredient name you entered, or the immediate substitution context. Whenever technically feasible, requests are anonymized, personally identifiable information is removed, identifiers are stripped, and prompts are minimized.

Cookie contractually requires AI providers to process information only to provide AI functionality and related operational support. Cookie does not knowingly use personally identifiable customer information to train foundation AI models. You should avoid entering highly sensitive personal information in AI conversations.

How We Use Information

Cookie uses personal information to provide, maintain, personalize, secure, analyze, and improve the service. We use information to:

  • create, authenticate, and secure accounts;
  • provide pantry tracking, expiry reminders, quantity tracking, recipe recommendations, saved recipes, cooking history, and hands-free cooking support;
  • personalize the home screen, recommendations, recipe ranking, substitutions, and meal planning;
  • answer Ask Cookie conversations and other AI cooking requests;
  • process subscriptions, trials, renewals, entitlements, refunds, and payment-related support;
  • send service messages, reminders, security notices, support replies, and optional marketing where permitted;
  • debug crashes, measure performance, monitor reliability, prevent fraud, and protect users;
  • conduct analytics, research, testing, beta programs, and product development;
  • enforce terms, respond to lawful requests, protect rights and safety, and comply with law.

We may create aggregated or de-identified information that cannot reasonably identify you. We may use that information for analytics, safety, research, reporting, business planning, and service improvement. If we maintain de-identified information, we take reasonable steps designed to avoid re-identification except where permitted by law for security or validation.

How We Share Information

Cookie shares information only as needed to operate the service, comply with law, protect users, support business operations, or complete a transaction you request. Cookie does not sell personal information and does not provide advertisers access to personal data.

Service categoryWhy it may receive dataData minimization approach
AuthenticationAccount sign-in and identity verification.Limited account and login data.
Cloud hosting, CDN, infrastructure, monitoring, and loggingApp operation, performance, reliability, backups, and security.Operational data limited by role, retention, and access controls.
Analytics, crash reporting, and performance diagnosticsReliability, product quality, and aggregate usage insights.Prefer aggregated, pseudonymous, or diagnostic data where practical.
Push notificationsExpiry reminders, low inventory reminders, cooking alerts, and service notices.Tokens and message metadata needed to deliver requested notifications.
Payment processing and subscription billingPaid features, entitlements, renewals, refunds, and fraud prevention.Payment references and receipt data rather than full card storage by Cookie.
AI providersAnswer cooking requests, generate recommendations, and support AI functionality.Minimum task context, stripped identifiers, no protected profile record transmission for personalization.
Email delivery and customer supportSupport replies, notices, rights requests, complaints, and account communications.Contact details and request content needed to respond.
Fraud prevention and securityAbuse detection, account protection, payment protection, and security response.Security signals, logs, and limited account identifiers where needed.

Vendors may change over time. We require service providers to process personal information under appropriate contractual, security, and confidentiality obligations. We may also disclose information for legal process, safety, enforcement, or business transfers such as financing, merger, acquisition, reorganization, bankruptcy, or sale of assets.

Retention

We retain personal information for as long as reasonably necessary to provide Cookie, maintain accounts, support subscriptions, fulfill the purposes described in this policy, comply with law, resolve disputes, enforce agreements, protect security, prevent abuse, and maintain business records.

Active account period

Account, profile, pantry, recipe, cooking history, subscription, and personalization data may be retained while your account is active and needed for Cookie features.

After deletion or deactivation

We delete or de-identify user-controlled data unless retention is required or permitted for legal, security, tax, accounting, fraud-prevention, dispute, backup, or operational reasons.

Backups and logs

Backup copies and security logs may remain for limited periods under ordinary rotation and are restricted from routine access.

Your Privacy Rights

Depending on where you live and how you use Cookie, you may have rights to access, correction, deletion, portability, restriction, objection, withdrawal of consent, appeal, complaint, and information about automated decision-making. Rights may be subject to verification, legal limits, exceptions, and regional differences.

  • Access: request confirmation and a copy of personal information we process.
  • Correction: request correction of inaccurate or incomplete information.
  • Deletion: request deletion of personal information, subject to retention exceptions.
  • Portability: request a portable copy where required and technically feasible.
  • Restriction or objection: ask us to limit certain processing or object to processing based on recognized legal grounds.
  • Consent withdrawal: withdraw consent where processing depends on consent.
  • Appeal and complaint: appeal a denied request or complain to us or a regulator where available.
  • Automated decision-making: request information, object, or seek human review where applicable law provides such rights.

To exercise rights, use in-app controls where available or email support@cookie.kitchen. We may verify your identity, account control, and authorization before responding. We aim to respond within timelines required by applicable law.

Regional Disclosures

European Economic Area, United Kingdom, and Switzerland

You may have rights under the GDPR, UK GDPR, Swiss law, and related rules. International transfers may rely on adequacy decisions, standard contractual clauses, the UK International Data Transfer Agreement or Addendum, vendor safeguards, supplementary measures, or another lawful transfer mechanism.

California and other U.S. states

California residents may have rights under the CCPA as amended by the CPRA, including rights to know, access, delete, correct, opt out of sale or sharing, limit certain sensitive-information uses, and non-discrimination. Cookie does not sell personal information or provide advertisers access to personal data. If practices change in a way that triggers opt-out rights, we will provide required notices and controls.

India

Cookie aims to process digital personal data consistently with the Digital Personal Data Protection Act, 2023 and applicable rules as they take effect. Depending on implementation and law, users may have rights to access information about processing, correction, completion, updating, erasure, grievance redressal, nomination, and withdrawal of consent.

Australia, Canada, and Singapore

Where the Australian Privacy Principles, PIPEDA or substantially similar Canadian laws, or Singapore's Personal Data Protection Act apply, Cookie aims to honor applicable access, correction, consent, complaint, accountability, safeguard, and transfer principles.

Security

We use technical and organizational measures designed to protect personal information. No system is completely secure, but we work to reduce risk and respond responsibly.

Encryption and transport

We use HTTPS, TLS, and encryption or equivalent safeguards where appropriate for sensitive data.

Access controls

We apply least privilege, authentication controls, role-based access, administrative restrictions, and review practices.

Audit logging and monitoring

We use logs, alerts, diagnostics, and monitoring to detect reliability, abuse, and security events.

Infrastructure and continuity

We use secure software development practices, vendor review, backups, incident response planning, and business continuity measures.

If we identify a security incident affecting personal information, we will investigate, mitigate harm, and notify affected users or regulators where required by law.

Children's Privacy

Cookie is designed for general audiences who manage cooking, recipes, and kitchen inventory. It is not directed to children under the age required by applicable law to use online services without parental consent. We do not knowingly collect personal information from children in violation of applicable law.

If you believe a child provided personal information without appropriate consent, contact us. Parents and guardians should supervise children's use of cooking technology, heat, knives, appliances, ingredients, and allergy-sensitive foods.

Contact

For privacy questions, rights requests, account deletion, complaints, appeals, or security concerns, contact Cookie:

Please include enough information for us to understand and verify your request. Do not send highly sensitive information by email unless necessary.