Privacy Policy

1. Introduction

Welcome to imkitchen ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our meal planning platform and services.

By using imkitchen, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when using our services:

• Account Information: Name, email address, username, and password
• Profile Information: Dietary restrictions, household size, cuisine preferences
• Recipe Information: Recipes you create, import, share, or favorite
• Meal Plans: Generated meal plans and shopping lists
• Payment Information: Credit card details processed through secure third-party payment processors (we do not store full card numbers)
• Communications: Messages sent through contact forms, support requests, and feedback
• Community Content: Recipe ratings, reviews, and comments

2.2 Automatically Collected Information

We automatically collect certain information when you use our services:

• Usage Data: Features accessed, meal plans generated, recipes viewed (aggregate and anonymized)
• Device Information: Browser type, operating system, device type
• Log Data: IP address, access times, error logs

2.3 Information We Do NOT Collect

• We do <strong>not</strong> use cookies for individual user tracking
• We do <strong>not</strong> collect behavioral analytics beyond aggregate usage metrics
• We do <strong>not</strong> sell your personal information to third parties
• We do <strong>not</strong> use advertising or marketing trackers

3. How We Use Your Information

We use your information for the following purposes:

• Service Delivery: Generate meal plans, create shopping lists, pair accompaniments with main courses
• Account Management: Maintain your account, manage subscriptions, process payments
• Personalization: Apply dietary restrictions, respect cuisine preferences, customize meal suggestions
• Community Features: Enable recipe sharing, display ratings and reviews
• Communication: Send notifications, respond to support requests, provide service updates
• Platform Improvement: Analyze aggregate usage patterns to improve features and performance
• Security: Protect against fraud, abuse, and security threats
• Legal Compliance: Comply with legal obligations and enforce our terms

4. Data Sharing and Disclosure

4.1 Public Information

When you share recipes with the community, the following information becomes publicly visible: recipe name, description, ingredients, instructions, dietary tags, cuisine type, your username, and user ratings/reviews. You control what you share through recipe sharing settings.

4.2 Service Providers

We share information with trusted third-party service providers who assist in operating our platform:

• Payment Processors: For subscription billing and payment processing
• Cloud Hosting: For data storage and application hosting
• Email Services: For transactional emails and notifications

These providers are contractually obligated to protect your information and use it only for the specified purposes.

4.3 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights, safety, or property.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5. Recipe and Meal Plan Data

5.1 Recipe Snapshots

When meal plans are generated, we create snapshots/copies of all referenced recipes (including community recipes). This ensures your historical meal plans remain intact even if the original recipe creator deletes or modifies their recipe.

5.2 Recipe Deletion

When you delete a shared recipe, it is removed from community search and other users' favorites. However, recipe snapshots in previously generated meal plans are preserved for those users.

5.3 Imported Recipes

Recipes imported via JSON are stored as private by default. You control whether to share them with the community. We do not claim ownership of your imported recipes.

6. Data Retention

We retain your information for as long as necessary to provide our services:

• Account Data: Retained while your account is active
• Meal Plans: Retained while your account is active
• Payment Records: Retained for 7 years for tax and accounting purposes
• Support Communications: Retained for 2 years
• Aggregate Analytics: Retained indefinitely in anonymized form

When you delete your account, we delete or anonymize your personal information within 30 days, except where retention is required by law.

7. Your Rights and Choices

You have the following rights regarding your personal information:

7.1 Access and Portability

You can access and download your data (recipes, meal plans, preferences) through your account settings.

7.2 Correction

You can update your account information, profile settings, and recipes at any time.

7.3 Deletion

You can delete your account through account settings. This will permanently delete your personal information, recipes (except snapshots in other users' meal plans), and meal plans.

7.4 Opt-Out of Communications

You can manage notification preferences in your account settings. You may opt out of promotional emails but will continue to receive essential transactional emails (password resets, subscription changes).

7.5 GDPR Rights (EU Users)

If you are located in the European Union, you have additional rights under GDPR:

• Right to object to processing
• Right to restriction of processing
• Right to lodge a complaint with a supervisory authority

8. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: Data in transit is encrypted using TLS/SSL; sensitive data at rest is encrypted
• Authentication: Secure JWT-based cookie authentication
• Access Controls: Strict role-based access controls for admin and user data
• Security Standards: OWASP security best practices for all implementations
• Payment Security: PCI-DSS compliant payment processing (we do not store full card numbers)

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

9. Children's Privacy

Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us, and we will delete such information promptly.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using our services, you consent to such transfers. We ensure appropriate safeguards are in place for international transfers.

11. Third-Party Links

Our services may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy on this page
• Updating the "Last updated" date
• Sending an email notification for significant changes

Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: