Skip to main content

Privacy Policy

Last Updated: January 21, 2025

1. Introduction

Welcome to imkitchen ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our intelligent meal planning platform.

By using imkitchen, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our service.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when using our service:

  • Account Information: Email address, password (hashed with Argon2), and account preferences
  • Profile Information: Dietary restrictions, household size, cooking skill level, weeknight availability
  • Recipe Data: Recipes you create, including titles, ingredients, instructions, images, preparation times, and course classifications
  • Usage Data: Meal plans you generate, recipes you favorite, shopping lists, and meal replacements
  • Community Content: Recipes you share publicly, ratings, and reviews you submit
  • Subscription Information: Premium subscription status and payment details (processed securely via Stripe)

2.2 Automatically Collected Information

We automatically collect certain information when you use our service:

  • Device Information: Browser type, operating system, device identifiers
  • Usage Analytics: Pages visited, features used, time spent on platform, interaction patterns
  • Performance Data: Application errors, performance metrics, feature usage statistics
  • Location Data: General geographic location (city/region level) derived from IP address for service optimization

2.3 Cookies and Tracking Technologies

We use the following technologies:

  • Authentication Cookies: HTTP-only, secure cookies for session management (JWT tokens, 7-day expiration)
  • Local Storage: Offline data caching for PWA functionality (recipes, meal plans, shopping lists)
  • Service Workers: Background sync and offline support
  • Analytics: OpenTelemetry for performance monitoring (anonymized)

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: Generate personalized meal plans, create shopping lists, provide recipe recommendations
  • Account Management: Authenticate users, manage subscriptions, enforce free tier limits (10 recipes)
  • Communication: Send preparation reminders, cooking notifications, important service updates
  • Improvement: Analyze usage patterns to improve meal planning algorithms, enhance user experience
  • Community Features: Display shared recipes, aggregate ratings, facilitate recipe discovery
  • Security: Detect fraud, prevent abuse, ensure platform integrity
  • Legal Compliance: Comply with applicable laws and regulations

4. Data Sharing and Disclosure

4.1 Public Information

When you share recipes to the community, the following information becomes publicly visible: recipe title, ingredients, instructions, images, your username, ratings, and reviews. Shared recipes are indexed by search engines for community discovery.

4.2 Service Providers

We share data with trusted third-party service providers:

  • Payment Processing: Stripe (for premium subscriptions) - credit card data handled exclusively by Stripe, we never store payment details
  • Email Services: SMTP provider (for password reset emails, notifications) - only email addresses shared
  • Image Storage: MinIO S3-compatible storage (for recipe images) - images only, no personal data
  • Infrastructure: Cloud hosting providers (servers, databases) - encrypted data at rest and in transit

4.3 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

5. Data Retention

We retain your information as follows:

  • Account Data: Retained while your account is active
  • Event Sourcing: Domain events stored permanently for audit trail (anonymized on account deletion)
  • Community Content: Shared recipes retained indefinitely (anonymized author on account deletion)
  • Analytics Data: Aggregated, anonymized analytics retained for service improvement
  • Deleted Accounts: Personal identifiers replaced with anonymized values within 30 days of deletion request

6. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of your personal data in JSON format (available via Profile settings)
  • Correction: Update inaccurate or incomplete information via Profile page
  • Deletion: Request account deletion (anonymizes personal data, retains anonymized events)
  • Portability: Export your recipes, meal plans, and profile data (future feature)
  • Opt-Out: Unsubscribe from notifications via Notification Settings
  • Objection: Object to certain data processing activities

To exercise these rights, contact us at privacy@imkitchen.app or use the Profile settings page.

7. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: TLS 1.3 for data in transit, encrypted database storage
  • Authentication: Argon2 password hashing (OWASP-recommended), JWT tokens with HTTP-only cookies
  • Infrastructure: Regular security updates, vulnerability scanning, penetration testing
  • Access Control: Role-based access, least-privilege principle
  • Monitoring: Real-time security alerts, audit logging via OpenTelemetry

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

8. Children's Privacy

imkitchen is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately at privacy@imkitchen.app.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using imkitchen, you consent to the transfer of your information to our servers and service providers globally. We ensure appropriate safeguards are in place for such transfers.

10. Third-Party Links

Our service may contain links to third-party websites (e.g., community recipe sources, payment processors). We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on this page and updating the "Last Updated" date. Your continued use of imkitchen after changes indicates acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@imkitchen.app

Data Protection Officer: dpo@imkitchen.app

Response Time: We aim to respond to all inquiries within 30 days

GDPR & CCPA Compliance

imkitchen complies with the General Data Protection Regulation (GDPR) for users in the European Economic Area and the California Consumer Privacy Act (CCPA) for California residents. You have the right to access, correct, delete, and port your personal data. For GDPR or CCPA-specific requests, contact privacy@imkitchen.app with "GDPR Request" or "CCPA Request" in the subject line.

Back to Home