CookCanvas Privacy Policy

CookCanvas (“we”) is built on the principle of data minimization: if we don’t need it, we don’t collect it; if it can stay on your device, it stays on your device. This policy describes what we actually process, why, and the rights you have.

1. What we collect

• Apple sign-in identifier — the identifier produced when you use Sign in with Apple, used only for sign-in and account recovery. We do not require your real name or email (unless you choose to share them through Apple).
• Content you create — the cuisine preferences, targets, and allergens you set, the meal plans you generate, and the nutrition logs you approve. This content is used solely to provide the service to you.
• What we do not collect — health, diet, or medical data; advertising identifiers; location data. The app contains no third-party advertising or tracking SDKs.

2. Local-first storage

Your weekly plans, shopping lists, nutrition logs, and fridge inventory are stored first in a database on your own device and work offline. Account-linked data is stored in a cloud database protected by row-level security (RLS), accessible only by you. We never sell your information or use it for advertising.

3. Photos and AI processing

• Fridge photos are not retained: photos you take are transmitted only to perform the ingredient recognition for that request and are discarded once processing completes. They are not stored on our servers. The resulting ingredient list is saved locally on your device.
• AI requests are routed through our self-hosted gateway to the third-party AI provider OpenAI (GPT-series models), used solely to generate the result you requested in real time (meal plans, ingredient recognition, shopping-list grouping). We do not send your name, Apple sign-in identifier, or location to the AI provider; content submitted via the API is not used for model training.
• AI output is firewalled: content crossing into medical or weight-loss territory is filtered by both client-side and server-side safeguards.

4. Nutrition data source

Nutrition values cite the public USDA FoodData Central database operated by the U.S. Department of Agriculture; querying this public database involves none of your personal information.

5. Data deletion

You can delete your account at any time in-app (Settings → Delete account). Upon confirmation, your plans, inventory, nutrition logs, and all associated data are cascade-deleted and permanently removed from our servers within 7 days, irreversibly.

6. Third-party services

We use only the following third-party services, each strictly necessary to provide the service:

• Apple App Store / StoreKit — subscription and payment processing
• Sign in with Apple + Supabase — authentication and account data storage (RLS-isolated)
• RevenueCat — subscription status aggregation (never touches your card details)
• OpenAI (routed via our self-hosted gateway newapi.zweiteng.tk) — real-time generation of meal plans and ingredient recognition from your input; not used for model training, photos not retained
• USDA FoodData Central — public nutrition database lookups

7. Children’s privacy

CookCanvas is not directed at children under 13, and we do not knowingly collect personal information from children under 13.

8. Changes to this policy

Material changes will be announced in-app and require re-acknowledgement. Continued use of the app constitutes acceptance of the updated policy.

9. Contact

For privacy questions, contact privacy@sanva.tk.