Privacy Policy

Effective date: 2026-05-14

This Privacy Policy applies to the RecipePad mobile application (the "Application"), operated by Marko Polietaiev ("Service Provider", "we", "us").

1. Information We Collect

1.1 Information you provide directly

• Guest access data: if you choose to continue as a guest, we may create a temporary guest account for browsing and store an internal guest account identifier.
• Account data: email address, username, password (stored as a secure hash, not plain text).
• Authentication and recovery data: email verification and password reset codes.
• OAuth sign-in data (if used): provider identifier and provider account subject ID (for example Apple/Google account ID token subject claim).
• User content: recipes, notes, links, tags, ingredient data, and uploaded images.
• Support contact data: information you include when contacting support.

1.2 Information collected automatically

• Device/app data: device identifiers (for example IDFV), app version, operating system, and related diagnostics.
• Ads-related identifiers: advertising identifier (IDFA) may be used by ad SDKs where permitted by platform settings and consent.
• Ads consent and privacy choices: consent status, privacy choices, and related consent strings or signals may be stored or processed by Google AdMob/User Messaging Platform where required for advertising privacy regulations.
• Usage and diagnostics: analytics events, crash diagnostics, and technical log data.
• Account/session activity metadata: timestamps and related session metadata that help us determine recent account activity, maintain sessions, and enforce retention rules for temporary guest access.
• Network/operation metadata (for example IP address) may be processed by our infrastructure and third-party service providers for security, performance, and abuse prevention.

2. How We Use Information

We use information to:

• create and manage accounts and authenticate users;
• provide temporary guest browsing access and convert guest users to registered users when they choose to sign up or sign in;
• provide Application functionality;
• secure accounts and prevent abuse or fraud;
• operate, monitor, and improve app performance and reliability;
• manage session lifecycle and apply retention or cleanup rules for inactive temporary guest accounts;
• deliver and measure ads in supported tiers;
• request, store, apply, and honor advertising consent and privacy choices where required by applicable regulations;
• respond to support requests and required operational notices.

Marketing communications

At this time, the Application does not provide a dedicated in-app marketing promotions system. If we introduce marketing communications in the future, we will update this policy and provide applicable controls/opt-out mechanisms as required by law.

Advertising consent and privacy choices

The Application uses Google AdMob and Google's User Messaging Platform to request and manage advertising consent where required, including for European regulations, applicable US state privacy choices, and Apple's App Tracking Transparency framework on iOS. Depending on your region and choices, ads may be personalized, non-personalized, limited, or unavailable.

Where required, the Application provides an in-app privacy choices entry point that lets you review or update advertising consent choices, including choices related to the sale or sharing of personal information for interest-based advertising. On iOS, the Application may also show an IDFA explainer before Apple's App Tracking Transparency prompt. If you deny tracking permission, the Application may still show ads without using IDFA for tracking.

3. Location Data

The current release of the Application does not intentionally collect precise or approximate device location for product features.

Advertising, analytics, infrastructure, and security providers may process network or device-derived location signals, such as approximate location inferred from IP address, where permitted by your settings, consent choices, and their privacy policies.

If location-based features are added in the future, this Privacy Policy will be updated before or at launch of those features, including what is collected and user controls.

4. AI Features

The current release of the Application does not use AI features to process personal data for user-facing functionality.

If AI-powered functionality is introduced in future releases, we will update this Privacy Policy to describe:

• the AI feature purpose,
• the categories of data processed,
• third-party AI providers (if any),
• available user controls.

5. Third-Party Services

The Application uses third-party services that process data under their own terms and privacy policies.

5.1 Currently used services

• Google AdMob: https://support.google.com/admob/answer/6128543
• Firebase (Analytics / Crashlytics): https://firebase.google.com/support/privacy
• Google User Messaging Platform: https://developers.google.com/admob/ios/privacy
• Google Privacy Policy: https://policies.google.com/privacy
• Apple Privacy Policy (Sign in with Apple context): https://www.apple.com/legal/privacy/
• Cloudinary (media storage): https://cloudinary.com/privacy
• Brevo (transactional email): https://www.brevo.com/legal/privacypolicy/
• Render (hosting/infrastructure): https://render.com/privacy
• Sentry (error monitoring and operational diagnostics): https://sentry.io/privacy/

5.2 Planned services (not active in current release)

• RevenueCat (subscriptions), if enabled: https://www.revenuecat.com/privacy
• Additional AI service providers, if enabled in future releases.

6. Data Sharing and Disclosure

We may disclose information:

• to service providers that process data on our behalf;
• when required by law, regulation, legal process, or enforceable governmental request;
• to protect rights, safety, security, and prevent fraud or abuse;
• in connection with a business transfer, restructuring, or similar transaction (subject to applicable safeguards).

7. Data Retention

We retain personal data for as long as needed to provide the Application and fulfill legitimate business and legal obligations. Retention may vary by data category (for example account records, security logs, support requests, and diagnostics).

Temporary guest accounts are retained for a shorter period. We may automatically delete guest accounts and related session access that have been inactive for 14 days, or after a different reasonable inactivity period if our retention settings change.

You may request deletion by contacting support@recipepad.net. Some data may be retained where required by law, security, fraud prevention, or legitimate record-keeping obligations.

8. Account Deletion and User Controls

Where available in-app, you may delete your account. You may also request account/data deletion by contacting support@recipepad.net.

Where required by your region or ad privacy settings, you may manage advertising privacy choices in the Application settings.

If you use the Application as a guest, your guest access may end automatically after a period of inactivity. If that happens, you may need to sign in, sign up, or start a new guest session to continue using the Application.

You can stop all app data collection by uninstalling the Application, subject to data already processed or retained as described in this policy.

9. Security

We use reasonable technical and organizational safeguards designed to protect personal data. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

10. Children's Privacy

The Application is not directed to children under 13, and we do not knowingly collect personal data from children under 13. If you believe a child has provided personal data, contact support@recipepad.net and we will take appropriate steps.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version with a revised effective date.

12. Contact

If you have questions about this Privacy Policy or data practices, contact:

support@recipepad.net