Privacy Policy

Last updated: April 13, 2026

Introduction

Welcome to CookingGuru. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile application, and related services (collectively, the "Services"). CookingGuru is operated from the United Kingdom and complies with UK and EU data protection laws, including UK GDPR and EU GDPR.

Information We Collect

We collect the following information to provide and improve our Services:

Information You Provide

  • Name and email address (provided through authentication)
  • Recipe content you interact with, including recipes you save, favourite, and request
  • URLs you submit for recipe extraction, including via the iOS Share Extension
  • Messages you send through our contact form

Information Collected Automatically

  • Device information (browser type, operating system)
  • IP address
  • Anonymous usage analytics (page views, referrers, country-level location)
  • Cookies essential for authentication
  • On our mobile app, a randomly generated installation identifier (UUID) stored on your device to authenticate API requests

Purchase Information

  • Subscription status, product identifiers, and transaction identifiers for managing your subscription
  • We do not collect or store your payment card details. Payments are processed securely by Apple (App Store) and Stripe (website).

Authentication Providers

We support login through:

  • Google
  • Apple (iOS app)
  • Email link (passwordless sign-in)

When you use a third-party authentication provider, they will share your name and email address with us. Please refer to their respective privacy policies to understand how they handle your data:

Authentication is managed through Firebase Authentication, a service provided by Google. Firebase processes authentication tokens and session data on our behalf.

How We Use Your Information

We use the collected information solely for:

  • Account creation and management
  • Providing and improving our Services
  • Processing and managing your subscriptions
  • Responding to your requests and inquiries
  • Analysing aggregated, anonymous usage patterns to improve our Services
  • Protecting against abuse, fraud, and unauthorised access
  • Complying with legal obligations

Analytics

We use Umami, a privacy-focused analytics service, to understand how our website is used. Umami does not use cookies, does not collect personal data, and does not track users across websites. The data collected includes page views, referrer URLs, browser type, operating system, and country-level location. All analytics data is aggregated and anonymous.

Payments and Subscriptions

We offer paid subscription plans. Payments are processed by third-party providers:

  • Apple App Store — for in-app purchases on iOS. Apple processes your payment and shares transaction details (product ID, transaction ID, expiration date) with us to manage your subscription.
  • Stripe — for purchases on our website. Stripe processes your payment details directly. We do not receive or store your payment card information.

Please refer to Apple's Privacy Policy and Stripe's Privacy Policy for details on how they handle your payment data.

Bot Protection

We use Cloudflare Turnstile to protect our Services from automated abuse. Turnstile may process data such as your IP address and browser characteristics to verify that you are a real user. This processing is carried out by Cloudflare on our behalf.

Third-Party Service Providers

We share data with the following third-party processors who act on our behalf to provide and support our Services:

  • Firebase (Google) — authentication and infrastructure
  • Cloudflare — content delivery, security, and bot protection
  • Umami — anonymous website analytics
  • Stripe — payment processing (website)
  • Apple — authentication and payment processing (iOS)

These providers process data only as necessary to perform their services and are bound by their own privacy policies and applicable data protection laws.

Mobile App and On-Device Storage

Our iOS app stores certain data locally on your device to provide a seamless experience:

  • Cached recipe data for offline access (stored in the app cache directory)
  • Your display preferences (such as dark mode)
  • A randomly generated installation identifier used to authenticate API requests
  • Queued recipe URLs shared via the iOS Share Extension

This data remains on your device and is cleared when you delete your account or uninstall the app. The iOS Share Extension allows you to send URLs from other apps to CookingGuru for recipe extraction. The URL and its metadata are processed by our servers to provide the service.

Data Retention and Deletion

You can request deletion of your account through any of the following:

  • The Account Settings section of our website or mobile app
  • Emailing your request to [email protected]

When you delete your account:

  • All personal data will be permanently deleted from our systems
  • This process is irreversible
  • Deletion will be completed within 30 days of your request

Legal Basis for Processing (UK/EU Users)

Under UK and EU data protection laws, we process your personal data on the following legal bases:

  • Contract: Processing is necessary to provide you with our services
  • Consent: For authentication through third-party providers
  • Legal Obligation: To comply with applicable laws
  • Legitimate Interests: To protect our services and users

International Data Transfers

While CookingGuru is based in the UK, our services are accessible worldwide. Your data may be processed in countries outside the UK/EU. We ensure appropriate safeguards are in place for such transfers in accordance with applicable data protection laws.

Your Rights

Under UK and EU data protection laws, you have the right to:

  • Access your personal information
  • Correct inaccurate data
  • Request deletion of your data
  • Withdraw consent
  • Object to processing
  • Request data portability
  • Lodge a complaint with a supervisory authority

To exercise these rights, please use the account settings or contact us directly.

Data Security

We implement appropriate technical and organizational measures to protect your personal information. However, no method of transmission over the Internet is 100% secure.

Children's Privacy

Our services are not intended for children under 13 (or the relevant age in your jurisdiction). We do not knowingly collect information from children.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

Contact Us

If you have any questions about this Privacy Policy or your personal data, please contact us at: [email protected]

Supervisory Authority

If you are in the UK and believe we have not adequately addressed your data protection concerns, you have the right to lodge a complaint with the Information Commissioner's Office (ICO)

Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of the United Kingdom.