Privacy Policy

Last updated: May 2026

The short version

We do not store information that was not provided voluntarily. We do not sell your data — not now, not ever.

What we collect

We only store data you explicitly give us:

  • Account info — username, email address, and a hashed (never plain-text) password when you register.
  • Profile details — any optional information you add to your profile (display name, avatar, etc.).
  • Cookbook content — titles, descriptions, and page images you upload. These are stored securely on AWS S3.
  • Orders — shipping address, items purchased, and payment status. We do not store card numbers or payment credentials; payments are processed by PayPal.
  • Messages — direct messages you send to friends through the platform.

What we do not collect

  • We do not use advertising trackers or third-party analytics.
  • We do not fingerprint your browser or device.
  • We do not collect data passively — only what you choose to submit.

Cookies & sessions

We use a single session cookie to keep you logged in. No tracking cookies, no cross-site cookies. The session cookie is deleted when you log out or close your browser session.

How we use your data

  • To operate your account and authenticate you securely.
  • To process and fulfill orders you place.
  • To display cookbooks and messages you create.

We do not use your data for advertising, profiling, or any purpose beyond running the service.

Data sharing

We do not sell, rent, or trade your data with any third party. The only external services that touch your data are:

  • PayPal — processes payments. Their privacy policy governs payment data.
  • AWS S3 — stores uploaded images (cookbooks, product images). Files are private by default.
  • Heroku — hosts the application and database.

Your rights

You can:

  • Update or delete your account information at any time from your profile.
  • Delete your cookbooks and uploaded content from the cookbooks section.
  • Request complete removal of your account and all associated data by contacting us.

Data retention

Your data is kept as long as your account is active. If you request account deletion, all personal data is permanently removed within 30 days.

Contact

Questions about this policy or your data? Use the contact form in the FAQ or reach us through the store.