Privacy Policy

Last Updated: December 11, 2025

1. Introduction

Welcome to PeekChef. This Privacy Policy explains how Eugenio Damm ("we," "us," or "our") collects, uses, discloses, and protects your personal information when you use the PeekChef mobile application ("App").

We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and other international privacy regulations.

Data Controller:
Eugenio Damm
Location: Spain
Contact: support@peekchef.com

By using PeekChef, you consent to the data practices described in this Privacy Policy.

2. Information We Collect

2.1 Information You Provide Directly

Account Information: When you create an account, we collect:

• Email address
• Name (if using Google Sign-In or provided during registration)
• Password (encrypted, if using email/password registration)
• Profile information (if obtained through Google Sign-In)

Onboarding Information: During the initial setup, we collect:

• Dietary preferences and restrictions (e.g., vegetarian, vegan, allergies, food intolerances)
• Household size (number of people you're cooking for)
• Cooking experience level (beginner, intermediate, advanced)

Recipe History: We store:

• Recipes you have selected from our suggestions
• Date and time of recipe selections

2.2 Information Collected Automatically

Photos and Images:

• Images of your refrigerator or pantry that you upload for ingredient recognition
• These images are temporarily processed and then immediately deleted after analysis
• We do NOT permanently store your fridge or pantry photos

Location Data (Optional):

• With your explicit permission, we may collect your approximate location to provide region-specific ingredient recognition, suggest recipes based on locally available products, and improve recipe recommendations for your area
• Location collection is entirely optional and the App works without it

Device and Usage Information:

• Device type, operating system, and version
• App version and settings
• Usage statistics and interactions with the App
• Error logs and crash reports
• IP address (automatically collected)

Analytics Data: Through PostHog, we collect:

• App usage patterns and trends
• Feature engagement metrics
• Session duration and frequency
• Anonymized user behavior data

2.3 Information from Third Parties

Google Sign-In: If you sign in with Google, we receive your Google profile information (name, email) and profile photo (if you've set one). We only request the minimum necessary scopes (profile and email) and do not access other Google data.

3. How We Use Your Information

3.1 To Provide and Improve the App

• Create and manage your account
• Authenticate your identity
• Process images to identify ingredients
• Generate personalized recipe suggestions based on your preferences
• Store your selected recipes for easy access
• Customize recommendations based on dietary needs, household size, and cooking experience
• Provide location-specific suggestions (if you enable location services)

3.2 To Communicate with You

• Send important updates about the App
• Respond to your inquiries and support requests
• Send notifications about your recipes and App features (with your permission)
• Notify you of changes to our Terms or Privacy Policy

3.3 To Process Payments

• Manage your subscription
• Process payment transactions
• Prevent fraud and unauthorized access

3.4 To Analyze and Improve

• Understand how users interact with the App
• Identify usage trends and patterns
• Improve App functionality and user experience
• Fix bugs and technical issues
• Develop new features

3.5 Legal Compliance

• Comply with legal obligations
• Enforce our Terms and Conditions
• Protect our rights and the rights of others
• Detect and prevent fraud or security issues

4. Legal Basis for Processing (GDPR)

Under the GDPR, we process your personal data based on the following legal grounds:

• Contract Performance: To provide the App services you've signed up for
• Consent: For optional features like location services and marketing communications
• Legitimate Interests: To improve the App, analyze usage, prevent fraud, and ensure security
• Legal Obligation: To comply with applicable laws and regulations

5. How We Share Your Information

We do NOT sell your personal information. We share your data only in the following limited circumstances:

5.1 Third-Party Service Providers

We share information with trusted service providers who help us operate the App:

• OpenAI (ChatGPT API): We send your uploaded images to OpenAI for ingredient recognition and recipe generation. Images are processed and immediately deleted.
• Firebase: Handles user authentication. Managed by Google Cloud Platform.
• PostHog (Analytics): Processes anonymized usage and analytics data.
• Vercel: Hosts our serverless functions and backend infrastructure.
• Payment Processors (Stripe/Apple/Google): Process subscription payments. We do NOT store your credit card information.
• Google Sign-In: Authenticates your identity if you choose this login method.

All third-party service providers are contractually obligated to protect your data and use it only for the purposes we specify.

5.2 Legal Requirements

We may disclose your information if required by law or in response to valid legal process (subpoenas, court orders), government or regulatory requests, protection of our rights, property, or safety, or prevention of fraud or security threats.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. You will be notified of any such change.

5.4 With Your Consent

We may share your information for other purposes with your explicit consent.

6. Data Retention

We retain your personal information for as long as necessary to provide the App and fulfill the purposes described in this Privacy Policy:

• Account Information: Until you delete your account or request deletion
• Recipe History: Until you delete your account or request deletion
• Photos: Immediately deleted after processing (not permanently stored)
• Analytics Data: Retained in aggregated, anonymized form for up to 2 years
• Legal/Financial Records: Retained as required by law (typically 7 years)

After the retention period, we will securely delete or anonymize your personal information.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

• Encryption of data in transit (TLS/SSL)
• Encryption of sensitive data at rest
• Secure authentication protocols
• Regular security assessments
• Limited access to personal data (need-to-know basis)
• Secure cloud infrastructure (Firebase, Vercel)

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

8. Your Privacy Rights

Depending on your location, you have the following rights regarding your personal data:

8.1 Rights Under GDPR (EU/EEA Users)

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure ("Right to be Forgotten"): Request deletion of your data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to certain types of processing
• Right to Withdraw Consent: Withdraw consent at any time (where processing is based on consent)
• Right to Lodge a Complaint: File a complaint with your local data protection authority

8.2 Rights for Other Users

Even if you're not in the EU, we provide similar rights:

• Access and update your account information
• Delete your account and data
• Opt-out of marketing communications
• Disable optional features like location services

8.3 How to Exercise Your Rights

To exercise any of these rights, contact us at support@peekchef.com. We will respond to your request within 30 days (or as required by applicable law).

9. Children's Privacy

PeekChef is not intended for users under the age of 16. We do not knowingly collect personal information from children under 16.

If we discover that we have collected information from a child under 16, we will promptly delete such information. If you believe we have collected information from a child under 16, please contact us immediately.

10. International Data Transfers

PeekChef is operated from Spain. Your information may be transferred to and processed in countries outside your country of residence, including the United States (OpenAI, Firebase, Vercel, PostHog servers) and other countries where our service providers operate.

When we transfer data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Privacy Shield frameworks (where applicable)
• Data processing agreements with third-party providers

11. Cookies and Tracking Technologies

PeekChef uses minimal tracking technologies:

• Essential Cookies: Session management and authentication. Required for the App to function properly.
• Analytics: PostHog collects anonymized usage data to help us improve the App.

You can manage cookie preferences through your device settings, but disabling essential cookies may affect App functionality.

12. Third-Party Links

The App may contain links to third-party websites or services (e.g., recipe sources). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

13. Do Not Track Signals

Some browsers and devices offer "Do Not Track" (DNT) signals. Currently, there is no industry standard for responding to DNT signals. We do not respond to DNT signals but minimize tracking to only what's necessary for App functionality.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices, legal requirements, or App features.

When we make material changes, we will:

• Update the "Last Updated" date
• Notify you via email or in-app notification
• Request your consent if required by law

Your continued use of the App after changes constitutes acceptance of the updated Privacy Policy.

15. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

• Right to Know: What personal information we collect and how we use it
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of the sale of personal information (we do NOT sell personal information)
• Right to Non-Discrimination: Equal service regardless of exercising your privacy rights

To exercise these rights, contact us at support@peekchef.com.

16. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Eugenio Damm
Email: support@peekchef.com
Location: Spain

17. Supervisory Authority

If you are located in the European Union, you have the right to lodge a complaint with your local data protection supervisory authority. In Spain, this is:

Agencia Española de Protección de Datos (AEPD)
Website: https://www.aepd.es
Phone: +34 901 100 099

18. Consent

By using PeekChef, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your personal information as described herein.

For optional features (such as location services), we will request your explicit consent before collecting such data.

Thank you for trusting PeekChef with your information. Your privacy is important to us.