Spoonet Privacy Policy
This Privacy Policy explains what data Spoonet processes, why it is used, and what rights users have when using the Spoonet mobile application.
1. Data Controller
The controller responsible for data related to the operation of the Spoonet application is the owner of Spoonet.
Email: kontakt@spoonet-app.com
2. What Data We Collect
Depending on how you use Spoonet, we may process:
- account data, such as your email address, user ID, and display name;
- profile data, such as your profile photo, bio, and app language;
- food preference data, such as dietary style, allergies, disliked products, and calorie counter settings;
- user-entered data, such as pantry items, shopping list entries, personal recipes, comments, reactions, and direct messages;
- community content data, such as public recipes, public comments, follows, and social activity within the app;
- technical and diagnostic data, such as device tokens for push notifications, installation identifiers, app usage analytics, app error reports, and security-related service information;
- Premium-related data, such as Premium status, plan, activation source, expiration dates, product IDs, purchase IDs, and purchase tokens used to verify subscriptions;
- photos uploaded by the user, for example profile images or recipe images;
- nutrition and cooking history data, if the user enables calorie tracking, marks recipes as cooked, or uses nutrition-related features.
3. Why We Use Data
We use data in order to:
- create and maintain user accounts;
- enable sign-in, profile management, and app personalization;
- show recipe suggestions that match the user's dietary preferences;
- support pantry management, shopping lists, history, and favorites;
- support community features, including public recipes, comments, reactions, follows, and direct messages;
- send in-app notifications and push notifications;
- measure selected feature usage and improve app analytics;
- operate and verify Premium features;
- improve app stability, safety, and service quality;
- review bug reports, abuse reports, moderation cases, and security issues.
4. Legal Bases for Processing
If you are located in the European Economic Area, we generally process your data on the basis of:
- performance of a contract or actions necessary to provide the app service;
- consent, where the user voluntarily enables a feature or provides optional information;
- legitimate interests, especially for safety, moderation, fraud prevention, diagnostics, and service protection;
- legal obligations, where required by law.
5. Service Providers and Third Parties
We may rely on third-party service providers that process data on our behalf only as needed to operate Spoonet, including:
- Google Firebase, for authentication, database services, file storage, push notifications, analytics, diagnostics, and App Check;
- Google Play Billing, for subscription and Premium purchases;
- Google Sign-In and Facebook Login, if the user chooses those sign-in methods;
- Open Food Facts, when the user searches for products by barcode;
- Edamam, when the user uses nutrition estimation or nutrition analysis features;
- Google ML Kit, when the user uses supported on-device text or image recognition features;
- OpenAI, when the user uses AI-powered features such as recipe search and generation, ingredient substitution suggestions, product photo analysis, recipe translation, or nutrition estimation — data such as search queries, pantry ingredient lists, dietary preferences, and product photos may be sent to OpenAI to power these features;
- Google Cloud Vision API, when the user scans a product photo — the image may be sent to this service as a supplementary product recognition mechanism;
- Resend, for sending transactional emails such as account verification and password reset — the user's email address is shared with Resend for this purpose.
We do not sell user data.
6. Public and Community Content
If a user publishes a recipe or comment as community content, that content may be visible to other users of the Spoonet app in line with the visibility settings of the feature.
Users are responsible for content they choose to publish publicly in Spoonet.
7. Data Retention
We retain data for as long as needed to operate the account and app features, or until the data is deleted by the user or administrator.
Some data may be kept longer when necessary for:
- safety and abuse prevention;
- compliance with legal obligations;
- handling complaints, reports, and moderation actions.
8. Account and Data Deletion
Users may delete their account from within the app, if that option is available, or contact us at kontakt@spoonet-app.com.
After account deletion, we delete or anonymize user data in line with the app architecture and applicable law. Some information may remain temporarily in backups or technical logs.
9. User Rights
Depending on applicable law, users may have the right to:
- access their personal data;
- correct their data;
- request deletion of their data;
- restrict processing;
- request data portability;
- object to certain types of processing;
- withdraw consent where processing is based on consent.
For privacy-related matters, please contact us at kontakt@spoonet-app.com.
10. Data Security
We apply reasonable technical and organizational safeguards to protect user data from unauthorized access, loss, alteration, or disclosure. However, no method of transmission or storage can be guaranteed to be fully secure.
11. Children
Spoonet is not intended for children. The app is designed for older teenagers and adults. If we learn that a child's data was provided without a proper legal basis, we may delete it.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. The current version should always be available at the public web address provided when the app is published.
13. Contact
For privacy and personal data matters, please contact: kontakt@spoonet-app.com