Privacy

Accounts

recipes.im does not require an email or password. When you install the app, the device generates a random per-device token and a per-household ID. That token is what authenticates requests to our servers. We do not link it to your name, email, phone number, or social profile.

A household groups one or more devices so they can share the same recipe library and grocery list. Joining a household uses a short-lived invite code; nothing else is shared between members.

What we store

• Recipes you save. The URL you shared, the parsed recipe in plain-text Cooklang format, and an image. Stored in Vercel Blob, scoped to your household.
• Household preferences. Units (metric/imperial), declared allergens, and a few cooking preferences. Stored in your household's SQLite database (replicated via Turso) and on-device.
• Operational logs. Server logs include the request URL, your device token (truncated), and timing. Used to debug failed imports.
• Analytics events. Anonymous device-scoped events like "app opened", "recipe imported", and per-step extraction traces. We use these to find broken importers and decide what to improve next.

What we do not collect

• No name, email, phone, or social profile.
• No location data.
• No contacts, photos, calendar, or microphone access.
• No advertising identifiers. We do not show ads and we do not sell, rent, or share data with advertisers.

Importing from the web

When you share a URL into recipes.im, the URL is sent to our server so it can fetch the page, extract the recipe, generate an image if the source has none, and convert it to Cooklang. The page contents are processed only to produce your recipe; we do not retain the raw page after extraction.

For Instagram, TikTok, YouTube, and Facebook, the app extracts the caption and cover image directly on your phone (those platforms block our datacenter IPs) and sends only the extracted caption + cover URL + author to our server. Video files are never uploaded.

Third parties

The app uses the following services strictly to deliver its core features. None of them receive your identity beyond what's necessary to fulfil the request, and none of them combine your recipes data with their own user profiles.

• Vercel — application hosting, Blob storage for recipes and images, log drains.
• Turso — managed libSQL/SQLite database for per-household data.
• Google (Gemini API) — converts the page text into a structured Cooklang recipe and generates a cover image when the source has none. Per Google's API terms, prompts and outputs are not used to train Google's general models.
• Exa and Firecrawl — fallback web scrapers used only when the primary path fails. They receive the URL of the recipe page only.
• Lemonfox — used to transcribe the audio of video recipes into text. Used only for video imports.
• Google BigQuery — internal storage of server logs and anonymous analytics events.

Your data, your call

• Export. Every recipe is a plain-text .cook file. You can export your whole library from the app at any time. No lock-in.
• Delete a recipe. Long-press a recipe and delete; the file and image are removed from Blob immediately.
• Delete the household. Email john.kueh.dev@gmail.com with your household ID (Settings → Debug info) and we'll wipe the database, blobs, and analytics events tied to it.

Children

recipes.im is a general-audience cooking app. It is not directed at children under 13 and does not knowingly collect data from them.

Changes

If we materially change this policy we'll update the date at the top and call out the change in the app's release notes. Older versions are available in our git history on request.

Contact

John Kueh — john.kueh.dev@gmail.com. For help with the app, see Support.