Short version. We keep your email so you can sign back in, we keep the recipes you import so they show up in your library, and we hand the recipe text to AI providers so they can generate the conversion. No ad networks, no data brokers, no retargeting. Full details below.
Dishdraft ("Dishdraft," "we," "us") is the controller of your personal data under EU/UK GDPR and the equivalent "business" under CCPA/CPRA. Contact: privacy@dishdraft.com.
EU representative (Art 27 GDPR). To be appointed before EU launch — details will appear here. Until appointed, EU residents may reach us at privacy@dishdraft.com.
UK representative (UK GDPR Art 27). To be appointed. Same address.
We only collect what we need to run the service. Here's the full list.
| Data | Why | Lawful basis (EU/UK) | Retention |
|---|---|---|---|
| Email address | Authenticate you, tie recipes to your account, send magic-link sign-in emails | Contract (Art 6(1)(b)) | Until account deletion |
| Screenshots you import | Run through AI vision to extract recipe text. Images are not saved in our database; we send them to our AI vision provider and discard. | Contract (Art 6(1)(b)) | Not stored by us. The AI vision provider retains API inputs per its own policy (typically ≤30 days). |
| Extracted recipe (title, ingredients, steps, macros, source URL) | Power your library, re-convert to different diets, populate the public feed if you choose to share | Contract (Art 6(1)(b)) | Until you delete it or close your account |
| Diet type, allergies, dislikes, pantry preferences | Personalize every conversion to your diet without re-asking | Explicit consent (Art 9(2)(a)) — captured at onboarding. These are treated as special-category "data concerning health." | Until you delete it or close your account |
| Ratings, comments, tags, cook-success flags | Feed community feedback back into future conversions and display on the public feed (no email shown) | Consent (Art 6(1)(a)) — captured when you submit a rating | Until you delete the rating or your account |
| Subscription + billing state (tier, trial end date, usage counters, Stripe customer + subscription IDs) | Enforce fair-use caps, service tiers, and auto-renewal | Contract (Art 6(1)(b)); legal obligation for tax/accounting records (Art 6(1)(c)) | Seven years from last billing event (tax law); the rest cascades on account deletion. |
| Device fingerprint (SHA-256 hash of browser + screen + timezone + canvas signals) | Prevent a single device from re-creating multiple free-tier accounts | Legitimate interest (Art 6(1)(f)) — fraud prevention | 24 months rolling. Delete your account at any time to unlink the hash from your identity. |
| HTTP request logs (IP, user-agent, endpoint, timestamp) | Security monitoring, rate-limiting, debugging | Legitimate interest (Art 6(1)(f)) | 30 days rolling |
Your diet type, allergies, and dislikes can reveal information about your health condition. We treat them as sensitive personal information under CPRA and special category data concerning health under GDPR Art 9. We process them only with your explicit consent, captured at onboarding. You can revoke consent at any time by deleting those fields in Settings or deleting your account entirely; revocation doesn't affect the lawfulness of processing before revocation.
We share the minimum data needed to run each feature. Every processor below is contractually bound to process data only on our instructions and to apply appropriate security.
| Processor | What we share | Why |
|---|---|---|
| Supabase | All of the above (they host the database + auth) | Database, magic-link email, edge compute |
| OpenAI | Screenshots + extracted text (no email) | GPT-4o-mini vision extraction + GPT-4o conversion |
| Anthropic | Extracted recipe text, your diet preferences (no email) | Claude Haiku 4.5 for cooking-coherence validation |
| Google Vertex AI | Recipe nickname, cuisine, ingredient list (no email, no screenshot) | Imagen 4 Fast — generate the AI hero photo for each variant |
| Stripe | Email, user ID, payment method (Stripe collects the card — we never see it) | Subscription billing, customer portal, webhook sync (web only) |
| Apple Inc. | App Store account ID + transaction ID (Apple, not us, sees your payment method) | Process iOS in-app subscriptions via StoreKit 2 |
| Google LLC (Play Billing) | Play account ID + purchase token (Google, not us, sees your payment method) | Process Android in-app subscriptions via Play Billing |
| Vercel | HTTP request metadata (IP, path, user-agent) | Web hosting, edge CDN |
| YouTube Data API (Google) | Only the YouTube video URL you paste | Fetch public captions when you share a YouTube link. No account or email disclosed. |
| Meta Graph API + oEmbed endpoints | Only the Instagram / TikTok / Facebook URL you paste | Fetch public captions. No account or email disclosed. |
We do not sell your personal data and we do not share it for cross-context behavioural advertising. Our AI processors do not train their models on your recipes. OpenAI's API Business Terms, Anthropic's Commercial Terms, and Google Cloud's Vertex AI data governance all commit in writing that API inputs are not used to train, fine-tune, or otherwise improve their foundation models. They process your recipe content only to return the result of the request you asked for, and discard it on their own retention schedules (typically ≤30 days).
Our primary infrastructure runs in the United States. Each of the processors above is either (a) certified under the EU–US Data Privacy Framework or the UK Extension to the DPF, or (b) bound to us by the European Commission's 2021 Standard Contractual Clauses (Module 2, Controller → Processor), or both. We review transfer safeguards at least annually and maintain Transfer Impact Assessments on file; email privacy@dishdraft.com if you want to see ours.
We keep a single item in your browser's localStorage called dishdraft.session — it holds the Supabase auth token so you don't have to sign in every visit. This is strictly necessary for the service to work and does not require consent under ePrivacy rules.
We do not use third-party analytics, marketing pixels, or session-replay tools. We do not set advertising cookies. Stripe may set its own strictly-necessary fraud-prevention cookies when you open the Checkout or Billing Portal — those are Stripe's, governed by Stripe's policy.
We do not load Google Fonts or other third-party CDNs on this site — Playfair, Caveat, and Inter are self-hosted from /fonts/ so your IP address is never disclosed to Google.
Under GDPR and UK GDPR you have the right to: access a copy of your data, rectify it, erase it, restrict or object to processing, request portability, withdraw consent, and lodge a complaint with your local supervisory authority. Under CCPA/CPRA, California residents additionally have the right to know, to delete, to correct, and to opt out of sale/sharing (we do not sell or share, but the link is there to exercise anyway). Under Washington's My Health My Data Act, Washington residents have the right to access and delete consumer health data.
Most of these you can exercise in one click:
You can also email privacy@dishdraft.com and we'll respond within one month (extendable to three under Art 12(3) for complex requests — we'll tell you if we need the extension).
Right to lodge a complaint. If you believe we've mishandled your data you can complain to your national data protection authority — for example the UK ICO (ico.org.uk), France's CNIL, Germany's BfDI, Ireland's DPC, or the EDPB. We'd rather hear from you first, but that's your call.
For purposes of the CCPA/CPRA, in the past 12 months we collected the categories of personal information listed in §2 above and disclosed them to the service providers listed in §4. We do not sell personal information and we do not share it for cross-context behavioural advertising. California residents have the right to know, delete, correct, and opt out of sale/sharing — use the in-app buttons in Settings or email privacy@dishdraft.com with "CCPA Request" in the subject. We honour the Global Privacy Control signal as an opt-out of sale/sharing.
Right to know — AI processing. California residents have the right to know that recipe text and the screenshots you import are processed by the AI service providers named in §4 above (OpenAI, Anthropic, and Google Vertex AI) for the sole purpose of converting recipes to your chosen diet. Those vendors do not train on, retain beyond their published windows, or otherwise re-purpose your data — see §4 for the contractual commitments we rely on.
Dishdraft is not for children. You must be at least 16 years old to use the service in the EU/UK, or 13 years old elsewhere (where the minimum local age is lower we still require 13, and if you're 13–17 you must have a parent's consent to use Dishdraft). If we learn we've collected data from someone younger we'll delete it. Parents who believe their child signed up without permission can email privacy@dishdraft.com.
We use HTTPS everywhere, encrypted-at-rest databases, scoped service-role keys, row-level security on every user table, and we never ship a client-side secret. We regularly review access logs for the service-role key and rotate it on a schedule. Despite all of that, no service on the internet is 100% secure — if you discover a vulnerability, email security@dishdraft.com.
Dishdraft is an AI cooking tool. When you import a recipe, the following automated processing happens on third-party AI infrastructure named in §4:
We never send your email, name, payment method, or other directly-identifying personal information to these vendors. They see only the recipe content and your dietary preferences for the duration of one inference call. You can download the full record of what we hold (and therefore what was sent) any time via Settings → Your data & account → Download my data.
The AI conversion is automated, but it doesn't produce a decision with legal or similarly significant effects on you (Art 22 GDPR doesn't apply). You always choose whether to cook the recipe, and you can re-convert, remix, or delete it if you don't like the output. AI output may be incomplete, inaccurate, or unsuitable for your situation — see §3 of the Terms for the cooking + safety disclaimers and your responsibility to verify allergens against the original ingredient labels.
We'll update this page when the service changes. The date at the top always reflects the current version. Material changes — new processors, new data categories, new lawful bases — will be announced by email to signed-in users at least 14 days before they take effect.
Privacy questions and data-rights requests: privacy@dishdraft.com.
Security disclosures: security@dishdraft.com.
Everything else: support@dishdraft.com.