Privacy Policy
Last updated: June 2026
1. Data controller
The controller of your personal data is Dawid Romanowski, a sole proprietor trading as Dawid Romanowski - Analyst, ul. Husarii Polskiej 28B/1, 43-100 Tychy, Poland, Tax ID (NIP) 6463021846 (the "Operator"). Contact for data matters: contact@cook-iq-app.com. CookIQ is a home pantry management and meal-planning application.
2. What data we process
- Photos from camera or gallery โ sent to an external AI API to identify products. Photos are never stored on the server or in the database โ they are deleted from memory immediately after analysis.
- Pantry item list โ names, quantities, expiry dates. Stored in the application database.
- Recipe and shopping history โ planned and cooked meals, shopping list. Stored in the application database.
- Purchases and points โ information about purchased point packages: Google Play order ID, amount, balance and points history. Payment is handled by Google Play โ we do not process your card details.
- Preferences โ cooking style, servings โ stored locally in the browser (localStorage).
- Photo analysis consent โ status (granted/revoked), IP address, browser user-agent, and change timestamp. Stored in the database as an audit trail.
- Usage and error diagnostics data โ usage events (screen views, clicks, device/browser type, IP address) and app crash data. Processed by PostHog and Sentry (see section 3).
3. Third-party processors
We use language models from Anthropic, PBC (USA) via their API (Claude) to analyse photos and generate recipes.
- Photos and text are sent to Anthropic servers solely to fulfil the request (product recognition, recipe generation). Per Anthropic's policy, API data is not used to train their models; it may be retained temporarily (up to ~30 days) for safety and abuse monitoring, after which it is deleted (see their privacy policy).
- Preference text and ingredient lists may be sent to Anthropic to generate meal suggestions.
- Data transfer to the USA takes place under standard contractual clauses or other GDPR-compliant mechanisms.
PostHog โ product analytics
We use PostHog to analyse app usage (screen views, clicks, device and browser type, IP address) in order to improve the product. Data is processed in the EU region. We do not record the screen (session replay is disabled). Legal basis: legitimate interest (Art. 6(1)(f) GDPR). See the PostHog privacy policy.
Sentry โ error monitoring
We use Sentry to detect and diagnose app crashes. When an error occurs, technical diagnostics are sent (error type, stack trace, device/browser type, IP address) โ without the content of your recipes or photos. Data is processed in the EU region. Legal basis: legitimate interest โ stability and security (Art. 6(1)(f) GDPR). See the Sentry privacy policy.
4. Purpose and legal basis
We process data for the following purposes and on the following legal bases:
- providing the app's services (account, pantry, meal planning, processing purchases and points) โ performance of a contract (Art. 6(1)(b) GDPR);
- AI photo analysis โ your consent (Art. 6(1)(a) GDPR), which you may withdraw at any time;
- security, abuse prevention, the consent audit trail, and product analytics and error monitoring (PostHog, Sentry) โ our legitimate interest (Art. 6(1)(f) GDPR);
- accounting and tax obligations related to purchases โ legal obligation (Art. 6(1)(c) GDPR).
5. Data retention
- Photos: not stored โ processed in memory only.
- Pantry items: until manually deleted by the user.
- Recipe history: until manually deleted.
- Consent audit trail (IP, UA, timestamp): until account deletion.
- Analytics and error diagnostics (PostHog, Sentry): per those providers' policies (typically up to ~12 months), EU region.
- Non-reversible e-mail address hash: retained even after account deletion โ solely to prevent the same address from repeatedly claiming free welcome points (abuse prevention). The hash is one-way and cannot be used to recover the address.
6. Your rights
You have the right to access, rectify, erase, and port your data. You can withdraw consent for photo processing at any time in the account settings ("My Account"). You have the right to lodge a complaint with the supervisory authority โ in Poland, the President of the Personal Data Protection Office (UODO) โ or with your national data protection authority.
To delete all your data from the application, use the button below or contact the administrator.
7. Security
All API communication takes place server-side (Next.js) over HTTPS. All data is encrypted in transit (TLS). The Anthropic API key is never sent to the user's browser.
8. Users under 16
The app is intended for users aged 16 and over. Under Art. 8 GDPR, processing personal data of a child below the age of 16 is lawful only if and to the extent that consent is given or authorised by the holder of parental responsibility over the child.
If you are a parent or guardian and wish to consent to the use of CookIQ by a child under 16, please contact us at: contact@cook-iq-app.com.
If we discover that an account belongs to a person under 16 without guardian consent, the account will be removed together with all data.
9. Google Play โ Data Safety
- Data encrypted in transit: Yes โ all communication uses HTTPS/TLS.
- Data deletion option: Yes โ users can delete all their data at any time using the button in section 6 above.
- Data deleted on account removal: Yes โ deleting the account permanently removes all associated records (pantry, recipes, history, shopping list, points, GDPR consent audit trail). The only exception is a non-reversible hash of your e-mail address, kept to prevent abuse (see section 5).
- Data types collected: Photos (analysed, not stored), product list, recipe history, shopping list, preferences (browser-local), consent audit trail (IP, UA, timestamp).
- Data shared with third parties: Photos and text (ingredients, recipes) are sent to Anthropic PBC for AI analysis only; Anthropic does not use it to train models and may retain it temporarily (up to ~30 days) for abuse monitoring. Purchase data (order ID, amount) is processed by Google Play as the payment operator. App usage data and error diagnostics are processed by PostHog (analytics) and Sentry (error monitoring) in the EU region.