Privacy Policy

Last updated: May 14, 2026

This Privacy Policy explains how ShareTaste handles your personal data. It is part of the User Agreement.

1. Quick Summary

ShareTaste signs you in through Apple iCloud. We do not see your Apple ID email or real name.
Your private recipes, grocery lists, and meal plans are stored in your own iCloud and synced through Apple's CloudKit. We cannot read that content.
If you publish posts, comments, likes, or a public profile, that content is stored in our shared CloudKit database and is visible to other users of the app.
If you opt in to AI features, the text and images you submit are sent through our backend to OpenAI for processing.
We do not sell your personal data, run advertising, or use third-party tracking SDKs.
You can see, edit, and delete your data inside the app at any time, and you have the rights described in Sections 11–12.

2. Who Is Responsible

The data controller for the personal data described in this Policy is:

ShareTaste
Operator address available on request before public launch.
Germany
support@sharetaste.app

If you have any privacy questions or want to exercise your rights, write to us at the address above. We currently do not have a Data Protection Officer; we will appoint one if EU law requires it.

3. What Data We Process

We process the following categories of personal data:

Account identifier: an opaque identifier from Apple iCloud that lets us recognise you across your devices. We do not receive your Apple ID email or real name.
Profile data: alias, optional bio, optional avatar image, cooking-level information, and the privacy settings you choose (for example whether your profile is discoverable).
Content you create: recipes, ingredients, instructions, grocery lists, meal plans, photos, tags, language, region.
Social activity (if you use the social features): posts, comments, likes, follows, share invitations, sender/recipient names of invitations.
AI inputs (if you opt in): the text, URLs, and images you submit to AI features, plus context such as your preferred language, units, and dietary tags.
Reports and moderation data: content of reports you submit (target, reason, optional notes) and moderation decisions linked to your account.
Subscription and purchase status: whether you have an active ShareTaste Plus subscription. The actual payment is handled by Apple; we do not receive your payment details.
Diagnostic and technical data: app errors, sync errors, and basic device/OS information necessary to keep the app running. We do not use third-party analytics or advertising SDKs.

4. Why We Process It and Our Legal Basis

Under the EU GDPR we rely on the following legal bases:

Performance of a contract (Art. 6(1)(b) GDPR) — to provide the app and the features you use, including syncing your data, enabling sharing, and managing your subscription.
Legal obligation (Art. 6(1)(c) GDPR) — to comply with statutory obligations such as moderation and reporting duties under the Digital Services Act, accounting law, and lawful requests from authorities.
Legitimate interests (Art. 6(1)(f) GDPR) — to keep the app secure, prevent abuse, debug crashes, enforce these terms, and improve reliability. We balance these against your rights and use the minimum data needed.
Consent (Art. 6(1)(a) GDPR) — for clearly optional features, including the AI features and any future feature that asks you to opt in. You can withdraw consent at any time, with effect for the future.

Where we rely on consent, withdrawing it does not affect the lawfulness of processing that already happened. Where we rely on legitimate interests, you have the right to object as described in Section 11.

5. AI Features in Detail

AI features are off by default. If you opt in, your input is sent over a secure connection to a Cloudflare Worker that we operate, which forwards it to the appropriate AI provider and returns the result to your device. The specific data flow depends on which feature you trigger:

Text input (recipe text you paste, URLs you import from, prompts for recipe generation or meal planning) — forwarded to OpenAI's text models for parsing, generation, or planning.
Voice input (audio you record for grocery-list or recipe transcription) — forwarded to OpenAI's Whisper transcription model. The audio is processed to return text; we do not retain the recording.
Image input (photos of recipes, scanned recipe pages) — forwarded to OpenAI's vision-capable models for text extraction or recipe parsing.
Cover-image search keywords — sent to Pexels' search API. These keywords are derived from the recipe and do not include identifying information about you.

Common rules for all AI flows:

We do not use your AI inputs or outputs to train models. OpenAI processes the request as our processor under their API terms; per OpenAI's current API policy, API inputs and outputs are not used to train OpenAI's models by default.
We may keep limited logs (request metadata, error traces) for up to 30 days, matching OpenAI's API abuse-monitoring window, to operate the service, prevent abuse, and debug failures. Logs do not include the raw audio you recorded.
Do not include sensitive personal data about identifiable people in AI inputs.
You can opt out at any time in the app settings. Opting out stops further uploads of any modality.

We share personal data only with the following recipients, and only as needed for the purposes described above:

Apple — provides iCloud, CloudKit storage and sync, App Store and StoreKit, and push notifications. Apple acts as our infrastructure provider; for content stored in your private iCloud, we cannot access it. Apple's own privacy practices apply.
OpenAI — processes AI requests on our behalf when you opt in. Acts as our processor.
Cloudflare — hosts and routes our backend Worker. Acts as our processor.
Pexels — when you search for a cover image, your search keywords are sent to Pexels and they return image results. We do not send identifying information about you.
Authorities and courts — where we are legally required to disclose data, or where disclosure is necessary to protect rights, safety, or our legitimate interests.
Other users of the app — for content you choose to publish or share (for example posts, comments, likes, public profile, or invited shares). Only you control what you publish or share.

We do not sell or rent personal data and we do not allow our processors to use your data for their own purposes.

7. How CloudKit Works in ShareTaste

Private database — recipes, grocery lists, meal plans, and personal settings live in your private iCloud container. The data syncs across your own devices through Apple's infrastructure. We do not have access to read this data.
Shared database — when you invite someone to a recipe, list, or meal plan, Apple creates a shared zone that the participants can read and (if you allow it) write to. Participants' devices receive a copy through Apple's sync.
Public database — posts, comments, likes, public profile fields, and reports are stored in the app's public CloudKit database, which we operate. Other users of the app can see them in line with the visibility rules.
If you sign out of iCloud or revoke iCloud access for the app, sync stops. Local copies on your device may remain until you reinstall or clear app data.

8. International Data Transfers

Some of our service providers operate outside the EU/EEA, in particular OpenAI (United States) and Cloudflare (global). When personal data is transferred outside the EU/EEA, we rely on appropriate safeguards under Chapter V GDPR, which can include:

The EU–U.S. Data Privacy Framework, where the recipient is certified.
Standard Contractual Clauses (SCCs) approved by the European Commission, combined with additional technical and organisational measures where necessary.

You can ask us using the contact address in Section 17 for more detail about the safeguards in place for a specific transfer.

9. How Long We Keep Data

Account, profile, and content — kept for as long as your account exists. You can delete individual items in the app at any time.
Account deletion — when you delete your account, your profile and content are removed from our active systems. Backups, audit logs, and copies that have already reached other users' devices may persist for a limited period as needed for security, integrity, and legal compliance, and are then deleted on a routine schedule.
Reports and moderation records — kept for as long as needed to operate the moderation system and to respond to appeals or legal requests, and then deleted.
Diagnostic and security logs — kept for short, defined periods (typically 30–90 days) and then deleted or aggregated.
Subscription records — kept for as long as required by tax and accounting law (in Germany, generally up to 10 years).

10. How We Protect Data

We rely on Apple's iCloud and CloudKit infrastructure for storage, sync, and authentication, which uses industry-standard encryption in transit and at rest. Backend traffic between the app, our Cloudflare Worker, and OpenAI uses HTTPS/TLS.

No system is perfectly secure. If we become aware of a personal data breach that is likely to result in risk to your rights, we will notify the competent supervisory authority and, where required, you, in line with Articles 33–34 GDPR.

11. Your Rights (EU/EEA/UK)

If the GDPR or UK GDPR applies to you, you have the following rights:

Access — confirmation of whether we process your personal data and a copy of it.
Rectification — correction of inaccurate or incomplete personal data.
Erasure ("right to be forgotten") — deletion in defined circumstances.
Restriction — limit how we process your data in defined circumstances.
Portability — receive certain data in a structured, commonly used, machine-readable format and have it transmitted to another controller where technically feasible.
Objection — object at any time to processing based on our legitimate interests, including any related profiling.
Withdraw consent — for any processing based on consent, with effect for the future.
Lodge a complaint — with your local data-protection authority. In Germany you can also contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI) or your state authority.

To exercise any of these rights, contact us at support@sharetaste.app. You can also delete your account and most content directly in the app. We may need to verify your identity before acting on a request.

12. Your Rights (California)

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the CPRA, gives you the following rights:

Right to know what personal information we have collected about you, the categories of sources, the business or commercial purposes, and the categories of third parties with whom we share it.
Right to delete personal information, subject to exceptions.
Right to correct inaccurate personal information.
Right to limit the use and disclosure of sensitive personal information. We do not use sensitive personal information for purposes that require a separate opt-out.
Right to opt out of the sale or sharing of personal information. We do not sell or share personal information for cross-context behavioural advertising.
Right to non-discrimination for exercising your rights.

To exercise these rights, contact us using the address in Section 17. You can authorise an agent to act on your behalf, in which case we may verify both your identity and the agent's authority.

13. Children

ShareTaste is not directed at children under 13 and we do not knowingly collect personal data from anyone under 13.

In the EU/EEA, account, social, sharing, and AI features require you to be at least 16 (or the lower digital age of consent set by your country's law). If you believe we have collected data from a child without proper consent, contact us using the address in Section 17 and we will delete it.

14. Cookies and Tracking

ShareTaste is a native iOS app and does not use browser cookies. We do not use third-party advertising or analytics SDKs and we do not implement Apple's App Tracking Transparency cross-app tracking.

The app stores small amounts of state on your device (preferences, caches) so it can work offline and start quickly. This is not used for tracking.

15. Automated Decisions and Profiling

Some moderation decisions are partly automated: when reports against a piece of content cross a credibility-weighted threshold within a time window, or when an automated content classifier flags an item as likely to violate our Community Guidelines, the content can be hidden pending human review. This is a safety measure rather than a final decision and does not produce legal or similarly significant effects on you within the meaning of Article 22 GDPR.

All other meaningful moderation and account decisions involve a human review. You can appeal any moderation decision by writing to us at the address in Section 17.

16. Changes to This Policy

We may update this Policy from time to time. The "Last updated" date at the top reflects the most recent change. Material changes will be notified inside the app and, where required by law, you will be asked to acknowledge them before continuing to use affected features.

17. Contact

For privacy questions or to exercise your rights, contact: