Privacy Policy
Effective Date: February 7, 2026 · Last Updated: February 7, 2026
1. Introduction
Remi ("we", "us", "our") operates the recipe management application available at reciperemi.com (the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our Service.
By using Remi, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Service.
2. Information We Collect
Account Information
When you create an account, we collect your name, email address, and profile image. You sign in through Google or Apple, and we receive basic profile information from those providers.
Profile Preferences
You may optionally provide your cooking skill level, dietary preferences (e.g., vegetarian, vegan, gluten-free), and allergy information. This data is used to personalize your experience.
Content You Create
We store the recipes, cookbook data, notes, labels, favorites, and any other content you create within the Service. Notes and memories (photos) may be marked as public or private by you.
Uploaded Files
When you upload photos (e.g., recipe memories or images for AI extraction), these files are stored on our cloud storage infrastructure. Photos submitted for AI recipe extraction are sent to our AI provider for processing and are not permanently stored after analysis.
Payment Information
We use Stripe to process payments. We do not store your credit card number or payment method details. We do store your Stripe customer identifier, purchase history, amounts, and transaction status for billing and support purposes.
Usage & Technical Data
When you use the Service, we automatically collect your IP address, browser user agent, and session information. We also log usage of AI-powered features, including the type of feature used, token counts, and associated costs for billing purposes.
Cookies
We use two cookies:
- Session cookie: Required for authentication. Cached for up to 15 minutes.
- Sidebar preference cookie: Stores your sidebar UI state. Expires after 7 days.
We do not use any third-party analytics, advertising, or tracking cookies.
3. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Service
- Authenticate your identity and manage your account
- Process payments and manage subscriptions
- Power AI features such as recipe extraction, recipe chat, and smart search
- Send transactional emails (e.g., cookbook invitation notifications)
- Enforce usage limits and prevent abuse
- Respond to support requests
We do not use your information for advertising. We do not sell your personal data to third parties.
4. Third-Party Services
We share data with the following third-party service providers, solely for the purposes of operating the Service:
| Provider | Purpose | Data Shared |
|---|---|---|
| Stripe | Payment processing | Email, purchase metadata. Card details handled by Stripe. |
| OpenAI | AI-powered features | Recipe content and images for AI processing. Not used for training. |
| Tavily | Web search for recipe chat | Search queries only. |
| Resend | Transactional email | Email address and name for invitations. |
| Cloudflare R2 | File and image storage | Uploaded photos and files. |
| Neon | Database hosting | All application data. |
| Vercel | Application hosting | Request data via Vercel infrastructure. |
| Google / Apple | OAuth authentication | Auth tokens and profile info for sign-in. |
Each provider is bound by their own privacy policies and data processing terms. We encourage you to review them.
5. Data Storage & Security
Your data is stored in a PostgreSQL database hosted by Neon and file storage provided by Cloudflare R2. The application is hosted on Vercel. All infrastructure is primarily located in the United States.
We implement the following security measures:
- All connections use HTTPS/TLS encryption in transit
- Authentication is handled securely via Google and Apple OAuth
- File uploads use time-limited presigned URLs
- Role-based access controls govern who can view and modify shared cookbooks
- Stripe webhook signatures are verified to prevent tampering
- Database operations use transactions to maintain data consistency
While we take reasonable measures to protect your data, no method of electronic transmission or storage is 100% secure.
6. International Data Transfers
If you are located outside the United States, please be aware that your information is transferred to and processed in the United States, where our hosting providers and third-party services operate. By using the Service, you consent to this transfer.
For users in the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on your consent and, where applicable, standard contractual clauses or other lawful transfer mechanisms to transfer your data internationally.
7. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate or incomplete data.
- Deletion: Request deletion of your personal data, subject to legal obligations.
- Portability: Request your data in a structured, machine-readable format.
- Objection: Object to certain processing of your personal data.
- Restriction: Request that we restrict processing of your data in certain circumstances.
- Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, please contact us at support@reciperemi.com. We will respond within 30 days.
For EU/EEA residents: You also have the right to lodge a complaint with your local data protection authority.
8. Data Retention
We retain your personal data for as long as your account is active or as needed to provide the Service. When you delete a cookbook, all associated recipes, notes, memories, labels, favorites, member associations, invitations, and AI usage logs are permanently deleted.
Payment records may be retained for a reasonable period to comply with legal and financial obligations (e.g., tax records, dispute resolution).
If you request account deletion, we will delete your personal data within 30 days, except where we are required by law to retain it.
9. Age Requirements
You must be at least 13 years old to create an account and use the Service. We do not knowingly collect personal information from children under 13. If we become aware that a user is under 13, we will delete their account and associated data.
If you believe someone under 13 has created an account, please contact us at support@reciperemi.com.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we make changes, we will update the "Last Updated" date at the top of this policy.
Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.
11. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us at support@reciperemi.com.