Privacy Policy
Effective Date: March 25, 2026 | Last Updated: March 25, 2026
1. Introduction
Welcome to Let Him Cook, operated by lethimcook.ai ("Let Him Cook," "we," "our," or "us"). This Privacy Policy describes how we collect, use, disclose, store, and protect your personal information when you access or use the Let Him Cook mobile application (the "App") and related services (collectively, the "Service").
By downloading, accessing, or using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, please do not use the Service.
This Privacy Policy applies to all users of the Service, including users who access the App as guests without creating an account.
2. Data Controller
For the purposes of applicable data protection laws (including the EU General Data Protection Regulation, "GDPR"), the data controller responsible for your personal data is:
lethimcook.ai
Email: lethimcook.app@gmail.com
3. Age Requirement and Children's Privacy
The App is rated 4+ on the Apple App Store and is suitable for all ages. However, because the Service collects personal information and uses artificial intelligence services, the following rules apply:
- Users under 13 (United States) / under 16 (European Economic Area): If you are under the applicable minimum age in your jurisdiction, you must have your parent or legal guardian review and agree to this Privacy Policy on your behalf before using the Service. By allowing a child to use the Service, the parent or guardian consents to the collection and processing of that child's data as described in this Privacy Policy.
- Parental Controls: Parents or guardians may contact us at lethimcook.app@gmail.com at any time to review, correct, or request deletion of their child's personal data, or to withdraw consent for further collection.
- COPPA Compliance (United States): We comply with the Children's Online Privacy Protection Act. We do not knowingly collect more personal information from children under 13 than is reasonably necessary to provide the Service. If we learn that we have collected personal information from a child under 13 without verifiable parental consent, we will take prompt steps to delete such information.
- Limited Data Collection for Minors: We encourage parents and guardians to supervise their children's use of the Service. The same categories of data described in Section 4 are collected from all users, regardless of age. We do not request, and users should not submit, sensitive information beyond what is needed to operate the Service.
4. Information We Collect
4.1 Account Information
- Phone number — used for account creation and OTP (one-time password) verification
- Display name — user-provided, optional
- Selected avatar/character — visual profile identifier
4.2 Profile and Preferences
- Gender and age — optional, used for app personalization (e.g., display preferences)
- Unit system preference (metric or imperial)
- Language preference
- Display preferences (e.g., pantry expiry visibility, category ordering)
4.3 User-Generated Content
- Grocery and pantry inventory items (name, quantity, unit, category, expiration date)
- Saved and favorited recipes
- Recipe search queries and search history
- Chat messages and interactions with Chef AI
- Imported recipe URLs and associated content
4.4 Device Permissions and Sensor Data
- Camera: Used to scan groceries and capture food images for AI-based ingredient detection. Images are processed in memory and are not permanently stored on our servers.
- Photo Library: Used to select existing photos for food image analysis. Selected images are transmitted to our servers solely for processing and are not retained after analysis.
- Push Notifications: Used to send local, on-device reminders about expiring pantry items. Notification permissions are requested at runtime and can be revoked at any time through your device settings. We do not use remote push notification tokens.
4.5 Usage and Technical Data
- API usage logs: We log which Service features you use (e.g., recipe generation, image scanning, chat), the number of API calls, associated cost metrics, and whether the call succeeded or failed. This data is used to enforce usage quotas and improve the Service.
- Subscription tier and status: If you have a subscription, we store your tier, status, and expiration date.
- IP address: Automatically transmitted as part of standard internet communication. We do not systematically log or store IP addresses.
4.6 Guest Users
If you use the Service without creating an account, we store your inventory, favorites, and profile data locally on your device. Limited anonymous usage data may be transmitted to our servers to enforce free-tier usage limits.
4.7 Feedback Data
If you submit feedback through the in-app feedback form, your responses (rating, comments) are sent to a third-party form service (Google Forms). This feedback is anonymous and is not linked to your account.
5. Legal Basis for Processing (EEA/UK Users)
If you are located in the European Economic Area or the United Kingdom, we process your personal data on the following legal bases under the GDPR:
| Processing Activity | Legal Basis |
|---|
| Account creation and authentication | Performance of a contract (Art. 6(1)(b)) |
| Providing personalized recipes and app experience | Performance of a contract (Art. 6(1)(b)) |
| Processing images for feature delivery | Performance of a contract (Art. 6(1)(b)) |
| Sending expiration notifications | Consent (Art. 6(1)(a)), revocable at any time |
| Usage tracking for quota enforcement | Legitimate interest (Art. 6(1)(f)) — ensuring fair service usage |
| Improving and maintaining the Service | Legitimate interest (Art. 6(1)(f)) |
| Content moderation of chat messages | Legitimate interest (Art. 6(1)(f)) — user safety |
| Complying with legal obligations | Legal obligation (Art. 6(1)(c)) |
6. How We Use Your Information
- To create and manage your account and authenticate your identity
- To provide core functionality: pantry management, recipe generation, recipe search, and Chef AI chat
- To analyze food images for ingredient detection using AI
- To personalize the app experience based on your preferences
- To send local on-device notifications about expiring pantry items
- To enforce usage quotas and manage subscription tiers
- To moderate chat content for safety and appropriateness
- To save your preferences and data across sessions and devices
- To maintain, improve, and debug the Service
- To comply with legal obligations and respond to lawful requests
7. Data Sharing and Third-Party Services
We do not sell, rent, or trade your personal data to third parties for marketing or advertising purposes.
To deliver the Service, we share certain data with the following third-party service providers, each acting as a data processor on our behalf:
- OpenAI (San Francisco, CA, USA)
- Supabase (Singapore — infrastructure by AWS)
- Google Forms (Mountain View, CA, USA)
Each third-party provider processes data in accordance with their own privacy policies. We encourage you to review those policies:
- OpenAI: https://openai.com/policies/privacy-policy
- Supabase: https://supabase.com/privacy
We may also disclose your information if required to do so by law, regulation, legal process, or enforceable governmental request, or if disclosure is necessary to protect the rights, property, or safety of lethimcook.ai, our users, or the public.
8. International Data Transfers
Your personal data may be transferred to and processed in countries other than your country of residence, including the United States and Singapore (Supabase infrastructure). These countries may have data protection laws that differ from those in your jurisdiction.
Where we transfer personal data from the EEA or UK to countries not deemed to provide an adequate level of data protection, we rely on:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions where applicable
- Your explicit consent where the above mechanisms are not available
9. Data Storage and Security
We implement appropriate technical and organizational measures to protect your personal data, including:
- Encryption in transit: All data transmitted between the App and our servers is encrypted using TLS/HTTPS
- Encryption at rest: Your data is stored in Supabase's enterprise-grade infrastructure with AES-256 encryption at rest
- Authentication security: Passwords are hashed using bcrypt; phone authentication uses time-limited OTP codes
- Access controls: Database access is restricted by row-level security policies tied to your authenticated user ID
- Ephemeral processing: Images submitted for AI analysis are processed in memory and not permanently stored on our servers
No method of electronic transmission or storage is 100% secure. While we strive to use commercially reasonable means to protect your data, we cannot guarantee absolute security.
10. Data Retention
- Account data: Retained for as long as your account remains active
- Inventory and recipe data: Retained for as long as your account remains active
- Recipe history: We retain your 20 most recent recipe views; older entries are automatically deleted
- Usage and API call logs: Retained on a rolling monthly basis for quota enforcement; historical logs may be retained for up to 12 months for operational purposes
- Guest data: Stored locally on your device only; deleted if you clear app data or uninstall the App
- Feedback: Retained indefinitely in anonymized form
Upon account deletion, we promptly delete all personal data associated with your account from our active databases, including inventory items, recipes, favorites, search history, profile data, usage logs, and subscription data. Some data may persist in encrypted backups for a limited period (up to 30 days) before being permanently purged.
11. Your Rights
11.1 All Users
Regardless of where you are located, you have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete personal data
- Delete your account and all associated personal data (available in-app under Settings > Delete Account, or by contacting us)
- Withdraw consent for notification permissions or optional data collection at any time
11.2 European Economic Area and United Kingdom (GDPR)
If you are located in the EEA or UK, you additionally have the right to:
- Data portability: Receive your personal data in a structured, commonly used, and machine-readable format
- Restrict processing: Request that we limit the processing of your data under certain circumstances
- Object to processing: Object to processing based on legitimate interests, including profiling
- Lodge a complaint: File a complaint with your local data protection supervisory authority
To exercise any of these rights, contact us at lethimcook.app@gmail.com. We will respond within 30 days.
11.3 California Residents (CCPA/CPRA)
If you are a California resident, you have the following rights under the California Consumer Privacy Act and the California Privacy Rights Act:
- Right to Know: You may request the categories and specific pieces of personal information we have collected about you, the sources of collection, the business purposes for collection, and the categories of third parties with whom we share your data.
- Right to Delete: You may request the deletion of your personal information, subject to certain legal exceptions.
- Right to Correct: You may request the correction of inaccurate personal information.
- Right to Opt Out of Sale/Sharing: We do not sell or share your personal information for cross-context behavioral advertising.
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
To submit a request, email us at lethimcook.app@gmail.com with the subject line "CCPA Request." We will verify your identity and respond within 45 days.
12. Automated Decision-Making and AI
The Service uses artificial intelligence to generate recipe suggestions, parse grocery items, analyze food images, provide chat responses, and estimate nutritional information. These AI features involve automated processing of your data but do not produce legal effects or similarly significant effects on you.
- Recipe generation: AI suggests recipes based on your inventory, preferences, and optional dietary inputs. You are free to modify, ignore, or not use any AI-generated content.
- Nutritional estimates: Any nutritional information displayed is AI-generated, approximate, and intended for general informational purposes only. It should not be relied upon for medical, dietary, or clinical decisions.
- Content moderation: Chat messages are automatically screened for inappropriate content. Flagged messages are blocked and are not stored or reviewed by humans.
13. Local Storage
The App uses on-device storage (AsyncStorage) to cache preferences and improve performance, including:
- Language and unit system preferences
- Cached profile data for faster loading
- Guest user inventory and favorites (stored only on-device)
- Local usage tracking for quota display
- Notification and display preferences
This data remains on your device and is not transmitted to our servers unless you create an account, at which point locally cached data may be synchronized to our database.
14. Disclaimer and Limitation of Liability
14.1 General Disclaimer — "As Is" and "As Available"
THE SERVICE, INCLUDING ALL CONTENT, RECIPES, NUTRITIONAL INFORMATION, INGREDIENT LISTS, COOKING INSTRUCTIONS, PORTION SIZES, PREPARATION METHODS, AND ANY OTHER INFORMATION PROVIDED THROUGH THE APP (COLLECTIVELY, "SERVICE CONTENT"), IS PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, LETHIMCOOK.AI EXPRESSLY DISCLAIMS ALL WARRANTIES, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, COMPLETENESS, RELIABILITY, NON-INFRINGEMENT, AND TITLE.
We do not warrant, represent, or guarantee that: (a) the Service will be uninterrupted, timely, secure, or error-free; (b) the results obtained from the use of the Service will be accurate, reliable, or complete; (c) any recipes, nutritional data, or other content provided through the Service will meet your specific requirements, dietary needs, health conditions, or personal circumstances; or (d) any errors or defects in the Service will be corrected.
14.2 AI-Generated Content Disclaimer
All recipes, ingredient lists, cooking instructions, preparation methods, serving suggestions, nutritional estimates, caloric data, macronutrient breakdowns, and any other food-related content generated or displayed by the Service are produced by artificial intelligence models (including, without limitation, OpenAI GPT-series models). AI-generated content is inherently probabilistic and may contain errors, omissions, inaccuracies, hallucinations, or inconsistencies.
Specifically, and without limitation, AI-generated content may:
- Contain incorrect, incomplete, or misleading ingredient lists, including the omission of ingredients that are actually required or the inclusion of ingredients that are inappropriate, unsafe, or incompatible
- Fail to identify, list, flag, or warn about the presence of common or uncommon allergens (including but not limited to peanuts, tree nuts, milk, eggs, wheat, soy, fish, shellfish, sesame, mustard, celery, lupin, mollusks, sulfites, and any other allergens recognized under applicable food safety regulations)
- Provide inaccurate, incomplete, or misleading nutritional information, including but not limited to calorie counts, macronutrient values (protein, carbohydrates, fats, fiber), micronutrient content, sodium levels, sugar content, and cholesterol levels
- Suggest cooking temperatures, cooking times, or preparation methods that may be insufficient to ensure food safety (e.g., undercooked poultry, improperly handled raw ingredients, unsafe food storage durations)
- Recommend ingredient combinations that may be unsafe, unpalatable, or chemically reactive
- Fail to account for individual user health conditions, including but not limited to diabetes, celiac disease, hypertension, kidney disease, phenylketonuria (PKU), gastrointestinal conditions, cardiovascular conditions, autoimmune disorders, or any other medical condition that may require dietary restriction or modification
- Produce content that does not comply with regional food safety standards, labeling laws, or dietary guidelines applicable in your jurisdiction
- Generate recipes that reference ingredients by common names that may correspond to different substances in different regions or cultures
lethimcook.ai does not independently verify, validate, test, or review any AI-generated content for accuracy, safety, nutritional completeness, allergen disclosure, or suitability for any individual user. No AI-generated content constitutes a guarantee, certification, or endorsement by lethimcook.ai.
14.3 No Medical, Nutritional, or Dietary Advice
The Service does not provide medical advice, nutritional counseling, dietetic guidance, or any form of professional healthcare service. Nothing contained in, accessed through, or provided by the Service shall be construed as medical advice, diagnosis, treatment, or a substitute for professional medical, nutritional, or dietary consultation.
You should always seek the advice of a qualified physician, registered dietitian, licensed nutritionist, certified allergist, or other qualified healthcare professional with any questions you may have regarding a medical condition, food allergy, food intolerance, dietary restriction, or any other health-related concern. Never disregard professional medical or dietary advice, or delay in seeking it, because of any content provided by the Service.
If you have known or suspected food allergies, food intolerances, celiac disease, anaphylaxis risk, or any other condition that requires dietary restriction, you must independently verify every ingredient in every recipe before preparation and consumption. The Service is not designed to, and does not, function as an allergen detection or avoidance tool.
14.4 User Assumption of Risk and Sole Responsibility
BY USING THE SERVICE, YOU EXPRESSLY ACKNOWLEDGE, UNDERSTAND, AND AGREE THAT:
- You use the Service and all Service Content entirely at your own risk. You are solely and exclusively responsible for evaluating the accuracy, completeness, safety, and suitability of any recipe, ingredient, instruction, nutritional information, or other content provided through the Service before acting upon it.
- You are solely responsible for verifying that any recipe or food item is safe for your consumption, taking into account your own allergies, intolerances, sensitivities, medical conditions, medications, dietary requirements, and personal health circumstances.
- You assume full and complete responsibility for all decisions related to the selection, preparation, cooking, storage, handling, serving, and consumption of any food or beverage prepared using recipes, instructions, or suggestions obtained through the Service.
- You are solely responsible for ensuring proper food safety practices, including but not limited to cooking food to safe internal temperatures, avoiding cross-contamination, properly storing perishable ingredients, observing expiration dates, and following applicable food safety guidelines in your jurisdiction.
- You expressly assume all risks associated with the use of AI-generated content, including but not limited to the risk that such content may be inaccurate, incomplete, misleading, or unsuitable for your needs.
- You acknowledge that the Service is not a substitute for reading product labels, ingredient lists, or allergen disclosures on actual food packaging, and that you remain responsible for performing your own due diligence before consuming any food.
- If you prepare food for others (including but not limited to family members, children, guests, customers, or any third party), you are solely responsible for determining and verifying that the food is safe and appropriate for each individual consumer, including ascertaining and accommodating their allergies, dietary restrictions, and health conditions.
14.5 Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL LETHIMCOOK.AI, ITS OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, AFFILIATES, SUCCESSORS, ASSIGNS, LICENSORS, SERVICE PROVIDERS, OR SUPPLIERS (COLLECTIVELY, THE "RELEASED PARTIES") BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY OF THE FOLLOWING, WHETHER BASED ON WARRANTY, CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, PRODUCT LIABILITY, OR ANY OTHER LEGAL THEORY, AND WHETHER OR NOT THE RELEASED PARTIES HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES:
- Personal injury, illness, allergic reaction, anaphylaxis, hospitalization, or death resulting from or related to the preparation, handling, cooking, serving, or consumption of any food or beverage prepared in reliance on recipes, ingredients, instructions, or any other content provided through the Service
- Any adverse health effects, bodily harm, or medical condition arising from or related to dietary choices made in reliance on AI-generated nutritional information, caloric estimates, macronutrient data, or any other health-related content provided through the Service
- Any indirect, incidental, special, consequential, exemplary, or punitive damages, including but not limited to damages for loss of profits, goodwill, use, data, or other intangible losses
- Any damages arising from: (i) your use of or inability to use the Service; (ii) any errors, inaccuracies, or omissions in any Service Content; (iii) unauthorized access to or alteration of your data; (iv) statements or conduct of any third party on the Service; or (v) any other matter relating to the Service
IN JURISDICTIONS THAT DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CERTAIN TYPES OF DAMAGES, OUR LIABILITY SHALL BE LIMITED TO THE MAXIMUM EXTENT PERMITTED BY LAW. IN NO EVENT SHALL THE AGGREGATE LIABILITY OF THE RELEASED PARTIES EXCEED THE GREATER OF (A) THE TOTAL AMOUNT PAID BY YOU TO LETHIMCOOK.AI FOR THE SERVICE DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM, OR (B) ONE HUNDRED U.S. DOLLARS (USD $100.00).
14.6 Indemnification
You agree to indemnify, defend, and hold harmless lethimcook.ai and the Released Parties from and against any and all claims, demands, actions, suits, proceedings, losses, liabilities, damages, judgments, settlements, fines, penalties, costs, and expenses (including reasonable attorneys' fees and legal costs) arising out of or in connection with:
- Your use of the Service or any Service Content, including any recipes you prepare, serve, or consume
- Any food you prepare, handle, store, serve, or provide to any third party based on or inspired by content obtained through the Service
- Your failure to verify allergens, ingredients, nutritional information, cooking safety, or suitability of any recipe for yourself or others
- Your violation of this Privacy Policy, any applicable terms of service, or any applicable law or regulation
- Any claim by a third party (including but not limited to guests, family members, customers, or any other individuals) arising from their consumption of food prepared using the Service
- Your negligence or willful misconduct in connection with the use of the Service
This indemnification obligation shall survive the termination of your account and your cessation of use of the Service.
14.7 Waiver of Claims
TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, YOU HEREBY IRREVOCABLY AND UNCONDITIONALLY WAIVE, RELEASE, AND DISCHARGE THE RELEASED PARTIES FROM ANY AND ALL CLAIMS, DEMANDS, CAUSES OF ACTION, AND LIABILITY OF EVERY KIND AND NATURE, WHETHER KNOWN OR UNKNOWN, SUSPECTED OR UNSUSPECTED, DISCLOSED OR UNDISCLOSED, THAT HAVE ARISEN OR MAY ARISE FROM YOUR USE OF THE SERVICE, INCLUDING BUT NOT LIMITED TO CLAIMS RELATED TO ALLERGIC REACTIONS, FOOD-BORNE ILLNESS, ADVERSE HEALTH EFFECTS, PERSONAL INJURY, OR PROPERTY DAMAGE ARISING FROM THE PREPARATION OR CONSUMPTION OF RECIPES OBTAINED THROUGH THE SERVICE.
If you are a resident of California, you expressly waive California Civil Code Section 1542, which provides: "A general release does not extend to claims that the creditor or releasing party does not know or suspect to exist in his or her favor at the time of executing the release and that, if known by him or her, would have materially affected his or her settlement with the debtor or released party."
14.8 Food Safety and Regulatory Compliance
The Service is not certified, approved, endorsed, or regulated by any food safety authority, government regulatory body, health department, or standards organization in any jurisdiction. Recipes and food-related content provided through the Service have not been reviewed, tested, or approved by any food safety authority for compliance with applicable food safety standards, hygiene requirements, or labeling regulations.
If you operate a food business, commercial kitchen, catering service, or any other enterprise that prepares or serves food to the public, you are solely responsible for ensuring compliance with all applicable food safety laws, health codes, labeling requirements, allergen disclosure obligations, and other regulatory requirements in your jurisdiction. The Service is intended for personal, non-commercial use and is not designed to replace or supplement professional food safety management systems.
14.9 Third-Party Recipes and Imported Content
The Service may allow you to import recipes from third-party websites or other external sources. lethimcook.ai has no control over, and assumes no responsibility for, the accuracy, safety, allergen disclosure, nutritional content, or legality of any content originating from third-party sources. Imported recipes are subject to the same disclaimers and limitations set forth in this Section 14, and you assume full responsibility for verifying the safety and suitability of any imported recipe content.
14.10 Severability of Liability Provisions
If any provision of this Section 14 is found to be unenforceable, illegal, or void by a court of competent jurisdiction, such provision shall be modified to the minimum extent necessary to make it enforceable, and the remaining provisions shall continue in full force and effect. The invalidity of any single provision shall not affect the validity of the remaining liability protections contained herein.
15. Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:
- Notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where required by applicable law
- Notify affected users without undue delay where the breach is likely to result in a high risk to their rights and freedoms
- Document the breach and the remedial measures taken
16. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the Service. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page
- Post the revised policy within the App and at this URL
- Where required by law, notify you via in-app notification or other reasonable means before the changes take effect
Your continued use of the Service after the effective date of any changes constitutes your acceptance of the revised Privacy Policy.
17. Governing Law
This Privacy Policy shall be governed by and construed in accordance with the laws applicable to your jurisdiction. Nothing in this Privacy Policy limits your rights under mandatory local data protection legislation.