iCook.ing
DiscoverSign inSign up

Legal

Privacy Policy

Effective May 9, 2026

iCook.ing (“iCook,” “we,” “us”) is a personal recipe library. This policy describes what we collect, why, and how to control it. It applies to icook.ing and our mobile/PWA app.

1. Information we collect

  • Account info. When you sign up, we store your email, an optional name, and a hashed password (we never see the plaintext). If you sign in with Google, we receive your name, email, and profile image from Google.
  • Recipes you save. When you paste a URL or import via search, we fetch the page and store the recipe metadata (title, ingredients, instructions, photo, source URL) against your account. We also re-host the recipe’s hero image so it stays available if the source goes down.
  • Meal plans and folders. Anything you organize on the Plan or in folders is stored on our database tied to your account.
  • Session cookies. A first-party cookie keeps you signed in. We don’t use third-party advertising or tracking cookies.
  • Server logs. Our hosting provider records standard request logs (IP, user-agent, response status) for security and abuse prevention. These are retained for a short window.

2. How we use it

  • To run your account: authentication, saving and showing your recipes, generating PDFs, scaling ingredients, building your shopping list.
  • To keep the service working and secure: rate-limiting abuse, fixing bugs, investigating reports.
  • To send essential service emails (e.g. password reset, security notices). We don’t send marketing email without your opt-in.

3. What we share

We don’t sell your data. We use a handful of providers to actually run the app; they only process data on our behalf:

  • Vercel — hosting and request routing.
  • Neon — managed Postgres database.
  • Vercel Blob — object storage for re-hosted recipe images.
  • Google — sign-in if you choose “Continue with Google.”
  • Brave Search — when you use the “Search the web” tab on the import page, your query is sent to Brave to return results.

We may disclose information to comply with a lawful court order or to protect the rights and safety of users.

4. Public recipes

Recipes imported into iCook are visible in the public Discover gallery as a way to help others find them. The card shows the title, source site, and photo — never your name, email, or any personal info. Logged-in visitors can click in to view the full recipe and add a copy to their own library. If you don’t want a particular recipe to appear publicly, delete it from your library.

5. Your rights

  • Access & export. Email us and we’ll send you a JSON export of your recipes and plans.
  • Delete. Email us to delete your account. We’ll erase your user record and recipes within 14 days.
  • Correct. Edit your recipes in-app; for account fields, email us.
  • Withdraw consent. Stop using iCook at any time. Deleting your account erases your data.

6. Children

iCook is not directed at children under 13 and we don’t knowingly collect data from them. If you believe a child has created an account, email us and we’ll remove it.

7. Security

Data is encrypted in transit (TLS) and at rest. Passwords are hashed with bcrypt. We take reasonable measures but no system is perfectly secure — if we ever experience a material breach affecting your account, we’ll notify you.

8. Changes to this policy

If we make material changes we’ll post the new effective date at the top and, for significant changes, send an in-app notice. Your continued use after the effective date means you accept the update.

9. Contact

Questions, requests, or anything else: write to hello@icook.ing.

See also our Terms of Service.