Download on the App StoreGet it on Google Play
TasteBot

TasteBot Privacy Policy

Last updated: December 31st, 2025

TasteBot, LLC ("TasteBot," "we," "us," or "our") provides a mobile application and related website that use AI to help you generate recipes tailored to your preferences (the "Service"). This Privacy Policy explains how we collect, use, and share information when you use:

  • The TasteBot mobile apps
  • Our website (including any subdomains)
  • Any support channels we provide (such as email support)

If you do not agree with this policy, please do not use the Service.

1. Who we are & how to contact us

  • Controller: TasteBot, LLC - Texas, USA
  • Contact email: support@tastebotai.com

You can contact us at the email above with any questions about this policy or your data.

2. Children's privacy

The Service is intended for individuals 13 years and older. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal data, please contact us so we can delete it.

3. Information we collect

We collect the following categories of information from and about you:

3.1. Account identifiers

  • Email address (required to sign in).
  • Authentication provider details if you sign in with Apple or Google (for example, a provider-specific user ID and the email address associated with that account).
  • We may also receive a display name from Apple or Google and store it if provided, but we do not require you to add a separate profile name or photo.
  • We do not collect or store passwords. Sign-in is handled via a 6-digit code emailed to you or via OAuth (Apple or Google).

3.2. Recipe & preference data

To generate recipes and tailor them to you, we store:

  • Your recipe and nutrition preferences, including:
    • Goals (for example, higher protein, lower calorie, high fiber, etc.).
    • Diets (for example, vegan, pescatarian, low FODMAP, etc.).
    • Allergies or ingredients to avoid (including custom ingredients you type in).
    • Cooking style preferences (for example, quick & easy, meal-prep friendly, family-style, etc.).
  • Generated recipes and related data, such as:
    • Recipe titles, descriptions, instructions, tips, servings, estimated time to cook.
    • Variations you generate from an existing recipe.
    • Nutritional info we calculate for a recipe.
    • Recents and favorites, including which recipes you recently generated, saved, or removed.
    • Share links for recipes when you choose to share them (see Sections 3.4 and 5.3).

These are treated as recipe and nutrition preferences, not as medical records. TasteBot is not a medical, nutritional, or safety advisor.

3.3. User content (text and photos)

You may choose to input or upload content, including:

  • Free-form text prompts you type into TasteBot (for example, "make something savory and high protein").
  • Photos of dishes you upload or capture using the photo-to-recipe feature (a premium feature). These photos are stored in our database and tied to the associated recipe for features like Recents and Favorites.
  • AI-generated recipe images we create for your recipes using third-party AI image models. These are stored with the related recipe.

You can input almost any text or photo into the app, but you remain responsible for that content and must comply with our Terms of Service.

3.4. Usage & analytics data

We collect certain usage and analytics data to understand how the Service is used and to run it efficiently. Examples include:

  • Counts and metadata for:
    • Total tokens used for AI calls
    • Stage 0 image-to-recipe calls
    • Stage 1 recipe generations
    • Stage 2 nutritional calculations
    • "Surprise me" vs "Custom recipe" generations and category distribution
    • "Make a variation" generations
    • AI image generations
  • Aggregated information about preferences and settings (for example, number of users with each diet, fitness goal, lifestyle, and key allergens).
  • Subscription-related analytics, such as:
    • Number of free vs paid users
    • How long users keep subscriptions
    • How many users have tried premium at some point
  • Business metrics such as costs and revenue (for example, token costs, storage costs, ad revenue, subscription revenue) and success vs failure rates for AI calls and server requests.

We use analytics tools such as Firebase Analytics and AppsFlyer to help measure app usage, installs, and attribution in accordance with their policies.

We design these analytics to help us operate and understand the Service at a high level, not to build individual behavioral profiles.

3.5. Device & technical information

We may collect technical data from your device, such as:

  • Device model
  • Operating system version
  • App version
  • Technical logs, crash logs, and error logs (which may occasionally include parts of a prompt or request if they were involved in the error).

We do not use IP address in our application-level analytics for profiling, though our hosting and infrastructure providers may process IP addresses in their server logs as part of providing their services. We may also temporarily process and retain IP address and related identifiers for security and abuse prevention (for example, short cooldowns after account deletion; see Section 4).

3.6. Subscriptions & payments

  • We store your subscription status (for example, free vs premium), subscription type (for example, monthly vs annual), and general billing/renewal status as provided by Apple App Store or Google Play.
  • We do not receive or store your full payment card details. All payment processing is handled by Apple and Google according to their terms and privacy policies.

3.7. Support communications

If you contact us via email (including via the "Contact Us" button in the app), we process:

  • Your email address
  • The content of your message and any attachments
  • Diagnostic information that the app pre-fills (for example, device model, OS version, app version, user ID) to help troubleshoot issues.

3.8. Website data

Our website may collect:

  • Basic interaction or log data necessary to serve the site (for example, via our hosting provider).
  • We do not currently use separate third-party analytics tools (for example, Google Analytics) or marketing cookies on the website.

We do not collect precise GPS location, contacts, or other categories like biometrics, religion, or explicit medical conditions.

4. How we use information

We use your information to:

  • Provide and operate the Service, including:
    • Authenticating you and keeping your account secure
    • Generating recipes and nutritional estimates based on your requests and preferences
    • Saving and displaying your Recents and Favorites
    • Handling recipe share links
    • Managing subscriptions, including showing which features are available to free vs premium users and enforcing daily generation limits
    • Showing ads to free users, including banners, interstitial ads, and rewarded video ads
  • Monitor usage and performance, identify trends, track costs, and optimize the Service (for example, tracking success/failure rates for AI calls).
  • Maintain security, prevent abuse, and enforce our Terms (for example, detecting attempts to bypass limits or misuse the Service).
  • Enforce short cooldowns after account deletion by retaining minimal identifiers (email, device fingerprint, IP) for up to 24 hours to prevent immediate re-registration abuse. After the cooldown expires, these identifiers are ignored and fall under our normal retention rules.
  • Communicate with you, such as sending login codes, responding to support requests, or sending important service announcements.
  • Comply with legal obligations, dispute resolution, and enforcement of our rights.

We do not use your prompts or recipes to train our own models in a way that builds separate user profiles or to train third-party models beyond what is necessary for those providers to deliver the service to us.

5. AI processing

To provide recipe generation, nutritional estimates, and optional images, we send relevant portions of your data to third-party AI providers such as:

  • AI text providers (for example, OpenAI) for dish recognition from a photo, recipe generation, and nutritional estimate calculations
  • AI image providers (for example, Flux via Fireworks) for generating recipe images based on the recipe content

We only send the information needed for that particular request (for example, your prompt, your preferences, and/or the photo of the dish). Outputs from AI calls (recipes, nutritional info, and images) are then stored in your account so we can display your recipes and recents/favorites, show nutrition calculations, generate variations, and display images you requested.

We configure our AI providers using settings that do not permit them to use your data to train their models for their own generalized purposes (to the extent such controls are available).

6. Legal bases for EEA/UK users (if applicable)

If you are in the EEA or UK, our processing of your personal data is based on:

  • Contract - to provide the Service you request (for example, account, recipe generation, subscriptions).
  • Legitimate interests - to keep the Service secure, prevent abuse, understand overall usage, and improve reliability.
  • Legal obligations - to comply with applicable laws and regulations.

7. Sharing of information

We do not sell your personal information. We may share certain identifiers and device information with advertising partners and analytics providers to serve and measure ads, attribution, and app performance. Where required by law, you may opt out of such sharing by contacting us (see Section 12).

We disclose information to trusted service providers who process it on our behalf, including:

  • Supabase - backend/database, hosting, authentication, analytics/event storage
  • Firebase Analytics - in-app analytics and measurement
  • AppsFlyer - attribution and install measurement
  • AI providers (for example, OpenAI and Fireworks/Flux) - processing prompts, photos, and recipe content to generate outputs
  • Mailgun / email providers - sending one-time login codes and handling support email
  • Apple App Store / Google Play - handling in-app purchases and subscriptions
  • Google AdMob - providing in-app advertisements

These providers are contractually bound to process data only on our instructions and for our purposes.

We may also share information when necessary to:

  • Comply with legal obligations, court orders, or lawful requests
  • Protect the rights, property, or safety of TasteBot, our users, or others
  • Enforce our Terms of Service or address fraud, security, or technical issues

8. Advertising & personalization

We use Google AdMob to serve ads to free users, including banner ads, interstitial ads, and rewarded video ads.

We may also use AdMob mediation, which can allow additional advertising partners to serve ads; these partners may collect and process data as described in this section.

App Tracking Transparency (ATT). On iOS, we may ask for permission to track your activity across other companies' apps and websites using Apple's AppTrackingTransparency prompt. If you allow, we (and our advertising partners) may access the device advertising identifier (IDFA) and use it for advertising personalization, measurement, and attribution. If you deny, we will not access the IDFA and will serve ads that may be less relevant, while still using limited contextual signals (such as approximate location from IP) for basic ad delivery, fraud prevention, and measurement.

  • AdMob may collect device identifiers (such as your mobile advertising ID), rough location (based on IP or device settings), and other signals to deliver and measure ads in accordance with its own policies.
  • Depending on your platform and region, AdMob or the operating system may treat these ads as personalized by default, subject to your device-level privacy settings (such as "Limit Ad Tracking" or "Opt out of Ads Personalization").
  • We do not currently provide an in-app toggle for "do not personalize ads." If you want to limit ad personalization or tracking, please use your device's privacy settings or any platform-level ad settings available to you (for example, on iOS: Settings -> Privacy & Security -> Tracking).

9. International transfers

We are based in the United States and may process your data in the U.S. and other countries where our service providers operate.

For users in the EEA/UK, when required, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms with our processors.

10. Data retention

  • We retain your account data, preferences, recipes, recents, favorites, and associated images for as long as your account is active.
  • When you use the in-app Delete Account button, we perform a hard delete of your user record in our database, and related records are deleted via cascading rules. This includes deleting:
    • Your account
    • Your recipes, recents, favorites, preferences, and associated photos/images
    • Any recipe share links associated with your account (they will stop working)
  • We may retain certain backup copies for a limited period as part of our standard backup and recovery processes.
  • We may retain aggregated or de-identified analytics (which do not identify you) for longer periods.

11. Security

We use reasonable administrative, technical, and organizational safeguards to protect your data, including:

  • Encryption in transit (TLS)
  • Managed at-rest encryption provided by our infrastructure providers
  • Authentication and row-level security in Supabase to restrict access
  • Access controls limited to what is necessary to operate the Service

No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

12. Your rights

Your privacy rights depend on where you live and may include:

  • Access to personal data we hold about you
  • Deletion of your account and associated data (via the in-app Delete Account button or by contacting us)
  • Correction of inaccurate information
  • Additional rights for EEA/UK or certain U.S. state residents (such as objection, restriction, or portability), where applicable

To exercise your rights, contact support@tastebotai.com. We may ask for information to verify your identity before responding.

If you are in the EEA/UK, you also have the right to lodge a complaint with your local data protection authority.

13. Data export

We do not currently provide a self-serve data export tool. If you require a copy of your data and applicable law gives you that right, contact us at support@tastebotai.com and we will evaluate your request.

14. "Do Not Track" & U.S. state privacy notices

  • We do not respond to browser-based "Do Not Track" (DNT) signals.
  • We do not "sell" personal information as that term is defined under the California Consumer Privacy Act (CCPA/CPRA) and similar laws. We may "share" certain information with advertising partners as described in Section 8; where required by law, you may opt out by contacting us.
  • If you are a resident of California or another U.S. state with privacy laws and have questions about your rights, please contact us.

15. Changes to this policy

We may update this Privacy Policy from time to time. If changes are material, we will provide reasonable notice (for example, in-app or by email) and indicate the new effective date at the top.

Your continued use of the Service after the updated policy becomes effective means you accept the changes.