Craving Logoraving
Back to App

Privacy Policy

Last Updated: May 26, 2026

1. Information We Collect and Process

Because we aim to minimize our data footprint, we strictly collect only what is essential to deliver core application functionality and ensure platform stability:

  • Recipe Parameters: We process the text lists of ingredients, meal categories, target calorie values, and cuisine types that you intentionally input to generate custom recipes.
  • Device and Telemetry Logs: To maintain platform uptime and protect our application layer against malicious server exploitation or automated spamming, our security systems securely track temporary edge network details, such as client IP addresses and transaction handshakes.
  • Usage Performance: We utilize localized analytics tools (including PostHog) to understand user engagement levels, track successful generation run frequencies, and identify standard client script exceptions to continuously improve system features.

2. How Your Data Is Shared

We never rent, lease, sell, or monetize user data. To generate recipe results, your intentional ingredient inputs are transmitted to the following subprocessors:

  • OpenAI Inc.: Ingredient parameters and nutrition limits are sent securely via API structures to OpenAI models (gpt-4o-mini) to construct premium culinary recommendations. This data is handled according to enterprise API parameters and is not used to train future public language models.
  • Upstash Inc.: Client IP data signatures are securely cross-referenced via stateless distributed database nodes (Upstash Redis) to calculate running rate limits, ensuring platform operations stay protected against service degradation.

3. Data Storage, Security, and Cookies

Volatile Storage & OperationsWe do not maintain heavy, permanent central relational databases storing individual user profiles. Application states and rate histories naturally expire via automated time-to-live configurations. We leverage production-grade platforms (Vercel edge routers, encrypted TLS network layers, and hard organizational budget ceilings) to guarantee that input routing transitions remain shielded from unauthorized exposure vectors.

4. Third-Party Integrations

Our website may contain operational elements connecting out to source providers (such as GitHub reference links or deployment platforms). We hold no oversight over external domains and advise inspecting individual corporate privacy statements if navigating out of our environment bounds.

5. Contact and Modifications

We reserve the right to revise this document as our system configuration boundaries mature. Your continued interaction with the app interface implies complete acknowledgment of active parameters. For inquiries regarding this privacy framework, you can contact us directly via our platform support hooks.