Foodissi

Privacy Policy

Last updated: April 14, 2026

Foodissi ("we," "us," "our") operates the website https://foodissi.com and the associated AI-powered recipe service (the "Service"). This Privacy Policy explains how we collect, use, store, share, and protect your personal data when you use the Service.

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR), the ePrivacy Directive, and other applicable data protection laws.

1. Data Controller

The data controller responsible for processing your personal data is:

Foodissi Email: info@foodissi.com Website: https://foodissi.com

For data protection inquiries, please contact us at info@foodissi.com.

2. Data We Collect

2.1 Data You Provide

  • Account information: email address, name (if provided), password (stored as a hash)
  • Profile and preferences: dietary preferences, allergy settings, measurement system preference, AI interaction notes
  • Chat content: messages you send to the AI assistant, including recipe requests, ingredient lists, and cooking questions
  • Recipes: recipes you create, modify, import, or save, including ingredients, steps, notes, and uploaded images
  • Payment information: processed by Stripe; we do not store full credit card numbers. We receive subscription status, plan type, and billing identifiers from Stripe.
  • Communications: messages you send to us via email

2.2 Data Collected Automatically

  • Usage data: pages visited, features used, interactions with the AI chat, recipe generation frequency
  • Device and browser data: IP address, browser type and version, operating system, device type, screen resolution
  • Cookies and similar technologies: see our Cookie Policy for details
  • Referral data: the URL that referred you to our site

2.3 Data from Third Parties

  • Stripe: subscription status, payment confirmations, billing events
  • Google Tag Manager / Google Analytics: aggregated analytics data (if you consent to analytics cookies)

3. How We Use Your Data

We process your personal data for the following purposes and legal bases:

  • Service provision (contractual necessity): to create and manage your account, generate AI recipes, save your data, process subscriptions
  • Service improvement (legitimate interest): to analyze usage patterns, fix bugs, improve AI recipe quality, and develop new features
  • Communication (contractual necessity / legitimate interest): to send account-related notifications (password reset, subscription updates), and service announcements
  • Security (legitimate interest): to detect and prevent fraud, abuse, and unauthorized access
  • Legal compliance (legal obligation): to comply with applicable laws, respond to lawful requests, and enforce our Terms of Service
  • Analytics (consent): to understand how the Service is used, via Google Analytics (only with your cookie consent)

4. AI Data Processing

This section explains how your data interacts with AI systems.

  • Your chat messages and recipe requests are sent to third-party AI model providers (currently DeepSeek) to generate responses.
  • We send only the content necessary for recipe generation: your message, relevant conversation history, and your dietary/allergy preferences.
  • We do not use your personal data, chat messages, or recipes to train AI models. Your data is used solely to generate responses within your session.
  • AI providers may have their own data processing policies. We select providers that commit to not using customer inputs for training.
  • AI-generated content (recipes, nutritional estimates) is stored in your account at your direction.

5. Data Sharing

We do not sell, rent, or trade your personal data. We share data only in the following circumstances:

  • Service providers: third parties that help us operate the Service (AI model providers, payment processor, email service, hosting provider). These providers process data only on our behalf and under contractual obligations to protect your data.
  • Legal requirements: when required by law, regulation, legal process, or governmental request.
  • Business transfers: in connection with a merger, acquisition, or sale of assets, your data may be transferred. We will notify you before your data is subject to a different privacy policy.
  • With your consent: when you explicitly authorize us to share data.

Current service providers:

  • DeepSeek, OpenAI — AI recipe generation
  • Stripe — payment processing
  • Google — analytics (Google Tag Manager, Google Analytics)
  • Hosting provider — server infrastructure (Netherlands, EU)

6. International Data Transfers

Your data is primarily stored and processed on servers located in the Netherlands (European Union). Some data processing may occur outside the EU:

  • AI model requests may be processed in countries where our AI providers operate.
  • Stripe processes payment data in the United States under EU-US Data Privacy Framework.

For transfers outside the EU/EEA, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or adequacy decisions by the European Commission.

7. Data Retention

  • Account data: retained for the duration of your account. Upon account deletion, your data is removed within 30 days, except where retention is required by law.
  • Recipes and chat history: retained as long as your account is active. You can delete individual recipes and chat sessions at any time.
  • Payment records: retained for the period required by tax and accounting laws (typically 7–10 years for financial records).
  • Server logs: automatically deleted after 90 days.
  • Analytics data: retained according to Google Analytics default settings (14 months) and only collected with your consent.

8. Your Rights (GDPR)

Under the GDPR and applicable data protection laws, you have the following rights:

  • Right of access — request a copy of the personal data we hold about you.
  • Right to rectification — request correction of inaccurate or incomplete data.
  • Right to erasure ("right to be forgotten") — request deletion of your personal data, subject to legal retention obligations.
  • Right to restriction — request that we limit how we process your data in certain circumstances.
  • Right to data portability — receive your data in a structured, machine-readable format (JSON) and transfer it to another service.
  • Right to object — object to processing based on legitimate interests, including profiling.
  • Right to withdraw consent — withdraw consent at any time where processing is based on consent (e.g., analytics cookies). Withdrawal does not affect the lawfulness of processing before withdrawal.
  • Right to lodge a complaint — file a complaint with your local data protection authority.
  • To exercise any of these rights, contact us at info@foodissi.com. We will respond within 30 days (or as required by law).

9. Cookies

We use cookies and similar technologies for authentication, functionality, and analytics. For detailed information about the cookies we use and how to manage your preferences, please see our Cookie Policy at https://foodissi.com/cookie-policy.

You can manage your cookie preferences at any time through the cookie consent banner on our website.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encrypted data transmission (HTTPS/TLS)
  • Hashed password storage
  • Access controls and authentication
  • Regular security updates
  • Server infrastructure within the EU

No method of electronic transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

11. Children's Privacy

The Service is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If we learn that we have collected data from a child under 16, we will delete it promptly. If you believe a child has provided us with personal data, please contact us at info@foodissi.com.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email or an in-app notice at least 14 days before the changes take effect. The "Last updated" date at the top of this page indicates when the policy was last revised.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data protection rights, contact us:

Email: info@foodissi.com

Website: https://foodissi.com

You also have the right to lodge a complaint with your local data protection supervisory authority.