Privacy Policy

Last updated: 29 August 2020

Recipeno acknowledges your right to confidentiality and is committed to protecting your privacy. This Privacy Policy describes how personal information is collected, used and shared when you use our Website and/or Mobile Apps and their Services.

This Policy applies where we are acting as a Controller with respect to the Personal Data of our Website and/or Mobile Apps’ users; in other words, where we determine the purposes and means of the processing of that Personal Data.

In this Policy, “we”, “us” and “our” refer to Recipeno administrator users.

1. Personal Data that we collect & process

In this Section the following are set out: the general categories of Personal Data that we may process; the source and specific categories of that Personal Data; the purposes for which we may process Personal Data; and the legal bases of the processing.

1.a. Recipeno Website

  1. We may process data about your use of our Website ("Usage Data"). The Usage Data may include your geographical location, browser type and version, operating system, referral source, length of visit, page views and navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the Usage Data is our analytics tracking system, Google Analytics that is added in our Website. This data is anonymous and we cannot link activity to a specific person. The Usage Data may be processed for the purposes of analysing the use of our Website. The legal basis for this processing is your consent (for EU & UK based users).
  2. We may process data about social sharing of pages from our Website ("Social Sharing Data"). The Social Sharing Data is generated when you share our content via the AddToAny widget that is added in our Website and may include the date that the social share took place, the social network through which the content was shared, the URL that was shared, in combination with Usage Data. The source of the Social Sharing Data is our analytics tracking system, Google Analytics. This data is anonymous and we cannot link activity to a specific person. The Social Sharing Data may be processed for the purposes of analysing the content shared by users via social networks and external platforms. The legal basis for this processing is your consent (for EU & UK based users).
    • The use of any of the AddToAny buttons involves the exchange of information with the social networks and external platforms (such as Facebook, Twitter, Pinterest, etc) that you choose for sharing our content. We have no control over the Personal Data being shared within these networks and platforms. It is your responsibility to ensure that any sharing networks and platforms available through AddToAny meet any Data Protection requirements.

1.b. Recipeno Mobile Apps

  1. We may process data about your use of our Mobile Apps and their Services ("Usage Data"). The Usage Data may include your geographical location, type of mobile device, device brand and model, mobile device operating system, device language, length of visit, page views, information about the timing, frequency and pattern of your use, cookies or similar tracking technologies, as well as device unique identifiers. The source of the Usage Data is our analytics tracking system, Google Firebase Analytics via Firebase SDK that is added in our Mobile Apps. This data is anonymous, with no Personally Identifiable Information and we cannot link activity to a specific person. The Usage Data may be processed for the purposes of analysing the use of our Mobile Apps and their Services. The legal basis for this processing is our legitimate interests, namely monitoring and improving our Mobile Apps and their Services.
  2. We may process data provided in the course of the use of our Mobile Apps and their Services ("Service Data"). The Service Data may include your device state, hardware and OS information, device brand and model, crash reports, and details for such errors, as well as device unique identifiers. The source of the Service Data is Google Firebase Crashlytics via Crashlytics SDK that is added in our Mobile Apps. This data is anonymous, with no Personally Identifiable Information and we cannot link it to a specific person. The Service Data may be processed for the purposes of operating our Mobile Apps, and solving errors in our Mobile Apps and their Services. The legal basis for this processing is our legitimate interests, namely the proper administration of our Mobile Apps and their Services.
  3. We and our third-party advertising platform and their partners (namely Google’s Admob advertising platform), may process data provided in the course of your interacting with advertisements displayed in all or some of our Mobile Apps ("Advertising Data"). The Advertising Data may include unique identifiers for advertising (e.g. your device Advertising ID), location information, cookies or similar tracking technologies, interests, demographics, advertising that you view and/or click on, usage data, and other data that may be used to serve better targeted ads to the user. The source of the Advertising Data is Google Mobile Ads SDK that is added in all os some of our Mobile Apps. The Advertising Data may be processed for the purposes of displaying personalized and/or non-personalized advertisements, while you use our Mobile Apps, as well as frequency capping, aggregated ad reporting, and measuring the effectiveness of ad campaigns. The legal basis for this processing is your consent (for EU & UK based users) and/or our legitimate interests, namely to monetize our Mobile Apps.
    • For more information about the data collected by Google AdMob, and how this data is used, visit Google’s Advertising memo and Admob Partners information.
    • You can opt out of advertising personalization at any time, as explained below. In this case, you will be displayed the same amount of ads, but the ads will be less relevant to you.
    • For California based users: We have enabled the "Restricted data processing" mode, which disables advertising personalization.

1.c. Recipeno Website and Recipeno Mobile Apps

  1. We may process data provided in the course of interaction of the Website and/or Mobile Apps with our servers ("Log Data"). The Log Data may include your IP address, timestamp and url of the request to our servers, as well as any errors that may occur. The source of the Log Data is our servers. This data is securely stored in our servers, and IP addresses are anonymized through data minimization. This data is anonymous, with no Personally Identifiable Information and we cannot link it to a specific person. The Log Data may be processed for the purposes of providing our Website and Mobile Apps and their Services, ensuring the security of our Website and Mobile Apps, and solving errors in our Website and Mobile Apps and their Services. The legal basis for this processing is our legitimate interests, namely the proper administration and operation of our Website and Mobile Apps.
    • Exception: IP addresses are not anonymized when used to monitor the security of our network and systems and the security of our Services offered via our network and systems, and to prevent any action that may compromise the availability of our Website and/or Mobile Apps. The legal basis for this processing is our legitimate interests, namely the security and availability of our Website and Mobile Apps.
  2. We may process information contained in or relating to any communication that you send to us ("Correspondence Data") through email. The Correspondence Data will include the communication content and metadata associated with the communication. The Correspondence Data may be processed for the purposes of communicating with you, replying to your submitted query, providing support and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our Website and Mobile Apps and communications with our Website and/or Mobile Apps’ users.
  3. We may process any of your Personal Data identified in this Policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others. In addition, we may also process any of your Personal Data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect ours or your vital interests or the vital interests of another natural person.

Please do not supply any other person's Personal Data to us, unless we prompt you to do so.

2. Providing Personal Data to others

We do not sell your Personal Data. We may share and disclose your information to third parties in the following circumstances:

  1. To our suppliers / service providers [Processors], insofar as reasonably necessary for the provision of our Website and Mobile Apps. All of our suppliers are carefully chosen on the basis of their security and privacy standards, their being GDPR compliant, as well as their certification for the EU-U.S. and Swiss-U.S. Privacy Shield for those located outside the European Economic Area (EEA). By agreeing to this Privacy Policy, you give us permission to share Personal Data with our suppliers. Specifically, we use the services of the following service providers:
  2. We may disclose your Personal Data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect ours or your vital interests or the vital interests of another natural person. We may also disclose your Personal Data where such disclosure is necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
  3. Lastly, we may share your personal information in case there is a change in the ownership of our Website and Mobile Apps. In this case, you will be notified by a notification in our Website and Mobile Apps.

3. International transfers of your Personal Data

In this Section, we provide information about the circumstances in which your Personal Data may be transferred to countries outside the EEA.

Some of our service providers are situated in countries outside the EEA, including the United States of America. The European Commission has made an "adequacy decision” with respect to the Data Protection Laws of the USA. Transfers to the United States of America will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted or approved by the European Commission, a copy of which you can obtain from: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en

Our service providers, that are located in the United States of America, provide Standard Contractual Clauses (SCCs), as a transfer mechanism for personal data being transferred out of the EEA. For more information on their SCCs, please visit their Privacy Policies, as outlined in Section 2 of this Privacy Policy.

Also, our service providers, that are located in the United States of America, participate, comply and are certified to the EU-US and Swiss-US Privacy Shield Frameworks:

4. Retaining & Deleting Personal Data

This Section sets out the Data Retention policies, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of Personal Data.

Personal Data that we process for any purpose or purposes will be retained as follows:

  • Usage and Social Sharing Data will be retained for a period of 14 months.
  • Service Data will be retained for a period of 90 days.
  • Log Data will be retained for a period of 90 days.
  • Correspondence Data, will be retained for a minimum period of 1 month following the date that you contacted us, and for a maximum period of 2 years following the date that you contacted us.

For Advertising Data visit Google Data Retention Policy. Google [as an independent Controller] controls the retention periods of this Data and anonymizes Advertising Data in their server logs by removing part of the IP address after 9 months and cookie information after 18 months.

Notwithstanding the other provisions of this Section, we may retain your Personal Data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect ours or your vital interests or the vital interests of another natural person.

5. Security

We use a variety of technologies (such as data transmission through SSL, data encryption and anonymization and 24/7 monitoring of our Website and Mobile Apps and their Services) to ensure an appropriate level of security for protecting Personal Data from unauthorized access, use or disclosure. However, please keep in mind that the Internet cannot be guaranteed to be 100% secure.

In the case of a Personal Data Breach, the Controller shall without undue delay notify the Personal Data Breach to our Supervisory Authority, unless the Personal Data Breach is unlikely to result in a risk to the rights and freedoms of natural persons.

6. Your rights

In this Section, we have listed the rights that you have under Data Protection Laws. Your principal rights under the Data Protection Laws are:

  • the right to access - ask for a copy of your Personal Data;
  • the right to rectification - you can ask to rectify inaccurate Personal Data and to complete incomplete Personal Data;
  • the right to erasure - you can ask to erase your Personal Data;
  • the right to restrict processing - you can ask to restrict the processing of your Personal Data;
  • the right to object to processing - you can object to the processing of your Personal Data;
  • the right to data portability - you can ask that your Personal Data is transferred to another organisation or to you; and
  • the right to withdraw consent - to the extent that the legal basis of the processing of your Personal Data is consent, you can withdraw that consent.

EU individuals also have the right to complain to a Supervisory Authority.

These rights are subject to certain limitations and exceptions. You can learn more by clicking here.

If you wish to exercise any of your rights in relation to your Personal Data, please contact us.

Note for California residents: Under the California Consumer Privacy Act ("CCPA"), California residents have the right to know what personal information about them is collected, request deletion of their Personal Data, opt-out of the sale of their Personal Data, and not be discriminated against if they choose to exercise any of these rights. Recipeno does not sell and does not process any personal information, including displaying personalized ads, for any commercial purpose other than operating the Mobile Αpps and providing their Services. We will not discriminate against you for exercising any of your CCPA rights.

7. Children’s privacy

Recipeno is not intended for anyone under 18 years of age ("Children"). We do not knowingly collect any personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you believe that your Children have provided us with Personal Data, please contact us asap.

8. About cookies

Third-party Cookies may be stored by your web browser when you visit our Website for the following purposes:

  • Analysis: We use Google Analytics. Google Analytics gathers information about the use of our Website by means of cookies. The information gathered is used to create reports about the use of our Website;
  • Social sharing: We use AddToAny. AddtoAny widget creates cookies in order to properly provide the social sharing functionality on our website. By design, AddToAny does not store Personal Data; and
  • Cookies consent: We use Cookiehub. Cookiehub creates cookies to store your preferences in relation to the use of cookies when browsing our Website. The information is stored locally on your device.

You may change your preferences for cookies at any time through the Cookiehub button, found at the bottom right of our Website. Otherwise, you may control the cookies through your web browser settings, as explained below.

Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:

Blocking all cookies will have a negative impact upon the usability of many websites.

9. Amendments

We may update this Policy from time to time, in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons. We will publish a new version here, mentioning the "Last update date", which is also the effective date of this Policy.

You should check this page occasionally to ensure you are happy with any changes to this Policy. If you continue to use our Website and/or Mobile Apps after the effective date, then you will be considered as having consented to the revised Privacy Policy. If you do not agree with the updated Privacy Policy, you are advised to not use our Website and/or Mobile Apps.

We will notify you of significant changes to this Policy by using a banner on the homepage of Recipeno Website and notification in our Mobile Apps.

10. Severability

If a provision of this Privacy Policy is determined by any court or other competent authority to be invalid, unlawful and/or unenforceable, the other provisions will continue in effect. If any invalid and/or unlawful and/or unenforceable provision of this Privacy Policy would be valid, lawful or enforceable if part of it were deleted, that part will be deemed to be deleted, and the rest of the provision will continue in effect.

11. Credit

This document was created using a template from SEQ Legal.

12. Contact

If you have any questions or concerns about this Privacy Policy, please feel free to email us at contact@recipeno.com.

Appendix - Definitions

  • "Controller" means an entity, which determines the purposes and means of the processing of Personal Data;
  • "Data Protection Laws" means EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other country;
  • "EEA" means European Economic Area and includes the European Union member states and the UK, Iceland, Liechtenstein, and Norway;
  • "EU Data Protection Laws" means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to time, including by the GDPR and laws implementing or supplementing the GDPR;
  • "GDPR" means EU General Data Protection Regulation 2016/679;
  • "Personal Data" means any information relating to an identified or identifiable natural person, as long as this information falls within the Data Protection Laws;
  • "Personal Data Breach" means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed;
  • "Processor" means an entity that processes Personal Data on behalf of Controller;
  • "Services" means the functionality / features offered through our Website and/or Mobile Apps, e.g. viewing recipes and their nutritional information, saving recipes to list of favorites, creating and sharing a shopping list, keeping notes, etc;
  • "Supervisory Authority means an independent public authority which is established by a Member State.