Privacy Policy

Sino Recipes operates the Sino Recipes web application (the "Service"). We act as the responsible party ("controller") for personal information collected through the Service.

Contact: support@sino.app

Account information: When you register, we collect your name, email address, and password (stored as a secure hash). You may optionally add a username and profile avatar.

Profile preferences: Dietary preferences, allergy information, and cooking preferences you provide within the app to personalise your experience.

Usage data: Information about how you interact with the Service, including pages visited, recipes saved, and features used. This helps us improve the Service.

AI conversation messages: Messages you send to Sino AI are processed to generate responses. We do not retain your AI messages for model training. Messages are transmitted to our AI provider (OpenRouter) under their data processing agreement.

Payment information: If you subscribe to a paid plan, payment is processed by PayPal. We do not store your full card number or bank account details. We receive and store transaction identifiers, subscription status, and billing period information.

Device and technical data: IP address, browser type, operating system, and similar technical information collected automatically when you access the Service.

We use the information we collect to:

• Create and manage your account
• Provide and personalise the Service, including AI-powered features
• Process payments and manage your subscription
• Send transactional emails (account verification, data exports, subscription receipts)
• Respond to your support requests
• Monitor for security threats and prevent fraud
• Analyse usage patterns to improve the Service
• Comply with legal obligations

We will not use your personal information for any purpose that is incompatible with those stated above without your prior consent.

For users in the European Economic Area (EEA) and United Kingdom, we process your personal information on the following legal bases:

• Contract performance: Processing necessary to provide you with the Service you signed up for
• Legitimate interests: Fraud prevention, security, and improving our Service
• Legal obligation: Where we are required to comply with applicable law
• Consent: For optional communications such as marketing emails, where we have obtained your explicit consent

We do not sell, rent, or trade your personal information. We share data only as follows:

Service providers: We use trusted third-party providers who process data on our behalf under strict data processing agreements:

• Supabase — database and authentication infrastructure
• Neon — recipe database hosting
• OpenRouter — AI response generation for Sino AI
• PayPal — payment processing
• Resend — transactional email delivery
• Vercel — application hosting and edge infrastructure

Legal requirements: We may disclose your information if required by law, court order, or government authority, or to protect the rights, property, or safety of Sino Recipes, our users, or others.

Business transfers: If Sino Recipes is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your data is transferred and becomes subject to a different privacy policy.

We retain your personal information for as long as your account is active or as needed to provide you with the Service. If you delete your account, we will delete your personal information within 30 days, except where we are required to retain it longer for legal or compliance purposes.

Anonymised or aggregated data (from which you cannot be identified) may be retained indefinitely for analytics purposes.

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit (TLS/HTTPS) and at rest
• Secure password hashing (bcrypt via Supabase Auth)
• Role-based access controls limiting who can access your data
• Regular security reviews and monitoring

Despite these measures, no method of transmission over the Internet is 100% secure. If you believe your account has been compromised, contact us immediately at support@sino.app.

We use strictly necessary cookies to maintain your session and keep you signed in. We do not use advertising cookies or sell your browsing data to third parties.

Session cookies are set by Supabase Auth and expire when you sign out or your session expires. You can clear cookies from your browser settings at any time, but doing so will sign you out of the Service.

Depending on where you are located, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you (available via Profile → Export Data)
• Correction: Update inaccurate or incomplete information (available in your Profile settings)
• Deletion: Request deletion of your account and associated data (available via Profile → Delete Account)
• Portability: Receive your data in a structured, machine-readable format
• Objection: Object to processing of your data based on legitimate interests
• Restriction: Request that we restrict processing of your data in certain circumstances
• Withdrawal of consent: Where processing is based on consent, withdraw it at any time

To exercise any of these rights, contact us at support@sino.app. We will respond within 30 days. If you are based in South Africa, you may lodge a complaint with the Information Regulator at inforegulator.org.za. If you are based in the EEA or UK, you may contact your local data protection authority.

The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected data from a child, please contact us immediately and we will delete it promptly.

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where our service providers operate. When we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by relevant authorities.

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and, where appropriate, sending you an email notification. The "Effective date" at the top of this page indicates when the policy was last revised.

Continued use of the Service after changes take effect constitutes your acceptance of the updated policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our privacy team:

Sino Recipes
support@sino.app

We aim to respond to all privacy-related requests within 30 days.