Privacy Policy
Last updated: 23 June 2026
This Privacy Policy explains how Pipiro (“Pipiro”, “the app”, “we”, “us”) collects, uses, and protects your personal data when you use the Pipiro mobile application and related services.
We respect your privacy and are committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Lithuanian law.
1. Who is responsible for your data (Data Controller)
Pipiro is operated by an individual sole developer:
- Controller: Andrius Čepukas
- Country: Lithuania (European Union)
- Contact: via our contact form
If you have any questions about this policy or how your data is handled, please get in touch via our contact form.
2. What data we collect
We only collect data that we need to provide the app’s features.
2.1 Account data
- Email address - used to sign you in and to send you one-time sign-in codes.
- Authentication identifiers - if you sign in with Google or Apple, we receive a unique account identifier from that provider (and, where you allow it, your name).
- Display name (optional) - if you choose to set one.
- Profile photo (optional) - if you sign in with Google or Apple and your account has a profile picture, we receive and store its image URL to show your avatar. You can also upload your own profile photo or remove it at any time.
2.2 Content you create
- Recipes you create, import, fork, or edit - including titles, descriptions, ingredients, steps, notes, tags, cooking times, and version history.
- Recipe photos you upload or take with your camera.
- Cook logs and collections you create to organise your recipes.
2.3 Recipe import data
When you import a recipe from a social or web link, we process:
- the URL you provide;
- the public content of that page (text and images) that we fetch in order to extract the recipe;
- the extracted recipe data returned to you.
The fetched content is sent to our AI provider solely to extract structured recipe information (see Section 4).
2.4 Technical data
- Standard technical information needed to operate a mobile app and cloud backend, such as your IP address, device type, and app version, processed by our infrastructure providers for security, abuse prevention, and reliability.
- Local settings stored only on your device (e.g. preferences), which are not transmitted to us.
2.5 One-time codes
When you sign in by email, we store a hashed (irreversible) version of your one-time code temporarily (it expires within 10 minutes) to verify your login.
2.6 Usage analytics
To understand how the app is used - which features are used and which are not - and to guide improvements, we collect aggregated, privacy-preserving usage statistics: counts of actions such as recipes created, imported, or cooked, and whether key features are used. We also count new sign-ups, and to measure retention we record once per day that your account was active.
This analytics is first-party: it is generated by our own backend from the actions you take in the app and stored only in our own infrastructure (see Section 5). We do not use Google Analytics or any third-party analytics SDK, we do not use advertising or cross-app tracking identifiers, and we never include the content of your recipes, collections, or notes in these statistics - only counts and whether a feature was used. Because the statistics are aggregated and contain no tracking identifiers, they do not require a consent banner; we rely on our legitimate interest in operating and improving the app (Art. 6(1)(f)). The account activity used for retention is deleted when you delete your account.
When you import a recipe from a web link and the import fails, we temporarily store the link (URL) you tried to import together with the reason it failed, so we can reproduce the problem and fix our importer (different sites present recipes differently). These records are not linked to your account, are accessible only to us, are never used for advertising or shared with third parties, and are automatically deleted within 30 days. We rely on our legitimate interest in keeping the import feature working (Art. 6(1)(f)).
Basic error and diagnostic logs generated by our backend are covered under technical data (Section 2.4). We do not use third-party advertising SDKs, and we do not sell your personal data.
3. Device permissions
The app may ask for the following permissions. You can decline or revoke them in your device settings; some features will not work without them.
- Camera - to take photos of your recipes.
- Photo library - to attach existing photos to recipes.
- Motion / sensors - used locally to enable hands-free interactions while cooking. This sensor data stays on your device and is not collected by us.
4. How we use your data and the legal basis
| Purpose | Data used | Legal basis (GDPR) |
|---|---|---|
| Create and secure your account, sign you in | Email, auth identifiers, one-time codes | Performance of a contract (Art. 6(1)(b)) |
| Store and sync your recipes and content | Content you create | Performance of a contract (Art. 6(1)(b)) |
| Send sign-in / transactional emails | Performance of a contract (Art. 6(1)(b)) | |
| Import recipes from links you provide | URL, page content, AI extraction | Performance of a contract (Art. 6(1)(b)) |
| Understand usage and improve the app | Aggregated usage statistics; account active-day for retention | Legitimate interests (Art. 6(1)(f)) |
| Keep the service secure and prevent abuse | Technical data | Legitimate interests (Art. 6(1)(f)) |
| Comply with legal obligations | As required | Legal obligation (Art. 6(1)(c)) |
5. Service providers (sub-processors)
We use trusted third-party providers to run Pipiro. They process data only on our behalf and under appropriate data-protection terms:
- Google Firebase / Google Cloud - authentication, database, file storage,
serverless functions, and hosting of our own first-party usage statistics. Our
backend is hosted in the European Union (region
europe-west1, Belgium). - Anthropic - provides the AI model used to extract structured recipe data from the content you import. Imported page content is sent to Anthropic for this purpose. Anthropic does not use this data to train its models under our business terms.
- Postmark - sends transactional emails (such as your one-time sign-in codes).
- Google / Apple Sign-In - if you choose these sign-in methods, the respective provider processes your authentication.
Some providers may process data outside the European Economic Area. Where this happens, transfers are protected by appropriate safeguards such as the European Commission’s Standard Contractual Clauses.
6. How long we keep your data
- Account and content data - kept for as long as your account exists.
- One-time sign-in codes - deleted automatically within 10 minutes.
- When you delete your account, we permanently delete your account, recipes, versions, cook logs, and associated files (see Section 8).
7. How we protect your data
- Data is transmitted over encrypted connections (HTTPS/TLS).
- Access to backend data is restricted; the app’s database is deny-by-default and access is scoped to your own account.
- One-time codes are stored only as irreversible hashes.
No system is perfectly secure, but we take reasonable technical and organisational measures to protect your data.
8. Your rights
Under the GDPR you have the right to:
- access the personal data we hold about you;
- rectify inaccurate data;
- erase your data (“right to be forgotten”);
- restrict or object to certain processing;
- data portability - receive your data in a portable format;
- withdraw consent where processing is based on consent.
You can delete your account and all associated data directly in the app at any time. To exercise any other right, get in touch via our contact form.
You also have the right to lodge a complaint with your data protection authority. In Lithuania this is the State Data Protection Inspectorate (Valstybinė duomenų apsaugos inspekcija, https://vdai.lrv.lt).
9. Children
Pipiro is not directed to children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, please contact us and we will delete it.
10. Changes to this policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date and, where appropriate, notify you in the app. Your continued use of Pipiro after changes take effect means you accept the updated policy.
11. Contact
Questions or requests regarding your privacy: get in touch via our contact form.