Privacy Policy

Last updated 14 July 2024

This privacy policy will explain how our organization uses the personal data we collect from you when you use our website.

We do not collect any data from anonymous/unregistered users.

We collect the following data from users who sign up for an account:

• Username
• Password

We collect the following data from registered users who create recipes:

• Recipe Data

You directly provide us with all the data we collect.

We do not collect data until you sign up for an account.

We collect data and process data when you:

• Sign up for a user account.
• Update your account information.
• Use or view our website when signed in via your browser's cookies.
• Create or update your recipes.

We collect your data so that we can:

• Authenticate your account.
• Enable you to manage your account and your recipes.
• Display your private recipes to you.
• Display your public recipes to the public.
• Enable other users to create their own recipes starting from a copy of your public, derivative works-compatible recipes.

We do not share your data with any other parties.

We store your data securely on servers located in New York City, United States operated by DigitalOcean, LLC. Your password is sent only over a secure channel, hashed using a secure algorithm, and never stored in plaintext.

We regularly backup our database and retain backups for 30 days. If you delete your account, we will immediately delete all your account data and all your recipe data (except for any copies of recipes made by other users) from our database. Your data will not be included in future backups but may remain in previous backups for up to 30 days following your account deletion.

We will not send you any marketing.

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

• The right to access – You have the right to request copies of your personal data. We may charge you a small fee for this service.

• The right to rectification – You have the right to request that we correct or complete any personal data concerning you that you believe is inaccurate or incomplete.

• The right to erasure – You have the right to request that we erase your personal data, under certain conditions.

• The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.

• The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.

• The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: privacy@neatrecipe.com

HTTP (Hypertext Transfer Protocol), the technology that powers the World Wide Web, is stateless. This means that when a web browser makes a request to a server, the server can respond to the request in isolation without having to store or retrieve any data.

This makes serving responses more efficient but it also means the server has to respond to the same request from every client the same way. What if we want to show different content based on which user is currently signed in? A user needs to be able to sign in once and then have all of their subsequent requests be authenticated as them. To do this, we have to add some kind of stateful session on top of HTTP.

The standard way to enable stateful sessions over HTTP is through the use of HTTP Cookies.

A cookie is a small piece of data that is sent from a web server to your web browser which is then stored and automatically included in all subsequent requests to the server until it expires or is deleted.

We use cookies exclusively for authenticating signed in users. We do not set any cookies until you sign up for an account.

After you sign up for a user account initially and whenever you subsequently sign in successfully, our server generates a random token, associates it in our database with your user account, and sends it to your web browser as a cookie named "nr_auth".

If you check "Stay signed in" on the Sign Up/Sign In form, we tell the browser that the cookie should expire 365 days from now. Otherwise, we do not set an expiration for the cookie. This is called a "session cookie" and traditionally resulted in the cookie being removed after the browsing session ended (i.e. once you close your browser) however many modern web browsers automatically resume previous sessions resulting in long-lived session cookies. You can usually change this behavior via your browser's settings.

When your web browser makes a request to our web server, it automatically sends along this cookie which the server checks to authenticate your request.

When you sign out of your account, we invalidate the current token in our database and we tell your browser to delete the cookie.

We use one first-party cookie to authenticate signed in user requests, as described above.

We do not set or read any tracking, advertising, or third-party cookies.

You may manually manage your cookies via your browser's settings. Note: if you delete or alter the "nr_auth" cookie we set, you will have to sign in again.

You may tell your browser not to set any cookies via your browser's settings. Note: cookies must be enabled for you to sign in to your account.

We keep our privacy policy under regular review and place any updates on this web page. This privacy policy was last updated on 14 July 2024.

If you have any questions about our privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.

Email us at privacy@neatrecipe.com