Privacy Policy

Last updated: February 7, 2026

This Privacy Policy describes how Big Spoon (“we,” “us,” or “our”) collects, uses, and shares information when you use the Big Spoon mobile application (the “App”) and the bigspoon.app website (the “Site”). By using our services, you agree to the collection and use of information as described here.

Information We Collect

Information You Provide

  • Account Information. When you sign in with Apple, we receive your name and email address (or an Apple relay email address). We store a unique user identifier to manage your account.
  • Profile and Preferences. During onboarding and in settings, you may provide dietary restrictions, disliked ingredients, cooking skill level, household size, cooking goals, cuisine preferences, kitchen equipment, and other preferences.
  • Recipes and Meal Plans. You create, import, and store recipes, meal plans, and grocery lists within the App.
  • Photos. You may upload photos for your recipes, which are stored on our servers.
  • AI Chat Messages. When you interact with the AI assistant, your messages and the assistant’s responses are processed to provide the service.
  • Support Communications. If you contact us for support, we may retain those communications.

Information Generated by Our Services

  • AI-Generated Content. The AI assistant generates recipes, meal plans, nutrition estimates, health scores, and recipe images based on your inputs and preferences. These are stored in your account.

Information Collected Automatically

  • Analytics Data. We use Firebase Analytics to collect anonymized usage data such as feature usage and onboarding progress.
  • Crash Reports. Firebase Crashlytics collects crash reports including device model, operating system version, and error stack traces to help us fix bugs.
  • Performance Data. Firebase Performance Monitoring collects data about app and network performance.
  • Push Notification Data. OneSignal manages push notification delivery and collects device tokens and interaction data.

Information from Third-Party Services

  • Apple. Authentication data via Sign in with Apple.
  • RevenueCat. Subscription status and purchase receipts for managing your Big Spoon Pro subscription.

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the App’s core features (recipe management, meal planning, grocery lists)
  • Personalize AI recommendations based on your dietary preferences, skill level, and goals
  • Process AI requests including recipe generation, meal planning, and chat interactions
  • Generate recipe images using AI
  • Manage your subscription
  • Send push notifications you have opted into
  • Analyze app usage and improve the service
  • Diagnose crashes and fix performance issues
  • Respond to support requests
  • Comply with legal obligations

AI Processing

Our AI features use third-party AI models provided through OpenRouter, including models from Google, OpenAI, and xAI. When you use AI features:

  • Your dietary preferences, recipe content, and chat messages are sent to these AI model providers to generate responses.
  • AI processing happens server-side. Your data is transmitted securely to our servers, which then communicate with AI model providers.
  • We do not use your personal data to train AI models. Your data is used only to generate responses for you.
  • AI-generated content, including recipes, nutrition information, health scores, and images, is produced by automated systems and may contain inaccuracies. See our Terms of Service for important disclaimers.

How We Share Your Information

We share your information only with the following service providers, solely to operate the App:

ServicePurposeData Shared
SupabaseDatabase hosting, authentication, file storageAccount data, recipes, meal plans, photos
OpenRouterAI model routingRecipe content, chat messages, dietary preferences
Firebase (Google)Analytics, crash reporting, performance monitoringAnonymized usage events, crash logs, performance data
OneSignalPush notification deliveryDevice token, user identifier
RevenueCatSubscription managementUser identifier, purchase receipts
AppleAuthentication, subscription billingApple ID, payment information (handled by Apple)

We do not sell your personal information. We do not share your information for advertising purposes.

We may disclose information if required by law, court order, or governmental authority.

Data Retention

  • While your account is active, we retain all data associated with your account.
  • When you delete your account, all data is permanently deleted from our servers, including your profile, recipes, meal plans, grocery lists, AI chat history, and uploaded images. This action is irreversible.
  • Analytics data is retained per Firebase’s default retention periods (typically 14 months).
  • Crash reports are retained for 90 days per Firebase Crashlytics.

Data Security

We take reasonable measures to protect your information:

  • All data is encrypted in transit using HTTPS/TLS.
  • Database-level security (Row Level Security) ensures users can only access their own data.
  • Authentication is handled through Sign in with Apple using industry-standard protocols.
  • Sensitive API keys and secrets are stored only on the server side and are never included in the App.

No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee its absolute security.

Your Rights

All Users

You may at any time:

  • Access your data by viewing your profile, recipes, and meal plans within the App.
  • Correct inaccurate data by editing your profile or recipes.
  • Delete your account and all associated data using the account deletion feature in Settings.
  • Opt out of push notifications through your device settings or within the App.

California Residents (CCPA/CPRA)

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, and disclose.
  • Request deletion of your personal information.
  • Opt out of the sale of your personal information. We do not sell personal information.
  • Not be discriminated against for exercising your privacy rights.
  • Know about automated decision-making technology. Our AI features generate content based on your inputs; these are informational tools, not consequential automated decisions.

Categories of personal information collected: Identifiers (name, email, user ID), internet or network activity (usage analytics), preferences and profile information, user-generated content (recipes, meal plans), commercial information (subscription status), and inferences drawn from the above.

EU/EEA Residents (GDPR)

If you are in the EU or EEA, our legal bases for processing are:

  • Contract performance — to provide the core features of the App.
  • Legitimate interests — for analytics and service improvement.
  • Consent — for push notifications and optional data collection.

You have the right to access, rectify, erase, restrict processing, data portability, and object to processing. You may withdraw consent at any time. You may lodge a complaint with your local data protection authority.

Your data is transferred to and processed in the United States. Transfers are governed by our service providers’ standard contractual clauses and data processing agreements.

Children’s Privacy

The App is not directed at children under 13 (or under 16 in the EU). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at support@bigspoon.app and we will delete it.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top of this page indicates when it was last revised. We will notify you of material changes through the App or by other means.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:

Email: support@bigspoon.app