privacy_policy.html

<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <title>Privacy Policy — Roll Cookbook</title>
  <style>
    @import url('https://fonts.googleapis.com/css2?family=Playfair+Display:wght@400;700&family=Inter:wght@300;400;500;600&display=swap');
    :root { --bg:#0d0d0f; --surface:#13131a; --gold:#c9a84c; --gold-dim:rgba(201,168,76,0.12); --text:#f0f0f0; --text-dim:#999; --text-faint:#555; --border:rgba(255,255,255,0.07); --radius:14px; }
    * { box-sizing:border-box; margin:0; padding:0; }
    body { font-family:'Inter',system-ui,sans-serif; background:var(--bg); color:var(--text); line-height:1.8; min-height:100vh; }
    .site-header { background:var(--surface); border-bottom:1px solid var(--border); padding:28px 40px; display:flex; align-items:center; gap:16px; }
    .logo-icon { width:48px; height:48px; background:var(--gold-dim); border:1.5px solid var(--gold); border-radius:12px; display:flex; align-items:center; justify-content:center; font-size:1.4em; }
    .logo-text { font-family:"Playfair Display",Georgia,serif; font-size:1.4em; font-weight:700; }
    .logo-text span { color:var(--gold); }
    .hero { background:linear-gradient(135deg,rgba(201,168,76,0.08) 0%,rgba(0,0,0,0) 60%); border-bottom:1px solid var(--border); padding:60px 40px 50px; text-align:center; }
    .hero-tag { display:inline-block; background:var(--gold-dim); border:1px solid rgba(201,168,76,0.3); color:var(--gold); font-size:0.72em; font-weight:600; letter-spacing:2px; text-transform:uppercase; padding:6px 16px; border-radius:20px; margin-bottom:20px; }
    .hero h1 { font-family:"Playfair Display",Georgia,serif; font-size:clamp(2em,5vw,3.2em); font-weight:700; margin-bottom:12px; }
    .hero h1 span { color:var(--gold); }
    .hero-date { font-size:0.85em; color:var(--text-dim); }
    .container { max-width:780px; margin:0 auto; padding:60px 24px 100px; }
    .intro { background:var(--surface); border:1px solid var(--border); border-left:3px solid var(--gold); border-radius:var(--radius); padding:22px 24px; margin-bottom:48px; font-size:0.95em; color:var(--text-dim); line-height:1.7; }
    .section { margin-bottom:48px; }
    .section-header { display:flex; align-items:center; gap:14px; margin-bottom:18px; padding-bottom:14px; border-bottom:1px solid var(--border); }
    .section-num { width:34px; height:34px; background:var(--gold-dim); border:1px solid rgba(201,168,76,0.3); border-radius:9px; display:flex; align-items:center; justify-content:center; font-size:0.8em; font-weight:700; color:var(--gold); flex-shrink:0; }
    .section h2 { font-family:"Playfair Display",Georgia,serif; font-size:1.25em; font-weight:700; }
    .section p { font-size:0.93em; color:#ccc; line-height:1.8; margin-bottom:14px; }
    .section p:last-child { margin-bottom:0; }
    .data-item { background:var(--surface); border:1px solid var(--border); border-radius:var(--radius); padding:16px 18px; margin-bottom:10px; display:flex; gap:14px; align-items:flex-start; }
    .data-item-icon { font-size:1.1em; flex-shrink:0; margin-top:2px; }
    .data-item-label { font-size:0.82em; font-weight:600; color:var(--gold); text-transform:uppercase; letter-spacing:0.5px; margin-bottom:4px; }
    .data-item-desc { font-size:0.88em; color:#aaa; line-height:1.6; }
    .third-party-item { background:var(--surface); border:1px solid var(--border); border-radius:var(--radius); padding:16px 18px; margin-bottom:10px; }
    .third-party-name { font-size:0.88em; font-weight:600; color:var(--text); margin-bottom:4px; }
    .third-party-desc { font-size:0.85em; color:#999; line-height:1.6; }
    .third-party-desc a { color:var(--gold); text-decoration:none; }
    .third-party-desc a:hover { text-decoration:underline; }
    .styled-list { list-style:none; padding:0; margin:0 0 14px 0; }
    .styled-list li { font-size:0.93em; color:#ccc; line-height:1.7; padding:6px 0 6px 22px; position:relative; border-bottom:1px solid rgba(255,255,255,0.04); }
    .styled-list li:last-child { border-bottom:none; }
    .styled-list li::before { content:"·"; position:absolute; left:6px; color:var(--gold); font-size:1.4em; line-height:1.2; }
    .info-box { background:rgba(201,168,76,0.07); border:1px solid rgba(201,168,76,0.2); border-radius:var(--radius); padding:16px 18px; margin-bottom:14px; font-size:0.88em; color:#bba060; line-height:1.6; }
    .info-box strong { color:var(--gold); }
    .contact-card { background:linear-gradient(135deg,rgba(201,168,76,0.1),rgba(201,168,76,0.04)); border:1px solid rgba(201,168,76,0.25); border-radius:var(--radius); padding:24px 26px; }
    .contact-row { display:flex; align-items:center; gap:12px; padding:10px 0; border-bottom:1px solid rgba(255,255,255,0.05); font-size:0.9em; }
    .contact-row:last-child { border-bottom:none; }
    .contact-label { color:var(--gold); font-weight:600; font-size:0.8em; text-transform:uppercase; letter-spacing:0.5px; width:90px; flex-shrink:0; }
    .contact-value { color:#ccc; }
    .site-footer { background:var(--surface); border-top:1px solid var(--border); padding:32px 40px; text-align:center; font-size:0.82em; color:var(--text-faint); }
    .site-footer span { color:var(--gold); }
    @media(max-width:600px){ .site-header{padding:20px;} .hero{padding:40px 20px 36px;} .container{padding:40px 16px 80px;} .site-footer{padding:24px 20px;} }
  </style>
</head>
<body>

<header class="site-header">
  <div class="logo-icon">📖</div>
  <div class="logo-text">Roll <span>Cookbook</span></div>
</header>

<div class="hero">
  <div class="hero-tag">Legal</div>
  <h1>Privacy <span>Policy</span></h1>
  <div class="hero-date">Effective Date: April 7, 2026</div>
</div>

<div class="container">

  <div class="intro">
    This Privacy Policy explains how Roll Cookbook ("the App", "we", "us") collects, uses, stores, and protects information when you use our recipe management application available on Android and the web. By creating an account or using Roll Cookbook, you agree to the practices described in this policy.
  </div>

  <!-- 1 -->
  <div class="section">
    <div class="section-header"><div class="section-num">1</div><h2>Information We Collect</h2></div>
    <div class="data-item"><div class="data-item-icon">👤</div><div><div class="data-item-label">Username</div><div class="data-item-desc">Your chosen display name, visible to other users in social features such as following, community posts, and shared lists.</div></div></div>
    <div class="data-item"><div class="data-item-icon">📧</div><div><div class="data-item-label">Email Address (optional)</div><div class="data-item-desc">Collected only if you choose to secure your account with email and password authentication. Used solely for login, password reset, and account recovery. Never shared with other users or used for marketing.</div></div></div>
    <div class="data-item"><div class="data-item-icon">🔑</div><div><div class="data-item-label">Password</div><div class="data-item-desc">If you set a password, it is hashed and stored securely by Supabase Auth. We never store or have access to your plain-text password.</div></div></div>
    <div class="data-item"><div class="data-item-icon">🍽️</div><div><div class="data-item-label">Recipe Data</div><div class="data-item-desc">Recipes you add, import, or create — including titles, ingredients, instructions, cook times, ratings, notes, tags, and source URLs. Stored privately unless you explicitly share them to the Community tab.</div></div></div>
    <div class="data-item"><div class="data-item-icon">🖼️</div><div><div class="data-item-label">Photos &amp; Images</div><div class="data-item-desc">Profile pictures and recipe photos you upload are stored in Supabase Storage, associated with your account.</div></div></div>
    <div class="data-item"><div class="data-item-icon">📊</div><div><div class="data-item-label">Usage &amp; Activity Data</div><div class="data-item-desc">Favourites, collections, meal plans, cooking journal entries, planner entries, and follow relationships. Used to power the App's features and activity feeds visible to users who follow you.</div></div></div>
    <div class="data-item"><div class="data-item-icon">💬</div><div><div class="data-item-label">Messages &amp; Community Posts</div><div class="data-item-desc">Direct messages between users and posts you share to the Community tab. Messages are private between participants. Community posts are visible to all users of the App.</div></div></div>
    <div class="data-item"><div class="data-item-icon">🛒</div><div><div class="data-item-label">Shopping Lists</div><div class="data-item-desc">Your personal shopping list is stored locally on your device and never sent to our servers. Shared shopping lists are stored in our database and visible to all members you invite.</div></div></div>
  </div>

  <!-- 2 -->
  <div class="section">
    <div class="section-header"><div class="section-num">2</div><h2>How We Store Your Data</h2></div>
    <p>All user data — recipes, profiles, follows, messages, planner entries, and community content — is stored in <strong>Supabase</strong>, a PostgreSQL-based backend hosted on secure cloud infrastructure. Authentication credentials are managed by <strong>Supabase Auth</strong>.</p>
    <p>The App's frontend is hosted on <strong>Vercel</strong>. Serverless API functions on Vercel handle recipe importing, AI-powered features, and authentication. These functions do not log or retain your personal data beyond a single request.</p>
    <p>Your personal shopping list is stored in your device's local storage and is never transmitted to our servers.</p>
    <p>We do not sell, rent, or trade your personal information to any third parties.</p>
  </div>

  <!-- 3 -->
  <div class="section">
    <div class="section-header"><div class="section-num">3</div><h2>Account Security</h2></div>
    <div class="info-box"><strong>Guest Accounts:</strong> You may use Roll Cookbook with a username only, without providing an email or password. In this case, anyone who knows your username can access your account. We strongly recommend securing your account with an email and password via Settings → Account Security.</div>
    <p>When you secure your account, passwords are hashed using industry-standard bcrypt by Supabase Auth and are never stored in plain text. We have no access to your password.</p>
    <p>Password reset links are sent to your registered email and expire after a short period. You can change your email or password at any time from Settings → Account Security.</p>
    <p>We recommend choosing a username that does not contain personally identifiable information, especially if you opt not to set a password.</p>
  </div>

  <!-- 4 -->
  <div class="section">
    <div class="section-header"><div class="section-num">4</div><h2>How We Use Your Information</h2></div>
    <p>We use the information we collect solely to operate and improve Roll Cookbook:</p>
    <ul class="styled-list">
      <li>Provide core features including recipe storage, meal planning, shopping lists, and collections</li>
      <li>Enable social features such as following users, messaging, sharing to the community, and shared shopping lists</li>
      <li>Send password reset and account verification emails when requested by you</li>
      <li>Power the Recipe of the Day, seasonal suggestions, and discover features</li>
      <li>Allow recipe import from external websites via AI-assisted extraction</li>
      <li>Improve App performance and fix issues</li>
      <li>Process account deletion requests you initiate</li>
    </ul>
    <p>We do not use your data for advertising, profiling, or any purpose unrelated to operating the App.</p>
  </div>

  <!-- 5 -->
  <div class="section">
    <div class="section-header"><div class="section-num">5</div><h2>Third-Party Services</h2></div>
    <p>Roll Cookbook relies on the following third-party services. Each handles data according to its own privacy policy:</p>
    <div class="third-party-item"><div class="third-party-name">Supabase</div><div class="third-party-desc">Provides our database, file storage, and authentication system. Your recipes, profile, and account credentials are stored here. <a href="https://supabase.com/privacy" target="_blank">Supabase Privacy Policy →</a></div></div>
    <div class="third-party-item"><div class="third-party-name">Vercel</div><div class="third-party-desc">Hosts the App's web frontend and serverless API functions. <a href="https://vercel.com/legal/privacy-policy" target="_blank">Vercel Privacy Policy →</a></div></div>
    <div class="third-party-item"><div class="third-party-name">Google Gemini API</div><div class="third-party-desc">Used when you import a recipe by URL. The web page content is sent to Google's Gemini API to extract recipe data. No personally identifiable information is included in these requests. <a href="https://policies.google.com/privacy" target="_blank">Google Privacy Policy →</a></div></div>
    <div class="third-party-item"><div class="third-party-name">Google Fonts</div><div class="third-party-desc">Fonts used in the App's interface are loaded from Google Fonts, which may involve a request to Google's servers. <a href="https://policies.google.com/privacy" target="_blank">Google Privacy Policy →</a></div></div>
  </div>

  <!-- 6 -->
  <div class="section">
    <div class="section-header"><div class="section-num">6</div><h2>Public &amp; Shared Content</h2></div>
    <p>The following is visible to other users of the App:</p>
    <ul class="styled-list">
      <li>Your username and profile picture</li>
      <li>Recipes you share to the Community tab</li>
      <li>Your bio and collections you set to public</li>
      <li>Your activity visible to users who follow you (e.g. recipes you have cooked)</li>
      <li>Items you add to shared shopping lists, visible to all members of that list</li>
    </ul>
    <p>If you generate a shareable recipe link, that recipe will be accessible to anyone with the link — no login required. You control this and can stop sharing at any time.</p>
    <p>Your private recipes, personal shopping list, meal planner, cooking journal, and direct messages are never visible to other users.</p>
  </div>

  <!-- 7 -->
  <div class="section">
    <div class="section-header"><div class="section-num">7</div><h2>Data Retention &amp; Deletion</h2></div>
    <p>Your data is retained for as long as your account is active. You can request account deletion at any time from within the App via <strong>Settings → Danger Zone → Request Account Deletion</strong>. You have a 12-hour window to cancel before deletion is processed.</p>
    <p>Upon deletion, the following is permanently removed: your profile, all recipes, collections, planner entries, shopping data, follow relationships, messages, notifications, community posts, and authentication credentials.</p>
    <p>Some aggregated or anonymised data (such as community post upvote counts) may remain in an unidentifiable form after deletion.</p>
  </div>

  <!-- 8 -->
  <div class="section">
    <div class="section-header"><div class="section-num">8</div><h2>Children's Privacy</h2></div>
    <p>Roll Cookbook is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided information to the App, please contact us and we will remove it promptly.</p>
  </div>

  <!-- 9 -->
  <div class="section">
    <div class="section-header"><div class="section-num">9</div><h2>Your Rights</h2></div>
    <p>You have the right to:</p>
    <ul class="styled-list">
      <li>Access the personal data we hold about you</li>
      <li>Correct inaccurate data via Settings within the App</li>
      <li>Request deletion of your account and all associated data</li>
      <li>Update your email address or password at any time via Settings → Account Security</li>
      <li>Export your recipes via Settings → Export</li>
    </ul>
    <p>To exercise any of these rights, use in-app settings where available, or contact us at the address below.</p>
  </div>

  <!-- 10 -->
  <div class="section">
    <div class="section-header"><div class="section-num">10</div><h2>Changes to This Policy</h2></div>
    <p>We may update this Privacy Policy as the App evolves. We will notify users of significant changes by updating the effective date at the top of this document. Continued use of the App after changes are posted constitutes your acceptance of the updated policy.</p>
  </div>

  <!-- 11 -->
  <div class="section">
    <div class="section-header"><div class="section-num">11</div><h2>Contact Us</h2></div>
    <p>If you have questions about this Privacy Policy, wish to exercise your rights, or need to report a privacy concern, please contact us:</p>
    <div class="contact-card">
      <div class="contact-row"><div class="contact-label">App</div><div class="contact-value">Roll Cookbook</div></div>
      <div class="contact-row"><div class="contact-label">Developer</div><div class="contact-value">Brandon Rollert</div></div>
      <div class="contact-row"><div class="contact-label">Email</div><div class="contact-value"><a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="6614090a0a0314125426010b070f0a4805090b">[email&#160;protected]</a></div></div>
      <div class="contact-row"><div class="contact-label">Website</div><div class="contact-value">https://rollcookbook.com</div></div>
    </div>
  </div>

</div>

<footer class="site-footer">
  <p>&copy; 2026 <span>Roll Cookbook</span>. All rights