Privacy Policy
This Privacy Policy explains how Hotline Inc ("Hotline," "we," "us," or "our") collects, uses, and shares information when you use the Hotline mobile application and related services (the "Service"). By creating an account or using the Service, you agree to the practices described here. If you do not agree, please do not use the Service.
Who we are
Information we collect
Information you provide
Account information. When you create a Hotline account we collect your first name, last name (optional), email address, and a password. You may also choose to add a profile photo, age, sex, weight, household size, cooking skill, favorite cuisines, dietary preferences, and food allergies. These fields help Friday personalize what it suggests.
Photos and images. When you use pantry capture, fridge scan, or recipe import from a photo, we collect the images you submit so Friday can identify ingredients, parse recipes, and answer your cooking questions. You can delete any image you have submitted from your account.
Saved and imported recipes. We collect recipes you save, import, rate, cook, or add notes to. If you import a recipe from a URL or photo we store the source so we can parse the ingredients and steps.
Conversations with Friday and Coach. When you chat with Friday (our AI cooking companion) or with a coach, we collect the content of those messages. We store the history so you can read your past conversations and so Friday can stay in context across sessions.
Retailer connections. If you connect a retailer such as H-E-B or Kroger, we collect the authorization tokens needed to add items to your cart on your behalf. We never store your retailer password. Purchases happen on the retailer's own site under their terms.
Social content. If you send a friend request, accept a follower, share activity with your followers, or post a comment, we collect those relationships and the content you choose to share.
Support and feedback. If you contact us for help, we collect the information you send and any related context (account email, device, screenshots).
Information we collect automatically
Device and app usage. We collect standard device information such as device model, iOS version, app version, language, time zone, and crash logs. We collect usage events such as screens viewed, features used, and errors encountered so we can improve the app and debug issues.
Notifications. If you opt in to push notifications, we store an Apple push token so we can deliver the alerts you have enabled (deal alerts, meal reminders, coach messages, Friday messages).
Subscription status. When you subscribe to Hotline through the Apple App Store, Apple processes the payment. Apple does not share your credit card, bank account, or billing address with us. Our subscription service provider (RevenueCat) receives anonymized subscription events from Apple (purchase, renewal, cancellation, expiration, free-trial start) tied to your Apple ID and your Hotline account, and forwards your current entitlement status to the app so we can unlock paid features. We do not receive your Apple ID itself; we receive an opaque user identifier and the subscription state.
We do not use Apple's App Tracking Transparency framework to track you across other companies' apps and websites, and we do not collect the Identifier for Advertisers (IDFA).
How we use information
We use the information we collect to:
- Operate, maintain, secure, and improve the Service
- Personalize Friday's suggestions, recipe ranking, and meal plans using your pantry, dietary preferences, allergies, cooking skill, and history
- Identify ingredients in photos you take and answer your cooking questions
- Send transactional messages (account confirmation, password reset) and the push notifications you have opted in to
- Connect you with coaches, friends, and followers when you initiate those relationships
- Add items to your retailer cart when you ask Friday to do so
- Detect, prevent, and respond to fraud, abuse, and security incidents
- Comply with applicable laws and respond to lawful requests
How AI features use your data
Friday and Coach features use large language model providers to generate responses. The content of your messages, along with the context Friday needs to be useful (your pantry, dietary preferences, recent recipes, plan), is sent to those providers only to produce your response. We do not permit these providers to use your data to train their general-purpose models. We retain your chat history in your account so you can review it and so Friday can remain in context.
How we share information
We do not sell your personal information.
We share information with:
- Service providers that help us run Hotline, including our hosting and database provider (Supabase), our AI model providers (such as Anthropic and OpenAI) for Friday and Coach responses, image recognition providers for pantry capture, our subscription processor (RevenueCat) for App Store subscription state, and analytics and crash reporting providers (Sentry). Each processes data on our behalf under a written agreement.
- Retailers you choose to connect (such as H-E-B and Kroger), limited to what is needed to act on your cart instructions. The retailer's own privacy policy governs their use of that data.
- Other Hotline users when you choose to share with them, for example a friend, follower, or coach you have accepted, or a comment you post.
- Legal and safety reasons, when we believe in good faith that disclosure is required by law, necessary to enforce our terms, or necessary to protect the rights, property, or safety of Hotline, our users, or the public.
- Business transfers in connection with a merger, acquisition, or sale of assets, with notice to you where required.
Your choices and rights
Account information. View and edit most fields from the Profile screen in the app.
Photos. Delete any pantry photo you have submitted from the in-app history.
Notifications. Turn push notifications on or off per category in the app, and at the iOS Settings level.
Account deletion. Delete your account from the Profile screen, or email privacy@cookhotline.com. When you delete your account we remove your profile, photos, saved recipes, and chat history within 30 days, except where short-term retention is required by law, for backups, or for fraud prevention.
Data access and export. Email privacy@cookhotline.com to request a copy of the personal information we hold about you. We will verify your identity before responding.
California residents have rights under the California Consumer Privacy Act (CCPA/CPRA), including the right to know, delete, correct, and limit certain uses of sensitive personal information. We do not sell or share personal information for cross-context behavioral advertising. To exercise these rights, email privacy@cookhotline.com.
EEA, UK, and Swiss residents have rights under GDPR and equivalent laws, including access, correction, deletion, restriction, portability, objection, and the right to withdraw consent. Our legal bases for processing are contract performance (operating your account), legitimate interests (improving the Service, security, fraud prevention), consent (notifications and other opt-ins), and legal obligation. To exercise your rights, email privacy@cookhotline.com. You may also lodge a complaint with your local supervisory authority.
Data security
We use industry-standard safeguards including encryption in transit (HTTPS), encryption at rest for our database, scoped access controls, and audit logging. No system is perfectly secure. If a breach affects your information we will notify you as required by law.
Data retention
We retain account information for as long as your account is active. After you delete your account we remove personal data within 30 days, with limited retention for routine backups (up to 90 days) and for legal, fraud prevention, or dispute resolution purposes.
Children's privacy
Hotline is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us information, contact privacy@cookhotline.com and we will delete it. Users between 13 and 18 should have a parent or guardian review this policy with them.
International data transfers
Hotline is operated from the United States. If you use the Service from another country, your information will be transferred to and processed in the United States, which may have different data protection laws than your country. Where required by law, we rely on Standard Contractual Clauses or other approved transfer mechanisms for transfers from the EEA, UK, and Switzerland.
Third-party links and content
The Service may include links to third-party recipes, retailer pages, or other websites. We are not responsible for the privacy practices of those third parties. Review their policies before providing information to them.
Changes to this policy
We may update this Privacy Policy from time to time. We will update the "Last updated" date at the top, and for material changes we will notify you in the app or by email before the change takes effect.
Contact us
Questions about this policy, your data, or to exercise any right described above: