← Back to Simmer

Privacy Policy

Last updated: March 2026

1. Introduction

Simmer (“we”, “us”, “our”) is committed to protecting your privacy. This policy explains what personal data we collect, how we use it, and your rights under applicable data protection laws including the UK GDPR and EU GDPR.

2. Data We Collect

  • Account information: email address, display name, and preferences you set in your profile.
  • Recipe content: recipes you create, import, or photograph, including ingredients, steps, notes, adaptations, and photos.
  • Organisation data: collections, meal plans, shopping lists, cooking history, and person tags.
  • Family data: family membership details when you use the family sharing feature.
  • AI interactions: messages you send to the AI Chef Chat feature.
  • Usage data: basic analytics such as feature usage and error logs to improve the service.

3. How We Use Your Data

  • To provide and maintain the Simmer service, including recipe storage, meal planning, and shopping list generation.
  • To power AI features such as Chef Chat, recipe suggestions, and OCR import via our AI provider (Anthropic Claude).
  • To process payments and manage subscriptions via our payment provider (Stripe).
  • To communicate with you about your account, service updates, and support requests.
  • To improve and develop new features based on usage patterns.

4. Data Storage and Security

Your data is stored securely using Supabase, which provides PostgreSQL databases with encryption at rest and in transit. All connections use TLS encryption. We implement row-level security policies to ensure users can only access their own data.

5. Third-Party Services

  • Supabase: database hosting, authentication, and file storage.
  • Stripe: payment processing for subscriptions. We do not store your payment card details.
  • Anthropic (Claude AI): powers AI features including Chef Chat and recipe analysis. Your recipe content may be sent to Anthropic for processing but is not used to train their models.
  • Vercel: web application hosting.

6. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access: request a copy of all data we hold about you.
  • Right to portability: export your data in a machine-readable format (JSON) from Settings.
  • Right to erasure: permanently delete your account and all associated data from Settings.
  • Right to rectification: update or correct your personal data at any time through your profile.
  • Right to object: object to processing of your data for specific purposes.

You can exercise your data export and deletion rights directly from the Settings page.

7. Cookies

Simmer uses only essential cookies required for authentication and session management. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. No cookie consent is required for essential cookies under GDPR, but we inform you of their use for transparency.

8. Data Retention

We retain your data for as long as your account is active. If you delete your account, all personal data is permanently removed from our systems within 30 days. Anonymised, aggregated data may be retained for analytical purposes.

9. Children's Privacy

Simmer is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes via email or an in-app notice. The “Last updated” date at the top of this page reflects the most recent revision.

11. Contact Us

If you have questions about this privacy policy or wish to exercise your data rights, please contact us at:

privacy@simmer.app

Terms of Service