Recipal

Save, plan, cook.

Privacy Policy

Last updated: 4 June 2026 · Effective: 4 June 2026

This Privacy Policy explains how Recipal ("Recipal", "we", "our", "us"), operated by Core Interactive, collects, uses, discloses, and protects information about you when you use our mobile application, web application, and related services (collectively, the "Service").

By using Recipal, you agree to the practices described below. If you do not agree, please do not use the Service.

1. Who we are

Recipal is a recipe-saving and meal-planning app published by Core Interactive. The data controller for the purposes of applicable privacy laws (including the EU/UK GDPR and India's Digital Personal Data Protection Act, 2023) is:

Core Interactive
Email: support@coreinteractive.live

2. Information we collect

Information you give us

Information we collect automatically

Payment information

If you subscribe to Recipal Plus, your payment is processed by Google Play Billing. Recipal never sees or stores your card number, UPI ID, or full payment details. We receive only an opaque purchase token and product ID from Google so we can activate your subscription.

3. How we use your information

PurposeLegal basis
Provide the Service — sync your recipes, run AI extraction, send notifications you enabledContract
Authenticate you and keep your account secureContract, legitimate interests
Process subscriptions and referralsContract
Improve the app, debug crashes, measure feature usage in aggregateLegitimate interests
Respond to support requests and feedbackLegitimate interests
Send transactional emails (verify email, password reset, receipts)Contract
Send optional promotional emails or pushConsent (you can opt out anytime)
Comply with legal obligations, prevent fraud and abuseLegal obligation, legitimate interests

4. AI features

When you use Recipal's AI features (e.g. extract a recipe from an Instagram link, photo, or voice note; generate steps; generate ingredient lists), the relevant input (a URL, image, transcribed audio, or text prompt) is sent to OpenAI via our backend. OpenAI processes the input solely to return the extracted recipe to Recipal. We do not use your personal account information in these prompts beyond what is strictly necessary. AI-generated recipe images shipped with the app were pre-generated using Leonardo.ai during development and are baked into the app bundle — no per-user image generation calls are made at runtime.

AI extraction is opt-in per action. You can use Recipal entirely manually (typing or pasting recipes) without invoking any AI features.

5. Who we share information with

We share personal information only with the third parties listed below, and only as needed to run the Service. We do not sell your personal information.

RecipientWhat we shareWhy
Google (Firebase) — Auth, Firestore, Cloud Functions, Cloud Messaging, Analytics, CrashlyticsAccount, recipes, push tokens, crash logsAuthentication, storage, push delivery, crash reporting
Google Play BillingPurchase tokens (no card data)Process and validate subscriptions
OpenAIRecipe text/image/URL when you use AI featuresPower the AI extraction features you invoke
Other Recipal usersContent you choose to make public (public recipes, name, profile picture)Discover & follow other cooks
Law enforcement or regulatorsOnly what is legally requiredComply with valid legal process

6. Data retention

7. Your rights

Depending on where you live, you may have the right to:

To exercise any of these rights, email support@coreinteractive.live from the address tied to your account. We respond within 30 days.

8. Account deletion

You can delete your Recipal account at any time from Profile → Account → Delete account in the app. Deletion removes your profile, recipes, preferences, follow graph, and push token from our active systems within 7 days. Backups containing your data may persist for up to 30 days before being permanently overwritten. Anonymised, aggregate analytics may be retained.

You can also request deletion by emailing support@coreinteractive.live from the address on your account.

9. Children

Recipal is not directed to children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us personal data, contact support@coreinteractive.live and we will delete it.

10. Security

We use industry-standard encryption in transit (HTTPS/TLS) and at rest (Google Cloud encryption). Access to production systems is restricted and logged. No system is perfectly secure — please use a strong, unique password and enable two-factor authentication on your Google account if you sign in with Google.

11. International transfers

Recipal is operated from India. Some of our service providers (Google, OpenAI) process data in the United States and other countries. Where required, we rely on Standard Contractual Clauses or equivalent transfer mechanisms.

12. Changes to this policy

We may update this policy from time to time. Material changes will be announced in-app and by email to your registered address before they take effect. The "Last updated" date at the top reflects the latest revision.

13. Contact

Questions, complaints, or rights requests? Email us at support@coreinteractive.live.