Privacy Policy

Last Updated: May 15, 2026

1. Introduction and Scope

Welcome to Baker App! This Privacy Policy describes how Baker App ("Company," "we," "us," or "our") collects, uses, and discloses information when you use our mobile application and web services.

Baker App is a recipe management application that helps you organize baking recipes, manage timers, and track ingredients. We offer both free and paid subscription tiers with varying feature limits.

By using our mobile app and website, you acknowledge the collection and use of information as described in this policy. For non-essential cookies and tracking, we obtain your explicit consent via our cookie banner.

2. Information We Collect

2.1. Account Information

When you create an account, we collect:

  • Email address
  • Display name (optional)
  • Password (stored securely by our authentication provider Clerk, never in plain text)
  • Authentication method (email/password, Google, or Apple Sign-In)
  • Profile information from OAuth providers (if you choose to sign in with Google or Apple)

2.2. Recipe and User Content

We store the content you create within the app:

  • Recipes (name, ingredients, instructions, flour types, hydration calculations)
  • Recipe versions and edit history
  • Custom ingredients you create (name, category, hydration percentage)
  • Timers (duration, labels, alarm sound preferences)
  • Recipe tags and organization preferences

You retain full ownership of your recipes and content. We store this data to provide cloud sync across your devices and to enable app functionality.

2.3. Device Information (Anonymous Users)

If you use the app without creating an account, we generate and store a unique device ID on your device to:

  • Enable app functionality without requiring sign-in
  • Store your recipes locally and associate them with your device
  • Migrate your data to your account if you later sign up

This device ID is a randomly generated UUID stored securely on your device. If you create an account, your device data is automatically migrated to your account and the device ID is cleared.

2.4. Payment and Subscription Information

If you subscribe to our paid plan:

  • Subscription tier (free or paid)
  • Subscription status (active, cancelled, past due)
  • Subscription plan (monthly or annual)
  • Payment processing is handled by Paddle - we do not store your credit card information
  • Paddle customer and subscription IDs (to link your account with Paddle)
  • Transaction history and invoice details (stored by Paddle)

2.5. Usage Data

We automatically collect information about how you use our app and website:

  • Features you use (recipes created, timers used, ingredients added)
  • App interactions (button clicks, screen views, navigation patterns)
  • Session duration and frequency of use
  • Feature limit interactions (when limits are reached, upgrade prompts viewed)
  • Device information (device model, operating system, app version)

2.6. Analytics Data

We use PostHog for analytics to understand user behavior and improve our services. PostHog collects:

  • Event data (recipe operations, timer operations, authentication events, subscription events)
  • Device information (browser type, operating system, device model)
  • Unique identifiers (pseudonymous, like a cookie ID or distinct_id from PostHog)
  • Anonymized or truncated IP addresses

This data helps us analyze trends, understand feature usage, and improve the app experience. Analytics data is collected only with your explicit consent via our cookie banner.

2.7. Error and Performance Data

We use Sentry for error tracking and performance monitoring:

  • Error logs and crash reports
  • Performance metrics (slow operations, load times)
  • Stack traces and debugging information
  • Device and app context when errors occur

This helps us identify and fix bugs quickly. We sanitize error reports to exclude sensitive recipe content.

2.8. Notification Data

If you enable timer notifications:

  • Push notification tokens (to send timer alerts)
  • Notification preferences and permissions
  • Timer notification delivery status

3. How We Collect Information

We collect information through:

  • Direct Input: Information you provide when creating recipes, timers, ingredients, or your account
  • Automatic Collection: Usage data collected as you use the app
  • Cookies: Small text files stored on your device (primarily for our website)
  • Tracking Technologies: Analytics SDKs and error tracking tools
  • Authentication Providers: Information from Clerk, Google, or Apple when you sign in
  • Payment Processor: Subscription information from Paddle

Non-essential tracking technologies are only activated after you provide explicit consent via our cookie consent banner on the website.

4. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide Services: Store your recipes, sync across devices, manage timers and notifications
  • Account Management: Create and maintain your account, authenticate users, enable sign-in
  • Subscription Management: Process payments, manage subscription tiers, enforce feature limits
  • Improve Services: Analyze usage patterns, understand feature adoption, identify areas for improvement
  • Customer Support: Respond to inquiries, troubleshoot issues, provide assistance
  • Security: Detect and prevent fraud, abuse, and security incidents
  • Legal Compliance: Comply with legal obligations and respond to legal requests
  • Communications: Send important service updates, subscription notifications, and support messages

5. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected. Specifically:

  • Account Data: Retained as long as your account is active. Deleted within 30 days of account deletion request.
  • Recipe and User Content: Retained while your account is active. Permanently deleted within 30 days of account deletion.
  • Subscription Data: Retained for the duration of your subscription plus 7 years for tax and accounting purposes.
  • Analytics Data (PostHog): Raw event data and pseudonymous identifiers are retained for up to 24 months to enable year-over-year analysis and trend identification.
  • Error Logs (Sentry): Retained for up to 90 days for debugging purposes.
  • Anonymous Device Data: Retained until you create an account (then migrated and deleted) or for up to 2 years of inactivity.

6. Data Sharing and Disclosure

We share your data with the following third-party service providers who help us operate our services:

  • Convex: Database and backend services (stores recipes, timers, ingredients, user data)
  • Clerk: Authentication and identity management
  • Paddle: Merchant of Record, payment processing, tax handling, and subscription management
  • PostHog: Analytics and product insights
  • Sentry: Error tracking and performance monitoring
  • Apple/Google: Cloud services and app distribution

We do not sell any personal information. We do not share your information for advertising purposes or with data brokers.

We may also disclose information if required by law, to protect our rights, property, or safety, or the rights, property, or safety of others, or to enforce our Terms of Service.

7. Your Rights and Choices

7.1. Access and Portability

You can access all your data directly in the app. You have the right to request a copy of your personal data in a portable format. Contact us at privacy@baking-app.com to request a data export.

7.2. Correction and Updates

You can update your account information, recipes, timers, and ingredients directly in the app at any time.

7.3. Account Deletion

You can delete your account at any time directly in the app by going to Settings → Delete Account. This will:

  • Permanently delete all your recipes, timers, and custom ingredients
  • Remove your account information from our systems
  • Cancel any active subscriptions
  • Complete the deletion within 30 days

Warning: Account deletion cannot be undone. Please export your recipes before deleting if you want to keep them.

7.4. Opt-Out of Analytics

You can control analytics tracking:

  • Website: Decline cookies via our cookie consent banner
  • Mobile App: Analytics help us improve the app, but you can contact us to opt-out

7.5. Manage Notifications

You can disable timer notifications at any time in your device settings or in the app's notification preferences.

7.6. CCPA Rights (California Residents)

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, and disclose
  • Request deletion of your personal information
  • Opt-out of the sale of personal information (we do not sell personal information)
  • Non-discrimination for exercising your rights

7.7. GDPR Rights (EU Residents)

If you are an EU resident, you have the right to:

  • Access your personal data
  • Rectification of inaccurate data
  • Erasure of your data
  • Restriction of processing
  • Data portability
  • Object to processing
  • Lodge a complaint with a supervisory authority

8. Children's Privacy

Baker App is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@baking-app.com and we will delete that information.

9. International Data Transfers

Our services and third-party service providers may process and store data in the United States or other countries outside the European Union. We ensure that any international transfers of personal data are conducted in accordance with applicable data protection laws by relying on appropriate safeguards such as Standard Contractual Clauses or adherence to recognized data privacy frameworks.

For non-essential data collection (analytics, error tracking), our lawful basis is Consent, requiring your explicit opt-in via our cookie banner.

10. Data Security

We take reasonable measures to protect your information from unauthorized access, alteration, disclosure, or destruction:

  • Passwords are hashed and never stored in plain text
  • Data transmission is encrypted using SSL/TLS
  • Database access is restricted and authenticated
  • Regular security audits and updates
  • Device data is stored securely on your device

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last Updated" date
  • Sending an email notification (for significant changes)
  • In-app notification (for significant changes)

You are advised to review this Privacy Policy periodically for any changes. Your continued use of the app after changes are posted constitutes your acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

Email: privacy@baking-app.com

Support: support@baking-app.com

For data deletion requests, you can delete your account directly in the app (Settings → Delete Account) or contact us at the email above.