Legal
Privacy Policy
Last updated: 3 July 2026
Dish (“Dish”, “we”, “us”) is a recipe library and smart shopping-list app. This policy explains what information we collect, how we use it, and the choices you have. By using Dish you agree to this policy.
Information we collect
- Account information. When you create an account, our authentication provider (Clerk) collects your email address and name. If you sign in with Google or Apple, we receive basic profile information (name and email) from that provider. If you use Sign in with Apple and choose to hide your email, Apple gives us a private relay address instead of your real one.
- Content you create. Recipes (titles, ingredients, steps, notes, and tags), shopping lists and their items, and any shared “kitchens” you create or join, including their membership.
- Imported content. When you import a recipe from a web link, pasted text, or a TikTok link, we process that content to extract the recipe’s details.
- Ingredient history. Ingredients you add are remembered to power autocomplete suggestions.
- Images. When a recipe has an image, Dish displays it by linking to the image at its original source. Dish does not currently let you upload images, and does not store recipe images on its own servers.
How we use your information
- To provide the app and sync your recipes and lists across your devices.
- To import and structure recipes, using a server-side AI model (via OpenRouter).
- To operate your account and any shared kitchens you participate in.
- To understand how the app is used and improve it, using product analytics (PostHog).
- To keep the service secure and reliable.
We do not sell your personal information, and we do not use it for advertising or profiling.
Service providers we share data with
We share data only with providers that help us run Dish, and only so they can perform their part of the service:
- Clerk — authentication and account management.
- Google and Apple — sign-in, when you choose to use them.
- Railway and PowerSync — hosting and real-time data synchronisation.
- OpenRouter and its underlying model provider — server-side recipe parsing.
- PostHog — product analytics, to help us understand how the app is used and improve it.
Storage and sync
Your data is stored in our database and synced to your devices through PowerSync, so the app works offline and stays up to date. Data is transmitted over encrypted connections.
Retention and deleting your account
We keep your information for as long as your account is active.
You can delete your account at any time from the app (Profile → Delete account). This permanently deletes your account and the data associated with it — including your recipes, shopping lists, and kitchens you own — and cannot be undone. You can also email us at callumdeas@gmail.com to request deletion.
Children
Dish is not directed to children under 13 (or under 16 in the UK and EEA), and we do not knowingly collect their personal information.
Security
We use reasonable technical and organisational measures to protect your information. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
Changes to this policy
We may update this policy from time to time. When we do, we’ll revise the “last updated” date above.
Contact
Questions about this policy or your data? Email callumdeas@gmail.com.