Skip to main content
Log In

Privacy Policy

Last updated: March 2026

1. Data We Collect

When you create an account, we collect:

  • Account information: email address, display name, and password (stored as a bcrypt hash).
  • Profile data: avatar, language preference, measurement preference, and theme preference.
  • Content you create: recipes, comments, ratings, and shopping lists.
  • OAuth data: if you sign in via Google, we receive your name, email, and profile picture from the provider.

2. How We Use Your Data

  • To provide and maintain the Moonladle service.
  • To authenticate your identity and protect your account.
  • To send password reset emails when you request them.
  • To display your recipes, comments, and ratings to other users.
  • To improve the platform through aggregated, anonymized analytics.

3. Cookies

We use essential cookies for authentication (session tokens) and optional analytics cookies. You can manage your cookie preferences through the consent banner that appears on your first visit.

4. Data Sharing

We do not sell your personal data. We share data only with:

  • Authentication provider (Google) — only during sign-in.
  • Zone.ee — our hosting provider, for sending transactional emails (password reset) via SMTP.

5. Your Rights (GDPR)

Under the General Data Protection Regulation, you have the right to:

  • Access: Request a copy of your personal data.
  • Rectification: Update or correct your data via your profile settings.
  • Erasure: Delete your account through your profile settings. Personal data (email, name, avatar, preferences) is permanently removed. Published content (recipes, comments) is anonymized and retained as community contributions.
  • Portability: Export your data in a machine-readable format.
  • Objection: Opt out of non-essential data processing.

To exercise these rights, contact us at the email address listed below.

6. Data Retention

We retain your data for as long as your account is active. When you delete your account, personal data (email, name, avatar, preferences) is permanently removed immediately. Published recipes and comments are anonymized (author set to "Anonymous") and retained as community content. If you create a new account, previously published content will not be linked to your new account.

7. Security

We protect your data using industry-standard measures: passwords are hashed with bcrypt, all connections use HTTPS, server actions validate authentication, and file uploads are sanitized and processed server-side.

8. Contact

For privacy-related questions or to exercise your GDPR rights, contact us at: privacy@moonladle.com