PrepFlowPREPFLOW

Privacy Policy

Last Updated: February 2026

1. Responsible Body (Controller)

The controller for data processing on this website and in the PrepFlow app is:

Julian Doppelhofer
Akazienhof 7/12, 1120 Vienna, Austria
Email: contact@prepflow.app

2. What Data We Collect

We collect and process the following data:

  • Account Data: Your email address and authentication details (via Supabase).
  • Usage Data: Your cooking preferences (e.g., diet, allergies), saved recipes, and cooking history.
  • Technical Data: IP address, device information, and app version.
  • Diagnostic Data: Crash reports and performance data (via Sentry) to fix bugs.

3. How We Use Your Data

We use your data to:

  • Provide the PrepFlow service (authentication, saving your history).
  • Generate meal suggestions (using anonymous parameters).
  • Improve app stability (analyzing crashes).
  • Communication: Send you transactional emails (e.g., password reset) and, if you have opted in, product updates or newsletters. You can unsubscribe from marketing emails at any time.

4. Third-Party Services

We use the following third-party service providers. We have entered into Data Processing Agreements (DPA) with these providers where required.

  • Supabase (Database & Auth): Hosted on AWS in Ireland (EU). Used for secure data storage and user authentication.
  • Vercel (Hosting): Used to host our website and landing page.
  • Sentry (Crash Reporting): Used to collect crash logs and performance issues. Sentry may process your IP address and device data to help us identify errors.
  • OpenAI (AI Features): We use OpenAI's API to generate ranking logic. We send only anonymous parameters (e.g., "15 minutes time", "vegetarian") to OpenAI. We do not share your personal data (email, name, user ID) with OpenAI.

5. International Data Transfers

Some of our service providers (e.g., Sentry, OpenAI) are based in the USA. Data transfer to the USA is based on the EU-US Data Privacy Framework or Standard Contractual Clauses (SCC) to ensure an adequate level of data protection.

6. Your Rights (Deletion & Access)

Under the GDPR, you have the right to access, correct, or delete your personal data.

  • Delete Account: You can delete your account and all associated data directly within the PrepFlow app settings. This is immediate and irreversible.
  • Alternatively, you can contact us at contact@prepflow.app to request deletion or information.

7. Data Retention

We retain your data only as long as your account is active. If you delete your account, your personal data is removed from our live database immediately.

8. Contact

If you have questions about this privacy policy, please contact us at contact@prepflow.app.