Privacy Policy

Last updated: 25 March 2026

1. Who we are

Sintagi ("we", "us", "our") operates the website www.sintagi.com and the application at app.sintagi.com. We are the data controller responsible for your personal information.

Contact: info@sintagi.com

2. What data we collect

  • Account data — username, name, email address and password (hashed) when you register. If you sign in with Google, we store your Google account ID. We also store your language and display theme preferences.
  • Profile image — if you upload one, stored on our servers.
  • Recipe data — recipes, images and notes you create or import.
  • Billing data — payment is processed by Stripe. We do not store card numbers; we only receive a customer ID and subscription status from Stripe.
  • Security data — if you enable two-factor authentication, we store your 2FA secret. We also store password reset and email verification tokens temporarily.
  • Technical data — error logs and IP address for security and debugging purposes.
  • Cookies — see our Cookie Policy.

3. How we use your data

  • To provide, maintain and improve the Sintagi service.
  • To process payments and manage your subscription.
  • To send transactional emails (account verification, billing receipts, password reset).
  • To detect and prevent fraud, abuse or security incidents.
  • To comply with legal obligations.

We do not sell your personal data to third parties.

4. Legal basis for processing (GDPR)

  • Contract — processing necessary to provide the service you signed up for.
  • Legitimate interests — security monitoring, fraud prevention, and service improvement.
  • Legal obligation — retaining financial records as required by law.

5. Third-party services

  • Stripe — payment processing. Stripe Privacy Policy.
  • Google OAuth — optional sign-in with Google. If you use this, your Google account ID and email are shared with us by Google. Google Privacy Policy.
  • Google Fonts — font delivery via Google's CDN.
  • Google Gemini — optional AI-powered ingredient parsing when importing recipes by URL. If enabled, page content from the imported URL is sent to Google Gemini for processing. Data is not retained by Google beyond the duration of a single request.

6. Data retention

We retain your account and recipe data for as long as your account is active. To request deletion of your account and associated data, contact us at info@sintagi.com. Upon confirmed deletion, your data is permanently removed, except where we are required to retain it by law (e.g. billing records for up to 7 years).

7. Your rights

Depending on your location you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your data ("right to be forgotten").
  • Object to or restrict certain processing.
  • Withdraw consent at any time (where processing is based on consent).

To exercise any of these rights, email us at info@sintagi.com.

8. Security

We use industry-standard measures to protect your data including HTTPS encryption, hashed passwords, and access controls. No method of transmission over the internet is 100% secure, but we take reasonable steps to protect your information.

9. Children

Sintagi is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

10. Changes to this policy

We may update this policy from time to time. We will notify registered users by email for material changes. The "Last updated" date at the top of this page always reflects the current version.

11. Contact

Questions about this policy? Contact us at info@sintagi.com.