Bitesize Recipes — Privacy Policy

How AppNinjas OÜ handles your data when you use the Bitesize Recipes iOS app.

Effective date: 6 May 2026 · Last updated: 6 May 2026

This policy explains what data Bitesize Recipes (“Bitesize”, “the app”) collects, why it’s collected, who it’s shared with, and the choices you have. It applies to the Bitesize iOS application (bundle identifier com.bitesize.app) and the supporting backend services we operate.

1. Who we are

Bitesize is published by AppNinjas OÜ, a private limited company registered in Estonia.

For all privacy-related requests — access, deletion, correction, complaints — write to info@appninjas.eu. We aim to respond within 30 days.

2. Data we collect

We collect only what we need to run the app. The full list:

DataWhenWhyWhere it lives
Email address When you create an account (or sign in with Apple / Google) Authentication and account recovery only. Not used for marketing. Supabase, EU region (Frankfurt)
Account ID (UUID) Generated automatically when your account is created Identifies your account inside our systems Supabase, EU region
Recipes you create or import While you use the app The content of the app — your saved recipes Stored locally on your device (AsyncStorage). A copy is sent to our parsing API briefly during import, then discarded.
URL of an imported recipe (TikTok, Instagram, YouTube, web link) When you tap “Import” So our backend can fetch and parse the recipe Cached on our backend (api.appninja.info) for up to 24 hours to avoid re-processing duplicates, then deleted.
Anonymous device identifier When the app first launches Attributing your purchases to your account across reinstalls (managed by RevenueCat) RevenueCat (US, with Standard Contractual Clauses)
Subscription status (Free or Premium) When you start, change, or cancel a subscription Unlocks Premium features in the app RevenueCat + the profiles table in Supabase (EU)
What we do not collect. Bitesize does not collect your location, contacts, photos other than the cookbook pages or recipe images you explicitly choose to import, browsing history, cross-app tracking identifiers, health or fitness data, or financial data. Apple processes all payments — we never see your card number. We do not run any third-party advertising or analytics SDK in the app.

3. Why we use your data (legal basis under GDPR)

4. Third parties we share data with

We use a small number of trusted processors. Each is bound by a written data processing agreement (DPA), and any transfer outside the EU/EEA is covered by Standard Contractual Clauses.

We do not sell your data. We do not share it with advertisers. We do not use it to build profiles of you for marketing.

5. International transfers

Your account data is stored in the EU. Subscription processing (RevenueCat) and AI parsing (Google / OpenRouter) involve transfers to the United States. These transfers are protected by the European Commission’s Standard Contractual Clauses (2021/914) and supplementary technical measures (encryption in transit and at rest).

6. How long we keep your data

7. Your rights under GDPR

If you are in the EU/EEA or UK, you have the right to:

To exercise any of these rights, email info@appninjas.eu from the address tied to your account, or use the in-app “Delete account” option in Settings (we may ask for a confirmation step to verify identity).

8. Subscriptions and In-App Purchases

Bitesize is free to download and includes a free tier with a monthly import limit. Premium unlocks unlimited imports, translation, PDF export, the meal planner, and the shopping list.

9. Children

Bitesize is not directed at children under the age of 13 (or under 16 in jurisdictions where that is the relevant minimum age for consent to data processing). We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact info@appninjas.eu and we will delete the account.

10. Security

Data is encrypted in transit (TLS 1.2+) and at rest. Access to production systems is restricted to the AppNinjas team and protected by strong authentication. We review our infrastructure regularly. No system is perfectly secure — if you discover a vulnerability, please disclose responsibly to info@appninjas.eu.

11. Changes to this policy

If we make material changes (for example, adding a new processor or a new category of data), we will notify you in-app and, where we hold an email address tied to your account, by email, before the change takes effect. The “Effective date” at the top of this page always reflects the current version. Older versions are available on request.

12. Contact

Questions, GDPR requests, or anything else: info@appninjas.eu. Postal mail can be sent to AppNinjas OÜ, Tornimäe tn 5, 10145 Tallinn, Estonia.


Bitesize support · appninjas.eu