Cauldron — Privacy Policy

Last updated: November 2025

1. Introduction

This Privacy Policy explains how Cauldron (“we”, “our”, or “the Service”) collects, uses, stores, and protects your personal information. By using Cauldron, you agree to the practices described in this Policy.

Cauldron is developed and operated in Canada and aims to follow reasonable privacy practices consistent with applicable laws.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Username
  • Securely hashed password
  • Optional profile details (such as bio and profile picture)

2.2 User-Generated Content

Cauldron allows you to create and store content related to cooking and recipes, including:

  • Recipes, components, ingredients, and instructions
  • Remarks and notes
  • Uploaded images (for example, cover images and remarks images)
  • Direct Messages (DMs) between users
  • Public posts in the community feed and related likes or saves
  • Friend/follow relationships and notifications

2.3 Imported Recipes

If you use Cauldron’s import or transcription tools to bring in recipes from external websites or documents, we may store:

  • The structured recipe data created inside Cauldron
  • The source URL for attribution and reference

We do not collect personal information from third-party websites when you import a recipe; the import process uses the content you request to import.

2.4 Cookies and Session Data

Cauldron uses essential cookies and similar technologies to:

  • Keep you logged in during a session
  • Provide CSRF protection
  • Help with rate limiting and security

We do not use advertising or tracking cookies for marketing purposes.

2.5 Technical and Usage Data

We may automatically collect certain technical information when you use Cauldron, such as:

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and basic usage patterns
  • Error logs and diagnostic information

This information is used to maintain security, prevent abuse, and improve the Service.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To create and manage user accounts and authentication
  • To store and display your recipes, content, and interactions
  • To support social features such as friends, followers, likes, and feeds
  • To send notifications and email updates you opt into (such as shared recipes or messages)
  • To maintain security, rate limiting, and fraud prevention
  • To troubleshoot issues, fix bugs, and improve performance
  • To operate optional AI-based import or transcription features

We do not sell or rent your personal information to third parties.

4. Where and How Data Is Stored

Cauldron uses established third-party providers to host and process data, including:

  • DigitalOcean Managed PostgreSQL (database)
  • DigitalOcean Spaces (image storage)
  • DigitalOcean App Platform (web application hosting)
  • Valkey/Redis (rate limiting and temporary in-memory data)
  • Postmark (transactional email delivery)
  • Cloudflare (DNS and traffic routing)
  • Sentry (error tracking and diagnostics)

Data is encrypted in transit via HTTPS. Passwords are stored using secure, one-way hashing. Access to backend systems is limited and secured.

5. How We Share Information

We may share limited personal data with trusted service providers solely to operate and improve Cauldron. For example:

  • Your email address may be shared with Postmark to send you emails.
  • Technical and error information may be sent to Sentry to help debug issues.
  • Images you upload may be stored on DigitalOcean Spaces.

These providers act as processors on our behalf and are not permitted to use your data for their own marketing or unrelated purposes.

We may disclose information if required by law, regulation, or legal process, or to protect the rights, property, or safety of Cauldron, its users, or others.

6. AI Processing of Imported Recipes

If you use AI-assisted features (such as automatically structuring a recipe from a web page or document), the relevant text may be sent to an AI provider to generate a structured recipe format for your account.

The resulting structured recipe data is stored in Cauldron as part of your User Content. Imported recipes remain private unless you choose to rewrite and share them.

AI-generated outputs may not always be accurate or complete. You should review and edit any AI-generated recipe before relying on it.

7. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information, including:

  • The right to access your personal data held by Cauldron.
  • The right to correct or update inaccurate information.
  • The right to delete your account and associated personal data.
  • The right to withdraw from email notifications you previously opted into.

To exercise any of these rights, please contact:

Email: [email protected]

8. Data Retention

We retain your personal data for as long as you maintain an active account with Cauldron. If you choose to delete your account, your profile and personal data will be removed or anonymized within a reasonable period.

Some non-identifiable or aggregated data (for example, basic logs or backups) may be retained for a limited time for security, backup, or legal compliance purposes.

9. Security

We take reasonable measures to protect your personal information, including:

  • Encryption in transit via HTTPS
  • Secure password hashing
  • Restricted access to production systems
  • Server-side security controls and rate limiting

However, no system can be guaranteed 100% secure. You use the Service at your own risk and should choose strong, unique passwords and protect your account credentials.

10. Children’s Privacy

Cauldron is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided personal information, we will take steps to delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When changes are made, the “Last updated” date at the top of this page will be revised.

Your continued use of Cauldron after any changes are posted indicates your acceptance of the updated Policy.

12. Contact

If you have any questions or concerns about this Privacy Policy, please contact:

Email: [email protected]