Last updated: May 12, 2026
MealDeck is a recipe management app built and operated by Jason Marsh. It's currently in closed beta with a small group of early users. This policy covers what data is collected, why, and how it's handled. The goal is to collect only what's needed to make the app work well.
When you create an account, we store your name, email, and a securely hashed password (never your actual password). We also store your avatar color preference. Your email is used for account recovery and occasional app-related messages — no marketing.
Everything you build in MealDeck — recipes, meal plans, collections, notes, ratings, and favorites — is stored in our database tied to your account. Notes are private to your account; other users can't see them.
When you submit feedback through the in-app button, we store your message, the category, and which page you were on. Jason (the only admin) may reply, which you'll see next time you open the feedback panel. An email notification is sent so he can respond promptly.
When you use AI features (recipe adaptation, recipe chat, AI recipe generation), the relevant recipe content and your prompt are sent to Anthropic's API (Claude) for text processing. AI image generation uses OpenAI's API. Neither provider uses API inputs to train their models. Your identity isn't shared with either — we track token usage on our side to monitor costs and enforce a per-user daily budget.
Cook mode's voice feature sends the text of the current recipe step to Microsoft's Edge text-to-speech service to generate audio. No account info or other personal data is sent.
We log basic activity (like rating a recipe or adding to a meal plan) and login attempts (email, success/failure, IP) to help spot issues and protect against brute-force attacks. Login attempt logs are deleted after 7 days. Activity logs are kept for the life of your account and deleted when you delete the account.
We use one functional cookie (rr_session) to keep you logged in — HttpOnly, 30-day expiry, not readable by JavaScript. The app also stores some preferences in your browser (meal plan view mode, shopping list checkmarks, step progress, voice settings) — this stays on your device.
We use Cloudflare Web Analytics, which doesn't use cookies or track individuals across sites. It collects aggregate page view and performance data.
We don't sell your data. Data is shared with third parties only as needed to operate the app:
MealDeck runs on servers operated by Hetzner Online GmbH, located in Germany. Your data is stored there and transmitted over HTTPS.
Data is encrypted in transit (HTTPS) and passwords are hashed. We take reasonable care, but no system is completely secure. If there's ever a breach affecting your data, you'll be notified.
MealDeck isn't directed at children under 13 and we don't knowingly collect data from them. If you believe a child has created an account, email hello@mealdeck.net and we'll remove it.
You can export a copy of your data or delete your account at any time from your profile settings. Exports include your recipes, collections, meal plans, notes, and favorites as a JSON file. Account deletion permanently removes your personal content; recipes you've contributed to the shared library remain available but are no longer attributed to you. Questions welcome at hello@mealdeck.net.
First-time users see a welcome card confirming acceptance of the Terms of Service and this Privacy Policy before using the app.
If this policy changes meaningfully, you'll see a note in the app's changelog. When payments, public signups, or other major features launch, this policy will be updated to reflect that.
Questions? Email hello@mealdeck.net.
See also: Terms of Service