Sieve Cook ("Sieve Cook," "we," "us") is operated by Tara Holloway, an individual, not a registered company. This Privacy Policy explains what information Sieve Cook collects, how it's used, and the choices you have. If you have questions, contact hello@verenu.com.
Sieve Cook is a recipe library and log: it imports recipes you already found elsewhere (AI chats, social posts, websites, screenshots, or pasted text), saves the original source, and stores the recipe in a clean, searchable library. It is not a meal planner, nutrition tracker, or social network, and this policy is written with that scope in mind.
Sign-in is handled by our authentication provider, Clerk. We receive your email address and an account identifier from Clerk. We do not receive or store your password — Clerk handles credential security directly.
When you import or save a recipe, we store: the recipe title, a short summary, ingredients, steps, the source platform and source URL (if any), any tags or notes you add, whether the source was saved, and timestamps (created, updated, last opened). This data is stored in our backend database (Convex) and is yours — it exists so your library works across your devices.
Before recipe text reaches our AI provider, we strip personal identifiers we detect in it — such as names, email addresses, phone numbers, and street addresses — that may have been incidentally included in a pasted AI-chat export, scraped page, or similar source. This happens on your device first for text that comes through the app itself, and again in our Convex backend as a second pass (including for content our servers fetch directly, like scraped pages), before anything is sent onward.
Recipe text you paste, or text extracted from a URL you import, is sent server-side to our extraction provider (DeepSeek) solely to identify and structure the recipe (title, ingredients, steps, etc.). We do not use your recipe content to train AI models. Where we use third-party AI providers to process imports or Ask requests, we select and configure them with the intent that submitted content is used only to provide the requested feature, not to train their models — but we can't control a provider's infrastructure directly, so we can't make an absolute guarantee about systems we don't operate. This content is never sent to our analytics tooling. For URL imports, we may use Cloudflare's Browser Rendering service, and — for pages that resist simpler fetching — a paid escalation tier (Scrapfly), to retrieve the public page content you're asking us to import. To avoid repeating identical work, a URL's extracted result may be cached for 24 hours; links containing "share" (typical of private AI-chat share links) are never written to that cache, so private conversation content isn't persisted beyond what's needed to complete your import. When you submit a third-party URL or source for import, you are asking Sieve Cook to retrieve and process that source on your behalf — you are responsible for ensuring you have the right to access and submit that source for personal use.
If you attach a photo to a recipe, we store it so it can appear in your recipe library. If you import a recipe from a screenshot, the text in that screenshot is recognized on your device using Apple's built-in text-recognition technology — the image itself is not uploaded for this step. Only the recognized text is then sent to DeepSeek for extraction, the same as any other pasted or imported text. We do not send recipe photos or screenshots to analytics.
When you use "Ask," the relevant saved-recipe content and your message are sent to DeepSeek to generate an answer or a proposed edit, substitution, or grocery-list addition. Ask requests are used only to generate the response you asked for and are never sent to analytics.
If you ask Sieve Cook to add a recipe's ingredients to a grocery list, the app requests access to Apple Reminders. We use that access only to find or update the grocery list you choose, and only after you've approved the specific items to add. Reminders access is handled on your device through Apple's Reminders framework — we don't read, store, or send your other reminders anywhere, and grocery-list actions are never sent to analytics.
Sieve Cook has an optional feature to help you find people you already know who use Sieve Cook, so you can share recipes with them. It's off by default and requires your permission — if you enable it, the app reads email addresses from your device's Contacts and sends them to our backend to check which ones belong to existing Sieve Cook users. Only the matches are sent back to your device; the contact list you submitted is not stored on our servers — it's used only for that one check and discarded. This feature is rate-limited, and you can deny or revoke Contacts access at any time in your device's Settings.
We use a typed analytics wrapper to send basic product-usage events (for example, that an import was started, or a screen was viewed) to PostHog, our analytics provider, so we can understand how the app is used and fix bugs.
We never send recipe content, prompts, URLs, titles, ingredients, steps, notes, photos, or AI responses to analytics or to PostHog. Analytics events are limited to non-content usage signals. A separate, sanitized telemetry outbox in our backend records operational events (like whether an import succeeded) without recipe content for the same reason. If an analytics call fails for any reason, it never blocks or fails the underlying feature you were using.
Like most apps, we may automatically receive basic technical information (such as app version, coarse device/platform information, and crash or error logs) to keep the app working correctly and to prioritize fixes.
If you contact us for support, we collect what you choose to send us — such as your email address, screenshots, logs, or a description of the issue — so we can respond and help.
We do not sell your personal information, and we do not use your recipe content to train AI models.
We rely on the following service providers ("subprocessors") to run Sieve Cook. Each only receives the data necessary to perform its function:
| Provider | Purpose | Their privacy policy |
|---|---|---|
| Clerk | Authentication and account management | clerk.com/legal/privacy |
| Convex | Backend database and application logic | convex.dev/legal/privacy |
| DeepSeek Platform | Server-side extraction/structuring of recipe text (after personal identifiers are stripped), and generating Ask answers/proposals | deepseek.com privacy policy |
| Cloudflare | Browser rendering for URL import; network infrastructure | cloudflare.com/privacypolicy |
| Scrapfly | Paid fallback retrieval for hard-to-fetch import URLs | scrapfly.io/privacy-policy |
| PostHog | Product analytics (usage events only, never recipe content) | posthog.com/privacy |
| Apple | App distribution via the App Store, on-device Reminders integration, and In-App Purchase processing if paid features are ever introduced | apple.com/legal/privacy |
We do not share your information with third parties for their own marketing purposes. We may disclose information if required by law, or to protect the rights, safety, or property of Sieve Cook, our users, or others. Like most service providers, ours may retain limited operational or security logs (for example, request logs used to prevent abuse) for a short period under their own policies, separate from what's stored in your Sieve Cook library.
Your recipe library and account data are retained for as long as your account exists. You can delete individual recipes at any time in the app. You can delete your entire account from Settings; doing so removes your saved recipes and account data from our systems (aside from residual copies in routine backups, which age out on our normal backup rotation, and any records we're legally required to retain).
You can access, export, and delete your recipe data directly from the app at any time. If you'd like help with a request, or reside somewhere with additional statutory rights (for example, access, correction, portability, or deletion rights under applicable privacy law), contact hello@verenu.com and we'll respond promptly.
Sieve Cook is not directed at children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us and we'll delete it.
Sieve Cook is operated from Canada. Your information may be processed in Canada, the United States, or other countries where our service providers operate. The Service is not currently offered to individuals in the European Union or the United Kingdom — see the Terms of Service for details — so this policy is not written to satisfy EU/UK-specific frameworks (such as GDPR/UK GDPR) at this time; we expect to update it before offering the Service in those regions.
We rely on reputable providers (Clerk, Convex, Cloudflare, and others) that maintain industry-standard security practices, and we limit what data flows to each provider to only what's needed for its function. No method of transmission or storage is 100% secure, and we can't guarantee absolute security.
We may update this Privacy Policy from time to time. If we make material changes, we'll update the effective date above and, where appropriate, notify you in the app. Continued use of Sieve Cook after a change takes effect means you accept the updated policy.
Questions about this policy or your data can be sent to hello@verenu.com.