Skip to main content
Roux
Join

Legal · 01 / 02

Privacy
Policy.

Last updated · May 20, 2026

Roux is a recipe management app made by Paul Bernius (“we,” “us,” or “Roux”). This policy describes what data Roux collects, how we use it, who we share it with, and the rights you have over your data.

We've tried to keep it specific and free of legalese — if anything is unclear, please email us at [email protected].

1. The short version

  • You sign in with your email address and a password.
  • The recipes you save are private to you. We don't sell them, share them with advertisers, or use them to train AI models.
  • When you paste a link or text for AI to turn into a recipe, that link/text is sent to a few third-party services (Anthropic, Supadata, Jina, Firecrawl, Voyage AI) to do the actual extraction and search. We name each one below and describe what they receive.
  • You can delete your account at any time from inside the app, and that removes your recipes, profile, and any images we've stored for you.

2. Who we are

Roux is an independent app developed and operated by Paul Bernius. For privacy questions or to exercise the rights described below, contact:

  • Email: [email protected]
  • App: Roux: AI Recipe Assistant (iOS), bundle identifier com.paulbernius.roux

For users in the EU/UK: for the purposes of GDPR / UK GDPR, Paul Bernius is the data controller for your information.

3. Information we collect

3.1 Information you provide directly

WhatWhenWhy
Email addressSign-up and sign-inTo create your account, send sign-in / password-reset emails, and contact you about your account
Password (stored only as a salted hash by our auth provider)Sign-up and sign-inTo authenticate you
Display nameSign-up (optional) and on the Profile screenShown to you in the app
Unit preference (original / imperial / metric) and the “show nutrition” toggleProfile screenTo render recipes the way you want
Recipe content — titles, descriptions, ingredients, instructions, tags, source URL, prep/cook times, servings, cuisine, difficulty, and any chat messages you send to the recipe assistantWhenever you save, edit, or chat about a recipeTo provide the core recipe-management features
Source links and pasted text — URLs to recipes (including links to TikTok, YouTube, Instagram, X/Twitter, or any cooking website) and any text you paste in to be turned into a recipeWhenever you import a recipeTo extract a structured recipe from the link or text

3.2 Information collected automatically

  • Account identifiers — a unique user ID assigned by our auth provider, plus the timestamps of your sign-up and most recent sign-in.
  • Server logs — when our backend processes a recipe import, a recipe-assistant chat, or a search, we log information about that request: the input we received, the AI model used, response latency, token counts (so we can monitor cost), and the result. This is described in more detail in Section 5.
  • Recipe images we re-host — when you import a recipe and the source page exposes an image, we download that image (from the source's server) and re-host it on our storage, so the recipe still works if the source page later removes it. The image we host comes from the source URL you pasted; we do not generate or upload images on your behalf.

3.3 What we do not collect

We use Cloudflare Web Analytics on our marketing website (tryroux.app) to count anonymous page visits. It does not set cookies, does not collect personal information, does not track you across other sites, and does not share data with advertisers. Inside the Roux app itself, we do not run any analytics, crash-reporting, or tracking SDKs — there is no Sentry, no Google Analytics, no Firebase Analytics, no PostHog, no Mixpanel, no Amplitude, no advertising SDK. We do not track you across other apps or websites. We do not collect your location, contacts, calendar, photos, microphone, or HealthKit data. We do not store payment information — Roux is not currently a paid product.

We may add diagnostics or crash reporting later. If we do, we'll update this policy first and we'll choose tools that support EU data processing.

4. How we use your information

We use the data above to:

  • Provide the core features of the app — sign-in, saving recipes, importing recipes from links or text, searching your collection, and chatting with the recipe assistant to modify a recipe.
  • Cache extraction results — when you paste a publicly-accessible URL, we keep the extracted recipe in a server-side cache keyed by that URL so future imports of the same link are faster and cheaper. This cache contains recipe data derived from the public web page and is not tied to your account once cached.
  • Operate the service — debug failed extractions, investigate quality regressions, monitor costs, and improve the prompts and models we use.
  • Communicate with you — respond to support emails and send transactional emails (sign-in, password reset, account-related notices).
  • Comply with our legal obligations.

We do not use your recipes, your chat messages, or your account information to train AI models. The third-party AI providers we work with (Anthropic, Voyage AI) likewise do not use API inputs to train their models — see Section 6.

We do not sell your personal information, and we do not “share” it for cross-context behavioral advertising as those terms are defined under the California Consumer Privacy Act / CPRA.

5. Server-side logs

To operate and improve the service, our backend writes records to internal log tables when you import a recipe, chat with the recipe assistant, or run a search. These logs include:

  • Recipe extraction logs — the URL or text you submitted, the cleaned content we sent to the AI model, the model's structured response, token counts, latency, and whether the extraction succeeded.
  • Chat logs — the messages you sent to the recipe assistant, the assistant's reply, and the structured edits it produced. These are used to debug quality issues; they are not visible inside the app and are not shared.
  • Search logs — the search query you typed, IDs of the recipes that matched, and timing/cost information.

These logs are tied to your user ID. They are accessible only to us (our backend uses a privileged service role to write them; the app's RLS policies prevent client read/update/delete) and to our hosting provider (Supabase) acting on our behalf. We retain these logs for as long as we find them useful for operating and improving the service, currently with no scheduled automatic deletion. When you delete your account (Section 8), your user ID is removed from extraction-log and chat-log rows; search-log rows are deleted entirely along with your account.

6. Third parties we share data with

We only share data with the providers below, and only as needed to deliver the features you use. Each provider is bound by their own contract with us and provides protections for your data that are at least equivalent to those in this policy. All of these providers are based in the United States.

ProviderWhat we sendWhenWhat they do with it
Supabase (database, authentication, file storage, edge-function hosting)All your account data, recipes, images, and server logsContinuously, as you use the appHosts our backend on AWS in the United States (us-east region). Supabase acts as our data processor.
Anthropic (the maker of Claude)The cleaned recipe text or transcript we extracted from your URL/pasted content; for chat, the recipe you're editing plus your chat messagesWhenever you import a recipe or chat with the recipe assistantRuns the AI extraction and chat (Claude Haiku 4.5). Per Anthropic's commercial API terms, inputs and outputs are not used to train models; Anthropic retains API logs for a short period for trust-and-safety purposes.
Voyage AIYour search query textWhen you run a searchGenerates a numerical embedding of the query so we can do semantic search. Voyage's API terms state that API inputs are not used to train models.
SupadataThe video URL you pasted (TikTok, YouTube, Instagram, X/Twitter)When you import a recipe from a social-media linkReturns a transcript and metadata (title, description) for the video so we can extract a recipe from it.
Jina AI (“Jina Reader”)The web URL you pastedWhen you import a recipe from a website that doesn't expose structured recipe dataReturns a clean Markdown version of that public web page.
FirecrawlThe web URL you pastedFallback when Jina cannot render the page (e.g., heavy JavaScript)Returns rendered page content.

In addition, when we re-host a recipe image, the image's original server (the website you imported from) sees a single download request from our backend.

We do not share your information with any other third parties. We do not run advertising SDKs, marketing pixels, or user-tracking SDKs.

If we ever need to share information for legal reasons — e.g., to comply with a valid subpoena, a court order, or to protect the safety of our users — we'll do so only to the minimum extent required and we'll tell affected users where the law allows.

If Roux is ever acquired or merges with another company, we will notify you before your information is transferred and becomes subject to a different privacy policy.

7. International data transfers

Roux's backend runs in the United States. If you use the app from outside the United States — including from the European Economic Area, the United Kingdom, Switzerland, or California — your information will be transferred to and processed in the United States. We rely on the Standard Contractual Clauses (SCCs) and our providers' equivalent transfer mechanisms to protect data transferred out of the EEA / UK.

8. Data retention and deletion

  • Account data, profile, recipes, and recipe images — kept for as long as your account exists.
  • Server-side logs — extraction logs and chat logs are kept indefinitely for operational and quality purposes, with your user ID removed when your account is deleted. Search logs are deleted entirely when your account is deleted.
  • Cached extraction results — kept indefinitely; these are derived from publicly-accessible URLs and are not tied to your account.
  • Anthropic API logs — retained by Anthropic according to their commercial terms (typically a short window, currently a matter of days, for trust-and-safety review).

You can delete your account at any time from the Profile screen in the app. Deleting your account immediately removes your auth record, your profile row, all of your recipes, all images we've stored for you, and your search-log rows. Your user ID is unset on extraction-log and chat-log rows.

If you have trouble deleting your account from inside the app, email us at [email protected] and we'll do it manually within 30 days.

9. Your rights

Depending on where you live, you have some or all of the following rights over your personal information. Roux honors these rights for everyone, regardless of jurisdiction.

  • Access — ask us for a copy of the personal information we hold about you.
  • Rectification / correction — ask us to correct inaccurate information. Most fields (display name, recipe content) you can correct yourself in the app.
  • Erasure / deletion — ask us to delete your information. Account deletion is available in-app; for partial deletion requests, email us.
  • Restriction of processing — ask us to pause processing while we sort out a dispute about your data.
  • Portability — ask us for an export of your account data and recipes in a portable format.
  • Objection — object to our processing of your information based on our legitimate interests.
  • Withdraw consent — where we rely on consent, you can withdraw it at any time. Withdrawing consent doesn't affect processing that already happened.
  • No automated decision-making — Roux does not make any decisions about you that have legal or similarly significant effects using only automated processing.

To exercise any of these rights, email [email protected]. We may need to verify that you're the account holder before acting on requests. We'll respond within 30 days (or 45 days under the CCPA, which we'll use only when reasonably necessary).

If you're in the EEA / UK / Switzerland, you also have the right to lodge a complaint with your local data-protection authority. We'd appreciate the chance to address your concern first.

California-specific rights (CCPA / CPRA)

In the past 12 months we have collected the following CCPA-defined categories of personal information:

  • Identifiers — email address, account user ID.
  • Customer records (Cal. Civ. Code §1798.80) — display name.
  • Internet or other electronic network activity information — server logs of recipe extractions, chats, and searches you initiate.
  • User content — the recipes you save and the messages you send to the recipe assistant.

We collect these categories from you directly (when you provide them) and from third-party sources you choose to import from (when you paste a URL, the source web page provides text and an image). We use them for the purposes described in Sections 3, 4, and 5. We disclose them only to the service providers listed in Section 6, and we do not sell or share personal information for cross-context behavioral advertising.

California residents have the right to know, the right to delete, the right to correct, the right to opt out of the sale or sharing of personal information (we don't do either), the right to limit use of sensitive personal information (we don't collect sensitive PI), and the right not to be discriminated against for exercising any of these rights.

10. Security

We rely on commonly-accepted security practices to protect your data:

  • TLS in transit between the app and our servers, and between our servers and the third-party providers in Section 6.
  • Passwords stored only as salted hashes by our authentication provider — we never see your password in plaintext.
  • Postgres row-level-security policies that prevent any user from reading or modifying another user's data.
  • Privileged backend operations are gated behind service-role JWTs that are never exposed to the app.

No service can guarantee perfect security. If we ever detect a breach affecting your data, we'll notify you and the appropriate regulators within the timeframes the law requires.

11. Children

Roux is not directed to children, and we do not knowingly collect information from anyone under 13. If you believe a child has signed up for Roux, please email [email protected] and we'll delete the account.

12. Changes to this policy

We may update this policy from time to time. When we do, we'll change the “Last updated” date at the top, and — for material changes — we'll notify you in the app or by email before the new version takes effect. The current version is always available at the URL where you found this policy, and the change history is in the public Git repository that this document is published from.

13. Contact

For any privacy question, request, or complaint:

Email: [email protected]