Privacy Policy

Last updated January 15, 2026

MAMAM -- Cooking App

DRAFT -- FOR REVIEW BY LICENSED LEGAL COUNSEL

This document is a draft Privacy Policy prepared for review purposes only. It has NOT been reviewed or approved by a licensed attorney or data protection specialist. Before publication or use in any application, app store listing, or privacy disclosure, this document MUST be reviewed, revised, and approved by a licensed attorney and/or qualified data protection officer admitted to practice in the relevant jurisdiction(s). This draft is provided on an as-is basis and does not constitute legal advice. Yosika Life Quest LLC D.B.A. MAMAM assumes no responsibility for the use of this draft without proper legal review.

Effective Date: January 15, 2026

Last Updated: January 15, 2026

1. WHO WE ARE

Yosika Life Quest LLC D.B.A. MAMAM ("MAMAM," "we," "us," or "our") is the data controller responsible for your personal data processed through the MAMAM mobile application (the "App").

This means we determine the purposes and means of processing your personal data and are accountable for ensuring that processing complies with applicable data protection law, including the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the UK General Data Protection Regulation ("UK GDPR"), and other applicable privacy legislation.

Contact Details:

Email: [INSERT CONTACT EMAIL]
Mailing Address: [INSERT MAILING ADDRESS]
Privacy Contact / Data Protection Officer: [INSERT DPO NAME OR PRIVACY CONTACT TITLE], reachable at [INSERT DPO EMAIL]

If you have any questions or concerns about how we handle your personal data, please contact us using the details above.

2. SCOPE OF THIS POLICY

This Privacy Policy applies to all personal data processed through the MAMAM iOS application, including:

The free core app features (meal logging, savings tracking, preferences)
The AI-powered subscription features (meal planning, recipe generation, voice mode)
Data synchronized via Apple iCloud (CloudKit)
Data processed through our AI proxy infrastructure

This Policy does not cover third-party services that you may access independently, such as the Apple App Store, Apple iCloud (governed by Apple's own privacy policy), or any website you visit outside of the App.

The website (cooking.mamamfood.com) uses the Apple Smart App Banner feature, which is a declarative HTML meta tag read locally by iOS Safari. The Smart App Banner sends no data to Apple servers and functions entirely via Apple's OS-level iOS Safari integration. This site uses Cloudflare Web Analytics, a cookieless analytics service. No personal data is collected or stored.

3. WHAT DATA WE COLLECT

We collect and process the following categories of personal data. We have organized them by feature area to help you understand exactly what data is involved.

3.1 Core App Data (Free Features)

Data Category	Specific Data	How Collected
Meal logs	Meal name, estimated cost, cuisine type, date and time	You enter this manually in the App
Savings data	Computed savings amounts derived from meal cost data	Calculated automatically from your meal logs
User preferences	Cuisine preferences, cooking skill level, cooking time preferences	You enter this in your profile settings
Health-related preferences	Dietary restrictions (e.g., vegan, gluten-free), food allergies	You enter this in your profile settings (requires explicit consent -- see Section 6)
Religious dietary preferences	Religious dietary laws (e.g., halal, kosher)	You enter this in your profile settings (requires explicit consent -- see Section 6)
Device identifiers	iCloud account identifier (for syncing purposes)	Collected automatically when you enable iCloud sync

3.2 AI Features Data (Subscription)

Data Category	Specific Data	How Collected
Meal planning requests	Text you type or dictate requesting meal plans	You enter this in the AI chat or voice interface
Recipe generation requests	Text queries requesting recipes	You enter this in the AI chat or voice interface
Transcribed voice commands	Text output from on-device speech recognition	Generated on your device from your voice input
User preferences in prompts	Dietary restrictions, allergies, cuisine preferences, skill level (appended to AI system prompts)	Derived from your saved preferences
AI responses	Meal plans, recipes, and cooking guidance returned by the AI	Generated by the AI provider in response to your requests
Subscription status	Whether you have an active AI subscription	Provided by Apple StoreKit
Token usage estimates	Estimated computational cost per AI request	Calculated automatically

3.3 Voice Mode Data

Data Category	Specific Data	How Collected
Microphone audio	Raw audio from your microphone	Captured on-device when you activate voice mode (requires your microphone permission)
Transcribed text	Text output from speech-to-text processing	Generated entirely on your device by Apple SpeechAnalyzer (or SFSpeechRecognizer on older iOS versions)
Synthesized speech	Text-to-speech audio output	Generated entirely on your device by Apple AVSpeechSynthesizer

Important: Microphone audio is processed entirely on your device. No audio recordings are ever stored, transmitted to our servers, or shared with any third party. Only the transcribed text (not audio) may be sent to the AI service if you use voice commands with AI features. See Section 8 for full details.

3.4 Data We Do NOT Collect

For clarity, MAMAM does not collect or process:

Your real name, email address, phone number, or physical address (unless you contact us directly)
Location data or GPS coordinates
Photos, videos, or camera data
Contacts, calendar, or other device data
Browsing history or cross-app tracking data
Advertising identifiers (IDFA)
Any data for advertising, profiling, or behavioral targeting purposes

If you choose to enable usage analytics (opt-in, off by default), we collect:

Data Category	Specific Data	How Collected
Crash data	Stack traces, device model, iOS version, app version, memory state at time of crash	Collected automatically by Sentry SDK when a crash occurs
Performance data	App launch time, hang duration, memory warnings	Collected automatically by Sentry SDK
Usage analytics	Screen views, feature usage counts (e.g., "cooking mode started"), flow completion rates	Collected by TelemetryDeck SDK based on in-app events
Product interaction	Which features you use and how often (aggregated counts, not content)	Collected by TelemetryDeck SDK

Important: Analytics data never includes what you cook, eat, search for, or any health-related information. No recipe content, meal names, ingredient lists, dietary restrictions, or allergy data is ever included in analytics. Analytics data is linked to a pseudonymized device identifier, not to your Apple ID or any directly identifying information.

3.6 URL Import Data

When you use the recipe URL import feature, the App fetches the web page content directly from the third-party website you specify. This network request discloses your device's IP address to that website. The fetched content may then be sent to our AI proxy for structured recipe extraction. We do not control and are not responsible for the privacy practices of third-party recipe websites. We encourage you to review the privacy policies of any website whose URL you import.

4. HOW WE USE YOUR DATA

We use your personal data only for the following specific purposes:

4.1 Providing the Core App Service

Storing and displaying your meal logs and calculated savings
Syncing your data across your Apple devices via iCloud (CloudKit)
Storing your preferences to personalize the App experience

4.2 Providing AI Features

Sending your text-based requests (including transcribed voice commands) to the AI provider via our proxy to generate meal plans, recipes, and cooking guidance
Including relevant preferences (dietary restrictions, allergies, cuisine preferences, skill level) in AI prompts so that responses are tailored to your needs
Managing your subscription status to enable or disable AI features

4.3 Ensuring Safety and Compliance

Processing your allergy and dietary restriction data to ensure AI-generated recipes account for your safety needs
Maintaining consent records to demonstrate GDPR compliance
Responding to your data rights requests

4.4 Improving the Service

If you opt in to usage analytics, we collect anonymous crash reports and usage counts to identify bugs, understand which features are most valued, and prioritize improvements
Estimating token usage to manage costs and plan capacity
We do not use your personal data for training AI models, and we contractually prohibit our AI sub-processor from doing so (see Section 9)

5. LEGAL BASES FOR PROCESSING

Under the GDPR, we must have a valid legal basis for each processing activity. The table below sets out the legal basis we rely on for each type of data processing.

Processing Activity	Legal Basis (GDPR Article)	Explanation
Meal logging and savings tracking	Contract performance (Art. 6(1)(b))	Necessary to provide the core service you signed up for
Syncing data via iCloud (CloudKit)	Contract performance (Art. 6(1)(b))	Necessary to deliver the cross-device sync feature of the service
Storing general user preferences (cuisine, skill level, cooking time)	Contract performance (Art. 6(1)(b))	Necessary to personalize the service as described
Processing dietary restrictions and food allergies	Explicit consent (Art. 9(2)(a))	These are special category (health) data requiring your explicit, informed consent before processing (see Section 6)
Processing religious dietary preferences	Explicit consent (Art. 9(2)(a))	Conservatively treated as potentially revealing religious beliefs, requiring explicit consent (see Section 6)
Sending text to AI provider via proxy	Consent (Art. 6(1)(a))	You provide consent before any data is shared with the AI provider
Including preferences in AI prompts	Consent (Art. 6(1)(a))	Covered by your AI data-sharing consent
Processing microphone audio on-device	Consent (Art. 6(1)(a))	You grant microphone permission through iOS before voice features activate
Collecting crash reports and usage analytics	Consent (Art. 6(1)(a))	You opt in to analytics through a dedicated toggle; analytics is off by default and does not affect any app feature
Subscription management	Contract performance (Art. 6(1)(b))	Necessary to manage your paid subscription
Maintaining consent records	Legal obligation (Art. 6(1)(c))	Required by GDPR Art. 5(2) and Art. 7(1) to demonstrate accountability
Responding to data subject rights requests	Legal obligation (Art. 6(1)(c))	Required by GDPR Arts. 15--22

6. SPECIAL CATEGORY DATA (HEALTH AND RELIGIOUS DATA)

6.1 What Is Special Category Data?

The GDPR recognizes certain types of personal data as more sensitive and requiring additional protection. These are called "special category" data under Article 9. In the context of MAMAM, this includes:

Food allergies (e.g., peanut allergy, shellfish allergy) -- these reveal information about your health
Medical dietary restrictions (e.g., celiac disease requiring gluten-free diet, lactose intolerance) -- these reveal information about your health conditions
Religious dietary preferences (e.g., halal, kosher) -- these may reveal information about your religious beliefs

6.2 Why We Process This Data

We process special category data solely to ensure your safety and to provide you with relevant, personalized meal plans and recipes. For example, if you have a peanut allergy, we include this information in AI prompts so that generated recipes do not contain peanuts.

We will not process any special category data until you have provided explicit, informed, specific, and freely given consent through a dedicated consent flow in the App.

This consent is:

Separate from general terms acceptance -- you must affirmatively opt in to health data processing through a distinct consent screen
Granular -- you can choose which categories of special data to provide (you are not required to disclose allergies, dietary restrictions, or religious preferences to use the App)
Revocable -- you can withdraw your consent at any time through the App settings, and we will stop processing your special category data and delete it (see Section 14)
Informed -- the consent screen clearly explains what data will be processed, why, how (including sharing with the AI provider), and your right to withdraw

If you choose not to provide special category data, you can still use all App features. However, AI-generated recipes and meal plans will not be tailored to your allergies, dietary restrictions, or religious dietary requirements. In this case, you are solely responsible for checking that any AI-generated content is safe and appropriate for you.

7. AI DATA PROCESSING

This section explains in detail how your data flows through the AI system.

7.1 Architecture Overview

When you use an AI feature (meal planning, recipe generation, or voice commands), the following occurs:


Your Device --> MAMAM AI Proxy (Cloudflare Workers, EU) --> OpenAI API (US)

Your device sends your text request (and relevant preferences) to our AI proxy
The AI proxy (hosted on Cloudflare Workers in the EU) receives your request, applies pseudonymization and PII scrubbing, attaches our API key, and forwards the request to OpenAI
OpenAI processes the request and returns a response
The proxy passes the response back to your device
AI request and response data is not stored on the proxy -- prompts and responses pass through in real-time and are not logged or retained

7.1.1 Proxy-Side Persistent Data

While AI prompts and responses are not stored, the proxy infrastructure maintains persistent data necessary for subscription management and device authentication:

Subscription management data is stored in Cloudflare D1 (a relational database hosted in the EU). This includes pseudonymized user accounts (derived from Sign in with Apple), credit balances, an event-sourced audit trail of credit transactions (grants, purchases, deductions, refunds, resets), and StoreKit purchase verification records (including JWS tokens).
Device authentication credentials are stored in Cloudflare KV (a key-value store hosted in the EU). This includes device UUID to HMAC key mappings and per-device credit balances for users who have not signed in with Apple.

This data is necessary to manage your subscription, verify purchases, prevent fraud, and authenticate your device. It does not include any recipe content, meal logs, dietary preferences, or health-related information.

7.2 What Is Sent to the AI Provider

The following data may be included in requests sent to OpenAI via our proxy:

Your text input (typed or transcribed from voice)
Your dietary restrictions and allergies (if you consented to share them)
Your cuisine preferences, skill level, and cooking time preferences
A pseudonymized user identifier (OpenAI never receives your real Apple ID, device ID, or any directly identifying information)

7.3 What Is NOT Sent to the AI Provider

Your real name, email, or any directly identifying personal information
Your raw voice audio (only transcribed text)
Your meal logs or savings data
Your subscription payment information
Your device identifier or iCloud account ID

7.4 Pseudonymization

At the proxy layer, we replace your real user identifiers with pseudonymized IDs before forwarding requests to OpenAI. This means that OpenAI cannot directly identify you from the data it receives.

7.5 PII Scrubbing

Our proxy applies automated PII scrubbing to your text inputs before forwarding them to OpenAI. This is designed to strip out personal information (such as names, addresses, phone numbers, or email addresses) that you might inadvertently include in your requests.

7.6 No Prompt Logging

Our proxy does not log, store, or retain any prompts or responses. All data passes through the proxy in real-time and is immediately discarded after the response is delivered to your device.

7.7 API Keys

All API keys for the AI provider are stored server-side on our proxy infrastructure. You do not need to provide or manage your own API keys. Your device never has direct access to our OpenAI API key.

7.8 OpenAI's Data Handling

Under our Data Processing Agreement (DPA) with OpenAI:

OpenAI processes data solely on our behalf as a data processor
OpenAI does not use your data to train or improve its AI models
OpenAI may retain input and output data for up to 30 days solely for abuse and misuse monitoring, after which it is deleted
OpenAI is certified under the EU-US Data Privacy Framework (DPF)

For more information, see OpenAI's data processing practices at https://openai.com/enterprise-privacy.

8. VOICE DATA

8.1 On-Device Processing

MAMAM's voice features use Apple's built-in speech technologies, all of which run entirely on your device:

Speech-to-Text (STT): Apple SpeechAnalyzer (part of Apple's on-device AI capabilities) processes your spoken words into text entirely on your device. On older iOS versions, Apple SFSpeechRecognizer is used as a fallback.
Intent Classification: Apple Foundation Models framework classifies voice commands entirely on your device to determine what action you intend to take.
Text-to-Speech (TTS): Apple AVSpeechSynthesizer -- generates spoken responses entirely on your device

8.2 No Audio Transmission

Your voice audio never leaves your device. Specifically:

No audio recordings are transmitted to MAMAM servers, the AI proxy, or any third party
No audio recordings are stored on your device by MAMAM (audio is processed in real-time and immediately discarded)
Only the resulting transcribed text (not audio) may be sent to the AI proxy if you choose to use voice commands with AI features

8.3 Microphone Permission

Voice features require your explicit permission to access the device microphone, granted through the standard iOS permission dialog. You can revoke this permission at any time through your device's Settings app. If you revoke microphone access, voice features will be disabled, but all other App features will continue to work normally.

We do not sell, rent, or trade your personal data. We share your data only with the following sub-processors, each of which acts as a data processor under our instruction:

9.1 Sub-Processor List

Sub-Processor	Purpose	Data Shared	Location	Transfer Mechanism	DPA in Place
OpenAI, L.L.C.	LLM inference (generating meal plans, recipes, cooking guidance)	Pseudonymized user ID, text inputs, user preferences (dietary restrictions, allergies, cuisine preferences, skill level)	United States	EU-US Data Privacy Framework (DPF) + Standard Contractual Clauses (SCCs)	Yes
Apple Inc. (CloudKit)	Data synchronization across user devices	Meal logs, savings data, user preferences (all data synced via iCloud)	United States / European Union	Apple's Data Processing Agreement, SCCs	Yes
Cloudflare, Inc.	AI proxy hosting and subscription management infrastructure	Pseudonymized user identifiers, device identifiers, HMAC authentication keys, credit balances, credit transaction history, StoreKit purchase records (including JWS tokens), AI request text and preferences (in transit)	European Union	Cloudflare's Data Processing Agreement, SCCs	Yes
Sentry (Functional Software, Inc.)	Crash reporting and error tracking	Crash data, device model, OS version, app version (pseudonymized; no health data, recipe content, or personal information)	European Union (EU data residency)	Sentry's Data Processing Agreement, SCCs	Yes
TelemetryDeck (TelemetryDeck GmbH)	Privacy-focused product analytics	Screen view counts, feature usage counts, flow completion rates (pseudonymized; no content or personal information)	European Union (Germany)	TelemetryDeck's Data Processing Agreement	Yes

Beyond the sub-processors listed above, we do not share your personal data with any other third parties, except:

If required by law, court order, or legal process
To protect our rights, safety, or property, or that of our users or the public
In connection with a merger, acquisition, or sale of assets (in which case we will notify you and this policy will continue to apply to your data)

10. INTERNATIONAL DATA TRANSFERS

10.1 Where Your Data Goes

Your personal data may be transferred from the European Economic Area (EEA) or the United Kingdom (UK) to the United States in the following circumstances:

OpenAI: When AI requests are forwarded from our EU-based proxy to OpenAI's US-based servers
Apple CloudKit: When iCloud sync routes data through Apple's infrastructure, which includes servers in both the EU and the US

10.2 Transfer Safeguards

For each international transfer, we rely on the following mechanisms to ensure adequate protection of your data:

OpenAI:

OpenAI is certified under the EU-US Data Privacy Framework (DPF), which has been recognized by the European Commission as providing adequate protection (Adequacy Decision of 10 July 2023)
In addition, we have executed Standard Contractual Clauses (SCCs) (Commission Implementing Decision (EU) 2021/914) as a supplementary safeguard
We have conducted a Transfer Impact Assessment (TIA) and concluded that US surveillance laws (including FISA Section 702 and EO 12333) are unlikely to affect the categories of data we transfer (pseudonymized cooking preferences and recipe queries), given the nature of the data, the DPF's redress mechanism, and OpenAI's DPF certification

Apple (CloudKit):

Apple maintains its own comprehensive Data Processing Agreement with Standard Contractual Clauses
Apple has implemented supplementary technical measures including end-to-end encryption for applicable data categories

Cloudflare:

Our proxy is hosted in Cloudflare's EU region, so data processed by the proxy remains in the EU
Cloudflare maintains a Data Processing Agreement with SCCs for any ancillary processing

10.3 Your Right to Object

You have the right to object to international data transfers. If you do not wish your data to be transferred to the United States, you may:

Refrain from using AI features (no data will be sent to OpenAI)
Disable iCloud sync in your device settings (no data will be sent to Apple CloudKit)
Contact us to request further information about our transfer safeguards

11. DATA RETENTION

We retain your personal data only for as long as necessary for the purposes described in this Policy. The specific retention periods are:

Data Category	Retention Period	Reason
Meal logs	Retained until you delete them individually or delete your account	Core service data you control
Savings data	Retained until you delete the underlying meal logs or delete your account	Derived from your meal logs
User preferences (general)	Retained until you modify them or delete your account	Necessary to personalize your experience
Special category data (allergies, dietary restrictions, religious preferences)	Retained until you withdraw consent, remove the data, or delete your account	Processing depends on your explicit consent
AI prompts and responses	Not stored by MAMAM. Our proxy does not log prompts or responses. OpenAI may retain data for up to 30 days for abuse monitoring, after which it is automatically deleted	Prompts and responses pass through in real-time without logging; OpenAI retention per their DPA
Voice audio	Never stored. Processed in real-time on your device and immediately discarded	On-device processing only
Subscription status	Retained while your subscription is active; status is updated via Apple StoreKit	Necessary to manage feature access
Subscription and credit data (credit balances, transaction history, purchase records)	Retained while your account is active; deleted upon account deletion request	Necessary for subscription management, credit accounting, and purchase verification
Consent records	Retained for the duration of your account plus 3 years after account deletion	Required by GDPR Art. 5(2) for accountability and to demonstrate lawful processing
Data subject rights request records	Retained for 3 years after the request is fulfilled	GDPR accountability and legal compliance

11.1 Account Deletion

When you delete your account:

All your meal logs, preferences, and saved data are deleted from our systems
Subscription and credit data (credit balances, transaction history, purchase records, device authentication credentials) stored on our proxy infrastructure is deleted
iCloud-synced data is removed in accordance with Apple's deletion practices
Consent records are retained for 3 additional years for legal compliance, then permanently deleted
Any data already sent to OpenAI will be subject to OpenAI's 30-day retention window (after which it is automatically deleted)

11.2 How to Delete Your Account

You can delete your account and all associated data through the App's settings. See Section 13 for details.

If you are in the European Economic Area (EEA), the United Kingdom (UK), or another jurisdiction with similar data protection laws, you have the following rights regarding your personal data:

12.1 Right of Access (Art. 15)

You have the right to request a copy of all personal data we hold about you, along with information about how we process it.

12.2 Right to Rectification (Art. 16)

You have the right to request that we correct any inaccurate personal data we hold about you, or complete any incomplete data.

12.3 Right to Erasure ("Right to Be Forgotten") (Art. 17)

You have the right to request that we delete your personal data. We will comply unless we have a legal obligation to retain it (e.g., consent records for accountability purposes).

12.4 Right to Restriction of Processing (Art. 18)

You have the right to request that we restrict the processing of your personal data in certain circumstances -- for example, if you contest the accuracy of the data or if processing is unlawful but you do not want it erased.

12.5 Right to Data Portability (Art. 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format (such as JSON or CSV), and to have it transmitted to another controller where technically feasible.

12.6 Right to Object (Art. 21)

You have the right to object to the processing of your personal data where we rely on legitimate interests as a legal basis. Note: We currently do not process data on the basis of legitimate interests -- we rely on contract performance, consent, and legal obligation.

Where we rely on your consent to process data (including special category data and AI data sharing), you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

12.8 Right Not to Be Subject to Automated Decision-Making (Art. 22)

MAMAM does not make any automated decisions that produce legal or similarly significant effects on you. AI-generated content (recipes, meal plans) is informational and advisory only -- it does not constitute automated decision-making within the meaning of Art. 22.

12.9 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority. If you are in the EEA, you can file a complaint with the data protection authority in the EU Member State where you reside, work, or where the alleged infringement occurred. A list of EEA supervisory authorities is available at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

If you are in the UK, you can contact the Information Commissioner's Office (ICO) at https://ico.org.uk.

13. HOW TO EXERCISE YOUR RIGHTS

13.1 In-App Controls

You can exercise many of your rights directly through the App:

View your data: Access your meal logs, preferences, and settings within the App
Correct your data: Edit your preferences, meal logs, and profile settings at any time
Delete individual data: Remove specific meal logs or preferences
Delete your account: Use the account deletion option in the App settings to permanently remove all your data
Manage consents: Enable or disable AI data sharing and health data processing through dedicated consent toggles in the App settings
Revoke microphone access: Through your iOS device Settings > MAMAM > Microphone

13.2 Email Requests

For requests that cannot be handled through in-app controls, or if you prefer to contact us directly, email us at:

[INSERT CONTACT EMAIL]

When contacting us, please include:

A clear description of the right you wish to exercise
Enough information for us to verify your identity (we may ask you to verify your iCloud account association)

13.3 Response Timeline

We will respond to all data subject rights requests within one month of receipt. If your request is complex or we receive a high volume of requests, we may extend this period by up to two additional months, in which case we will notify you of the extension and the reasons for it within the initial one-month period.

13.4 No Fee (Usually)

We will not charge a fee for processing your request, unless the request is manifestly unfounded or excessive (e.g., repeated identical requests). In such cases, we may charge a reasonable fee or refuse the request, and we will explain why.

MAMAM uses a structured, granular consent model. We maintain two separate consent mechanisms, each independent of the other:

What it covers: Sharing your text inputs, transcribed voice commands, and user preferences with OpenAI via our proxy for the purpose of generating AI-powered meal plans, recipes, and cooking guidance
When it is requested: Before you first use any AI feature
How to grant it: Through a dedicated in-app consent screen that explains what data is shared, with whom, and why
How to withdraw it: Through the App settings at any time. Withdrawing this consent will disable AI features but will not affect your use of core App features (meal logging, savings tracking, etc.)

What it covers: Processing your food allergies, medical dietary restrictions, and religious dietary preferences
When it is requested: Before you first enter any allergy, medical dietary restriction, or religious dietary preference data
How to grant it: Through a separate, dedicated consent screen distinct from the AI data sharing consent
How to withdraw it: Through the App settings at any time. Withdrawing this consent will cause us to delete your special category data and stop including it in AI prompts. You can continue using the App and AI features, but responses will not be tailored to your dietary needs

What it covers: Collecting anonymous crash reports and usage counts via Sentry and TelemetryDeck
When it is requested: During the initial consent flow (as an optional, skippable step) and available at any time in Privacy Settings
Default state: Off (opt-in). Analytics consent is entirely optional and does not affect any app feature
How to grant it: Through the analytics toggle in Privacy Settings, or during the initial consent flow
How to withdraw it: Through the analytics toggle in Privacy Settings at any time. Withdrawing consent immediately stops all analytics data collection
What is NOT included: Your recipes, meals, health data, dietary restrictions, allergies, food choices, or any personal information

We maintain records of when you grant and withdraw each consent, including:

The type of consent
The date and time of grant or withdrawal
The version of the consent text you agreed to

These records are maintained for accountability purposes as required by GDPR Art. 5(2) and Art. 7(1) and are retained in accordance with the retention periods set out in Section 11.

15. DATA SECURITY

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

15.1 Encryption

In transit: All data transmitted between your device, our proxy, and third-party services is encrypted using TLS (Transport Layer Security)
At rest (device): Sensitive data (such as subscription tokens) is stored in the iOS Keychain, which provides hardware-backed encryption. Keychain data is stored as non-synchronizable, meaning it remains on the specific device and is not synced to iCloud Keychain
At rest (iCloud): Data synced via CloudKit is encrypted by Apple using their standard CloudKit encryption

15.2 Pseudonymization

User identifiers are pseudonymized at the proxy layer before any data is forwarded to OpenAI. This means OpenAI processes your requests without knowing your real identity.

15.3 Data Minimization

We follow the principle of data minimization:

Only the preferences relevant to a specific AI request are included in the prompt
We do not send meal logs, savings data, or other unnecessary data to the AI provider
Our proxy does not store AI prompts or responses -- it passes AI request and response data through in real-time without logging (subscription management data is stored separately as described in Section 7.1.1)

15.4 PII Scrubbing

Automated PII detection and scrubbing is applied at the proxy layer before data is forwarded to OpenAI, reducing the risk of inadvertent personal data disclosure.

15.5 No Prompt Logging

Our proxy infrastructure does not log, store, or retain any user prompts or AI responses. This eliminates the risk of data breach from stored conversation histories on our servers.

15.6 Proxy Architecture

Our proxy architecture provides an additional layer of security and privacy:

API keys are stored server-side and never exposed to client devices
The proxy mediates all communication with OpenAI, preventing direct access from user devices
The proxy is hosted on Cloudflare Workers in the EU, benefiting from Cloudflare's security infrastructure

15.7 On-Device Processing

Voice processing (both speech-to-text and text-to-speech) occurs entirely on your device using Apple's native frameworks, ensuring that voice audio data is never exposed to network-based threats.

16. CHILDREN'S PRIVACY

16.1 Age Requirement

MAMAM is intended for users aged 16 and older. We do not knowingly collect or process personal data from children under 16 years of age (or the applicable age of digital consent in the user's jurisdiction).

16.2 If We Discover Underage Use

If we become aware that we have collected personal data from a child under 16, we will take steps to delete that data as quickly as possible. If you believe we may have collected data from a child under 16, please contact us immediately at [INSERT CONTACT EMAIL].

In jurisdictions where the age of digital consent is set lower than 16 (some EU Member States set it as low as 13), we nonetheless maintain a minimum age of 16 for MAMAM to ensure a consistent standard of data protection for younger users.

17. COOKIES AND TRACKING

17.1 No Cookies

MAMAM is a native iOS application and does not use cookies.

17.2 No Tracking

We do not track your activity across other apps or websites. Specifically:

We do not use advertising identifiers (IDFA)
We do not participate in Apple's App Tracking Transparency (ATT) framework because we do not track users
We use privacy-focused analytics (TelemetryDeck) and crash reporting (Sentry) SDKs only with your explicit opt-in consent. These SDKs do not track you across apps or websites
We do not engage in cross-app or cross-site tracking of any kind
We do not create user profiles for advertising purposes

18. APPLE PRIVACY DETAILS

18.1 App Privacy Nutrition Labels

In accordance with Apple's App Store requirements, we provide the following privacy nutrition label disclosures. This summary reflects the data types collected and linked to your identity as declared to Apple:

Data Used to Track You: None

Data Linked to You:

Data Type	Purpose
Health & Fitness (dietary/allergy information)	App Functionality
User Content (meal logs, cooking preferences, text inputs to AI)	App Functionality
Identifiers (iCloud user ID)	App Functionality
Purchases (subscription status)	App Functionality
Crash Data (stack traces, device info)	Analytics (with consent)
Performance Data (launch time, hangs)	Analytics (with consent)
Other Diagnostic Data (error logs)	Analytics (with consent)
Product Interaction (feature usage counts)	Analytics (with consent)

Data Not Linked to You: None beyond what is listed above.

Data Not Collected: Location, Contacts, Photos, Search History, Browsing History, Advertising Data, Financial Information (payment processing is handled entirely by Apple).

18.2 Required Reason API Disclosures

MAMAM uses the following APIs that require a Required Reason declaration under Apple's policy:

API Category	Reason Code	Usage
UserDefaults	CA92.1	Reading and writing app preferences and consent state via @AppStorage

19. CHANGES TO THIS POLICY

19.1 How We Notify You

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:

Material changes: We will notify you through an in-app notification before the changes take effect, giving you an opportunity to review the updated Policy. If the changes affect your consent-based processing (e.g., changes to AI data sharing or health data processing), we will request your consent again
Non-material changes: Minor clarifications or formatting updates that do not affect your rights or our processing activities will be posted with an updated "Last Updated" date

19.2 Continued Use

Your continued use of the App after the effective date of any updated Privacy Policy constitutes your acceptance of the changes, except where renewed consent is required by law.

19.3 Previous Versions

We will maintain an archive of previous versions of this Privacy Policy, accessible upon request by contacting us at [INSERT CONTACT EMAIL].

20. CONTACT INFORMATION

If you have any questions, concerns, or requests related to this Privacy Policy or our data processing practices, please contact us:

Yosika Life Quest LLC D.B.A. MAMAM

Email: [INSERT CONTACT EMAIL]
Mailing Address: [INSERT MAILING ADDRESS]
Privacy Contact / Data Protection Officer: [INSERT DPO NAME OR PRIVACY CONTACT TITLE]
DPO Email: [INSERT DPO EMAIL]

We aim to respond to all inquiries within 5 business days and to all formal data subject rights requests within one month as required by the GDPR.