Privacy Policy

1. Data Controller

Alexander Eriksson is responsible for processing your personal data in Smaklig. Contact: lillalle@hotmail.com

2. Data We Collect

Account data: Name, email, password (hashed with Argon2id).

Health data (GDPR Art. 9 — special category): Weight, height, dietary goals, allergies, training data. This data is processed with explicit consent given at registration.

Usage data: AI generation logs, store selection, recipe favorites.

3. Legal Basis

Health data: Explicit consent (GDPR Art. 9(2)(a)). You can withdraw consent at any time via Settings → Delete account.

Account data: Contract (GDPR Art. 6(1)(b)) — necessary to provide the service.

4. Third-Party Services

We share data with: Anthropic (Claude AI), Neon (database, EU Frankfurt), Vercel (hosting, EU), ICA (store campaigns — only store IDs shared, no personal data). Coop planned during 2026.

5. Retention

Account data is retained as long as the account is active. Upon deletion, all data is removed within 30 days.

6. Your Rights

You have the right to: request data export, correct inaccurate data, delete your account, withdraw consent, and lodge a complaint with the Swedish Authority for Privacy Protection (IMY).