Privacy policy

What we collect

When you use JusTheRecipe anonymously we don't collect anything personal. Saved recipes, your pantry, and your unit preferences live entirely in your browser's IndexedDB and never leave your device.

When you sign in with Google we receive your email address, name, and profile picture so we can identify your account. That's it.

How we use Google Drive

With your permission, JusTheRecipe stores a single JSON file in the "App Data" folder of your Google Drive. That folder is hidden, app-private, and never visible from your normal Drive view. We use it to sync your saved recipes, pantry, and preferences across the devices where you sign in.

We request drive.appdata for private state sync and drive.file for optional shared-file features. drive.file is limited to files this app creates or files you explicitly choose with this app; we do not get blanket access to your whole Drive. Revoke access at any time at myaccount.google.com/permissions.

What we store on our server

When you sign in we keep an accounts record on our server holding the OAuth refresh token Google issues us, plus your basic profile fields. We use that token only to refresh access to your appDataFolder while you're signed in. We never sell or share it.

The server logs requests for operational debugging and rotates them on a short schedule.

Analytics

We use Google Analytics 4 to measure aggregate site traffic — page views, session counts, country-level geography, and which pages people land on. GA4's default configuration is aggregate-only: no advertising features, no remarketing, no ads-personalization signals, and (by Google's own design) IP addresses are discarded after geo-resolution rather than stored. We use this data to decide which recipes to prioritize and which broken extractions need attention — not to target you with ads.

If you'd rather not be measured, browser-level opt-outs work: any reputable tracker-blocker (uBlock Origin, Brave Shields, Firefox's strict mode) blocks GA4's script entirely, and the site continues to work exactly the same.

Recipe extraction

When you submit a recipe URL we fetch that URL server-side and parse it. We may cache the parsed result (not the source HTML) for a short time so that repeat visits to the same recipe don't hit the source site again. The cache is keyed by URL only, with no association to your account.

Anonymous popularity counts

Each cached recipe has a single integer counter that increments by one whenever someone opens it. We use that count to populate the "Most viewed" row on the homepage and to surface popular recipes in our discovery pages. The counter is attached to the recipe, not to you — we don't record who viewed it, when you specifically viewed it, your IP address, or any cookie or device identifier. Signed-in users are counted exactly the same as anonymous visitors: as +1 on the recipe's tally and nothing more.

We also store an aggregate "last viewed" timestamp per recipe so the homepage can prefer recently-popular recipes over historically-popular ones. Same rule: it's a property of the recipe, not of any person.

Deletion

To remove everything: sign out, then delete jtr-state.json from your Drive's app data folder via drive.google.com/drive/u/0/quota, and revoke our access. Email hello@digitalhigh.co if you want us to wipe your accounts row server-side.

Changes

We'll bump the "last updated" date above when this policy changes. The repository's git history serves as the canonical version log.