Last updated: February 15, 2026
Dooda ("we", "our", or "us") operates the Dooda mobile application (the "App"). This Privacy Policy explains how we collect, use, and protect your information when you use our App.
Account Information: When you create an account, we collect your email address and password (securely managed by Firebase Authentication). You may also sign in with Google or Apple, in which case we receive your name and email from the identity provider. You also provide a username, optional bio (up to 25 characters), and optional profile photo.
Preferences: During onboarding and in settings, you may provide dietary restrictions, food allergies, cuisine preferences, taste preferences, kitchen tools, and disliked ingredients. This data is used solely to personalize your recipe recommendations.
User Content: Recipes you create (including titles, ingredients, instructions, and photos), community photos you upload, and chat messages you send to other users.
Social Data: Your follower and following relationships, recipe likes, saved recipes, follow requests, and block lists.
Timezone: We auto-detect your timezone from your device settings (via the Intl API) to send push notifications at appropriate local times. No GPS or location data is collected for this purpose.
Push Notification Tokens: When you enable notifications, we store your device push token to deliver notifications. Your push token is removed when you sign out or delete your account.
Automatically Collected Data: We collect device type, operating system version, and app version to improve the App's performance and stability. In production, crash reports and error data are collected via Sentry (see Section 3).
Analytics Data: We use Firebase Analytics to understand how the App is used, including screen views, user engagement, and events (e.g., recipe creation, search queries). This data is anonymized and aggregated. On iOS, we request your permission to track activity across other companies' apps and websites via Apple's App Tracking Transparency framework. You can change your tracking preference at any time in your device's Settings > Privacy & Security > Tracking.
We use the following third-party services that may collect data:
When you use the Find Friends feature, phone numbers and email addresses from your device contacts are hashed using SHA-256 on your device before being sent to our server. We never receive or store plaintext contact information. Hashes are compared server-side to find matching users and are immediately discarded after comparison — no contact data is stored on our servers.
Your data is stored securely using Firebase (Google Cloud infrastructure). We use authentication tokens to protect API requests, security rules to restrict database access, and encrypted connections (HTTPS/TLS) for all data transfers. Passwords are never stored in plain text.
We do not sell your personal data to third parties. Your data may be shared only in the following cases:
Your data is stored on Google Cloud servers located in the United States. If you are located in the European Union or European Economic Area, your personal data is transferred to the US under Google's data processing terms and Standard Contractual Clauses. By using the App, you consent to the transfer of your data to the US.
You have the right to:
For EU/EEA residents (GDPR): In addition to the rights above, you have the right to data portability, the right to restrict processing, the right to object to processing, and the right to lodge a complaint with your local data protection supervisory authority. To exercise any of these rights, email us at app.dooda@gmail.com.
For California residents (CCPA): You have the right to know what personal information we collect, the right to request deletion of your personal information, and the right not to be discriminated against for exercising your privacy rights. We do not sell personal information. To exercise your rights, email us at app.dooda@gmail.com.
The App uses artificial intelligence to recommend recipes based on your preferences, dietary restrictions, and activity. These are suggestions only and do not constitute automated decision-making or profiling that produces legal effects. You can adjust your preferences at any time in Settings > Preferences.
The App uses on-device storage (AsyncStorage) to cache recipes, preferences, and other data for offline use and performance. No browser cookies are used. Cached data is cleared when you uninstall the App or sign out.
The App is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will delete it.
The App may offer in-app purchases. Payment processing is handled entirely by Apple (App Store) or Google (Play Store). We do not collect or store your payment information.
We retain your data for as long as your account is active. When you delete your account (via Settings > Delete Account), we permanently remove:
This deletion is irreversible. Cached data on your device is also cleared upon sign out.
In the event of a data breach affecting your personal information, we will notify affected users via email and/or in-app notification without undue delay, and no later than 72 hours after becoming aware of the breach where required by applicable law (such as GDPR). The notification will describe the nature of the breach, the data affected, and the steps we are taking to address it.
We may update this Privacy Policy from time to time. We will notify you of significant changes through the App. Your continued use of the App after changes constitutes acceptance of the updated policy.
If you have questions about this Privacy Policy or your data, contact us at: