Skip to content
Forkboard
How it worksPricingDocsFAQAbout
Start free trial →

№ P1/Legal

Privacy Policy

Last updated June 18, 2026

Forkboard LLC (“Forkboard,” “we,” “us”) is an AI-assisted meal-planning service. This policy explains what personal data we collect when you use forkboard.app and my.forkboard.app, why we collect it, who we share it with, and the rights you have over it.

We built Forkboard to plan dinner, not to profile you. We do not sell your personal data, and we do not run advertising networks or cross-site tracking. We use a privacy-friendly, cookieless analytics tool on our marketing site to understand aggregate visits — never to build a profile of you.

Forkboard LLC is the data controller responsible for your personal data. You can reach us by post at Forkboard LLC, 1500 N Grant St Ste N, Denver, CO 80203, USA, or by email using the contact details in section 13. Where required, we will appoint an EU or UK representative for data-protection matters.

1. Data we collect

We collect only what we need to run the planning board for you:

  • Account details — your email address and, optionally, your name, required to create and identify your account. If you sign in by email, we use your address to send single-use sign-in (magic) links; if you sign in with Google or Apple, we receive it from that provider.
  • Google account data (optional) — if you choose “Sign in with Google,” we receive your name, email address, profile identifier, and profile picture from Google. We do not access your Gmail, Drive, or other Google services.
  • Apple account data (optional) — if you choose “Sign in with Apple,” we receive your name (only the first time you sign in), your email address, and an Apple user identifier. If you use Apple’s “Hide My Email,” the address we receive and store as your account email is an Apple private-relay address rather than your real email. Because a relay address won’t match an email you’ve used elsewhere, signing in with it creates a separate account that we can’t automatically link. We do not access any other Apple services.
  • Sign-in tokens — when you sign in with Google or Apple, we store the tokens that provider issues so we can keep you signed in. A linked Apple sign-in is revoked at Apple when you delete your account.
  • Household information — if you create or join a household, we store the household name, its members, and each member’s role so we can blend taste profiles into a shared board. If you invite someone to a household, we store the email address you provide so we can send and track that invitation (its role, status, and expiry) — even if that person never creates a Forkboard account.
  • Meal preferences — cuisines you like, ingredients you avoid, dietary restrictions and allergens, cooking skill, time and budget constraints, and similar settings you provide, for you and for each member of your household.
  • Ratings and feedback — the thumbs up / thumbs down and any short note you add on suggested meals, which we use to improve future plans.
  • Reports you submit — if you flag a meal suggestion, we store the reason and any note you write (which may describe a recipe shared across households) so our team can review it.
  • Pantry data — items you add to your pantry, whether typed in manually, scanned by barcode, or captured from a photo of your fridge, pantry, groceries, or a receipt.
  • Plans you create — the meals on your board and any notes you add to a day, including any plan you publish as a public share link.
  • Billing data — if you subscribe on the web, our payment processor (Stripe) handles your card details; we share your email and name with Stripe to create your billing record, and we keep only a customer identifier and your subscription status. If you subscribe through our iOS app, the purchase is made with Apple’s in-app purchase system — Apple processes your payment — and we use RevenueCat to manage the subscription and report your plan status back to us; for that we share an app-specific account identifier (not your name or email) with RevenueCat. We never see or store full card numbers in either case.
  • Session and device data — when you sign in, we record the IP address and the browser or device user-agent associated with each active session, to keep your account secure and detect abuse.
  • Usage data — to enforce fair-use limits and protect against abuse, we keep a short-lived per-account count of how many AI requests you make each day (a number only, with no request content; auto-deleted within about 48 hours).
  • Diagnostic data — limited technical logs and error reports (for example, a stack trace and the page where an error occurred) to keep the service reliable.

Some of the information above — particularly allergens and dietary or religious restrictions, whether yours or a household member’s — can reveal health-related or otherwise sensitive details about a person. Where this is “special category” data under the GDPR or “sensitive personal information” under California law, we process it only with your consent and only to filter and plan meals. We never use it for advertising, for profiling unrelated to meal planning, or for sale.

2. How we use your data

  • To create and secure your account and sign you in.
  • To generate, personalize, and improve your meal plans.
  • To apply allergen and dietary filters you have configured.
  • To operate household sharing and public share links you create.
  • To process subscription payments and manage your plan.
  • To send service email (sign-in links, account and billing notices).
  • To monitor, debug, enforce fair-use limits, and protect the service against abuse.

Our legal bases for processing (where the GDPR applies) are performance of our contract with you, your consent — including your explicit consent for any special-category data such as allergens, which you may withdraw — and our legitimate interest in operating and securing the service.

3. AI-assisted planning

To generate meal suggestions, we send relevant preference and pantry information to our third-party AI provider. In most cases that means your cuisines, dietary restrictions and allergens, and pantry items — not your name, email, or billing details. Two cases involve a little more: if you plan for a shared household, the display names of household members are included so suggestions can be attributed to the right person; and if you use photo scanning, the photo you submit is sent to the provider so it can read the item names. A receipt or other photo may show additional details, so only photograph what you’re comfortable sharing. Photos are used to extract items and are not stored by us — we keep only the list you confirm. Under our agreement with the provider, your data is not used to train its models.

Meal planning is an automated process: we use your preferences and ratings to generate and personalize suggestions. These suggestions do not produce legal or similarly significant effects, and you stay in control — you choose which meals to cook, you can change your preferences or downvote suggestions at any time, and you can stop using the AI features.

4. Who we share data with

We do not sell your data. We share it only with the service providers (“subprocessors”) that power Forkboard, each handling data on our behalf:

  • Cloudflare — hosting, content delivery, and our AI request gateway, which proxies our AI requests (including any photos you submit for scanning) on their way to our AI provider. Cloudflare also provides the bot-protection check on our sign-up form.
  • Neon — managed database hosting where your account and planning data live.
  • Resend — delivery of transactional email such as sign-in links.
  • Our AI provider — AI processing for meal suggestions and photo scanning (see section 3).
  • Stripe — payment processing and subscription management for web subscriptions.
  • RevenueCat — subscription management for in-app purchases made through Apple’s App Store in our iOS app.
  • Sentry — error monitoring and diagnostics.
  • Plausible — privacy-friendly, cookieless analytics on our marketing site (aggregate traffic only; no cookies, no cross-site tracking, and no profile of you).

When you choose to sign in with Google or Apple, you also share data with that provider directly; what we receive in return is described in section 1.

This list may change as Forkboard evolves; we will reflect material additions here and, where significant, let you know as described in section 12. If you use Forkboard for a household or business and need a data processing agreement, contact privacy@forkboard.app. We may also disclose data if required by law, to enforce our terms, or to protect the rights and safety of our users.

5. Cookies

Forkboard uses only strictly-necessary, first-party cookies: a session cookie that keeps you signed in, plus security cookies (for example, to protect sign-in forms against cross-site request forgery and during Google or Apple sign-in). Our infrastructure provider may also set strictly-necessary cookies to route traffic and block bots. We do not use advertising, cross-site tracking, or profiling cookies, and the analytics on our marketing site is cookieless. Because these cookies are strictly necessary to provide the service, no cookie-consent banner is required.

Because we don’t track you across other websites, a “Do Not Track” or Global Privacy Control signal has no cross-site activity to limit; and because we don’t sell or share your personal data, a Global Privacy Control opt-out has no additional effect.

6. Data retention

We keep your account and planning data for as long as your account is active. If you delete your account, we delete or anonymize your personal data within 30 days, with two exceptions: records we must retain longer to meet legal, accounting, or fraud-prevention obligations (for example, billing records); and an internal, append-only audit log of sensitive actions (such as account deletions, email or household-membership changes, and billing changes) that we keep for security and fraud prevention. Audit-log entries contain only identifiers and event metadata — not your name, email, or contact details — and may reference your prior account identifier after deletion.

Photos you submit for scanning are not stored — they are processed to extract items and then discarded. Session IP and device records are cleared when a session ends or expires, and diagnostic logs are retained for a short rolling window and then discarded. When you delete your account, any linked Apple sign-in is also revoked at Apple.

7. Your rights

Depending on where you live (including under the GDPR and similar laws), you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — correct inaccurate or incomplete data.
  • Erasure — ask us to delete your data (“right to be forgotten”).
  • Portability — receive your data in a portable, machine-readable format.
  • Restriction and objection — limit or object to certain processing.
  • Withdraw consent — where we rely on consent, withdraw it at any time.

To exercise any of these rights, email privacy@forkboard.app. You also have the right to complain to your local data-protection authority. If you are a California resident, see section 8 for additional rights.

8. California privacy rights

If you are a California resident, you have rights under the California Consumer Privacy Act (as amended by the CPRA), in addition to those in section 7:

  • Know and access — request the categories and specific pieces of personal information we have collected about you.
  • Delete — request deletion of your personal information.
  • Correct — request correction of inaccurate personal information.
  • Opt out of sale or sharing — we do not sell or “share” (as those terms are defined under California law) your personal information, so there is nothing to opt out of.
  • Limit the use of sensitive personal information — we use sensitive information such as allergens and dietary restrictions only to plan meals for you, not for purposes that would trigger a right to limit.
  • Non-discrimination — we will not discriminate against you for exercising these rights.

To exercise these rights, email privacy@forkboard.app. We do not knowingly sell or share the personal information of consumers under 16.

9. International transfers

Our providers may process data in the United States and other countries. Where data is transferred out of the EEA or UK, we rely on appropriate safeguards such as Standard Contractual Clauses.

10. Children

Forkboard is not directed to children. You must be at least 16 years old to create an account. We do not knowingly collect personal data from anyone under 16, and in particular we do not knowingly collect data from children under 13 (in line with the U.S. Children’s Online Privacy Protection Act). If we learn we have collected such data, we will delete it.

11. Security

We protect your data with encryption in transit, scoped access controls, and reputable infrastructure providers. No system is perfectly secure, but we work to keep your information safe. In the event of a personal-data breach affecting your information, we will notify affected users and the relevant supervisory authorities without undue delay and as required by applicable law (for example, the GDPR’s 72-hour regulator-notification timeline), by email or in-app notice.

12. Changes to this policy

We may update this policy as Forkboard evolves. We will revise the “last updated” date above when we make changes. Significant changes will be communicated by email or in-app notice.

13. Contact

Questions about privacy? Email privacy@forkboard.app or hello@forkboard.app. You can also write to us at Forkboard LLC, 1500 N Grant St Ste N, Denver, CO 80203, USA.

← Back to forkboard.app

ForkboardYour week, on one board.hello@forkboard.app
ProductHow it worksPricingDesktop meal plannerFamily meal plannerMeal planner for couplesWeb-based meal plannerDownload for iOSStart free trial
ResourcesHelp centerFAQAboutForkboard vs MealimeForkboard vs Plan to EatMealime alternative
LegalPrivacyTerms
© 2026 Forkboard, LLCThe decision, made for the screen you plan on.