Last updated: 1 January 2024
BiteFlow is a recipe discovery platform operated in the United Kingdom. For the purposes of UK GDPR and the Data Protection Act 2018, BiteFlow is the data controller for personal data collected through this service.
To contact us about your data, email privacy@biteflow.app.
We collect the following categories of personal data:
| Purpose | Lawful basis |
|---|---|
| Providing the service (login, recipes, feed) | Contract |
| Security and fraud prevention | Legitimate interests |
| Tier 1 analytics (page views, recipe views) | Legitimate interests |
| Personalisation and Tier 2 analytics | Consent |
| Responding to legal requests | Legal obligation |
We operate a two-tier analytics system in compliance with PECR 2003:
We keep your personal data for as long as your account is active.
When you request account deletion, we soft-delete your account immediately (hiding it from other users) and permanently erase your personal data within 30 days, except where we are required to retain it by law (e.g. for fraud prevention or tax records).
Security audit logs are retained for 12 months then deleted automatically.
Under UK GDPR you have the right to:
You can exercise most of these rights from your account settings. For anything else, email privacy@biteflow.app. We will respond within 30 days.
If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).
We use cookies for authentication (essential) and analytics (see above). See our Cookie Policy for full details.
We may update this policy when we add new features or our legal obligations change. When we make material changes, we will notify you by email and ask you to re-accept the updated policy on your next login.