Privacy Policy
Sorrel is an iOS app that helps you collect recipes, plan the week's meals, and produce a grocery list. This policy explains what we collect, what we do with it, and what we don’t do. It’s written in plain language because it should be possible to read.
Who runs Sorrel
Sorrel is built and operated by an independent developer based in the United States. For any privacy question, email support@trysorrel.com.
What we collect
- Account info from Sign in with Apple. When you sign in, Apple sends us three things: a unique Apple user identifier, your name (you choose what to share with Apple before signing in), and an email address. The email is either your real address or a private relay address that Apple generates for you (
<something>@privaterelay.appleid.com) — you pick which in Apple’s sign-in sheet, and either way we receive an address we can email. - Recipes you save. Titles, ingredients, instructions, and any notes attached to them — whether you pasted a link, imported a cookbook photo, typed it in by hand, or pulled it from Sorrel’s curated catalog.
- Your weekly meal plan and grocery list. Which recipes you picked for the week, and the items on the resulting grocery list.
- Photos you choose to import. Only when you use the “Snap a photo” feature to add a recipe. We never read your photo library on our own — iOS only hands us the specific photo you pick or the picture you just took. See Recipe photos below for what happens to it.
- Usage and diagnostic data. Which screens you visit, which buttons you tap, how long you spend on each screen, and any errors or crashes the app encounters. During the beta we also record a video-style replay of your interactions with the app, with your email address masked. See Analytics and diagnostics below.
How we use it
We use the data above to:
- Sign you in and link your saved recipes and meal plans to your account across sessions (this uses your Apple user identifier and email).
- Parse and structure recipes you import — turning a webpage, photo, or block of text into a clean list of ingredients and steps you can plan and shop from.
- Show you your recipes, weekly plan, and grocery list when you open the app.
- Contact you at the email Apple provides if we need to reach you about your account (rare — this is not a marketing list).
That’s it.
Who we share it with
We share data only with the services we need to run Sorrel:
- Apple — handles sign-in.
- AI providers — when you import a recipe from a URL, photo, or pasted text, we send that content to third-party AI services so they can extract and structure it (ingredients, quantities, steps) into a format the app can store. When you use the “Snap a photo” feature, the photo itself is sent for text recognition — see Recipe photos below. We do not send your name, email, or Apple user ID to them.
- Hosting — our backend, database, and the private storage bucket where imported recipe photos live are hosted with a US-based cloud provider.
- Analytics and crash reporting — we use a third-party analytics service and a separate crash reporting service to record the usage events, screen replays, and errors described above. Events are tied to your account user ID so we can investigate per-user issues; they are not linked to advertising identifiers or shared with advertisers.
We do not sell your data and we do not share it with advertisers, data brokers, or marketing networks.
What we don’t do
- We do not show ads.
- We do not sell, rent, or trade your data.
- We do not use advertising SDKs or cross-app tracking.
- We do not link your activity to an advertising identifier (IDFA).
- We do not use cookies (there is no web app).
- We do not collect your location, contacts, microphone, or health data.
- We do not read your photo library on our own. The only photos we ever see are ones you pick or capture inside the “Snap a photo” flow (see Recipe photos).
Recipe photos
When you use the “Snap a photo” feature to import a recipe, the photo you select or capture is uploaded to our servers and stored in a private bucket that is only accessible via our backend with credentials that never leave our production environment. The photo bytes are sent to a third-party AI vision service for text recognition and recipe extraction; under the API terms of the provider we use, this content is not used to train their models. The photo is retained alongside the recipe in your library and can be deleted at any time by deleting the recipe. We do not share photos with any other third party.
Analytics and diagnostics
To find bugs and figure out where the app is confusing, Sorrel records usage analytics and crash reports. This includes the screens you visit, the buttons you tap, how long you spend on each screen, and any errors or crashes the app encounters. Events are tied to your account user ID so we can tell whether a problem is happening to one user or many — they are not linked to your name, email, advertising identifiers, or any data outside Sorrel.
During the beta period, the app also records a video-style replay of your interactions (taps, scrolls, navigation) so we can see in practice where the app is confusing. Your email address is masked from the recording. We may turn replays off for the public App Store release; this page will reflect what’s actually in effect.
Both of these go to third-party services we use for product analytics and crash reporting. They are first-party in the sense that we operate them for our own purposes; they do not share data with advertisers, brokers, or other apps.
How long we keep it
We keep your account and the data tied to it for as long as your account is active. If you ask us to delete your account, we delete your account record and the recipes, meal plans, and grocery lists associated with it from our database. Backups containing the data may persist for up to 30 days before they roll off. Analytics events and crash reports tied to your user ID may persist longer with the third-party providers we use; email us to request full deletion from those systems as well.
Your rights
You can:
- Delete your account from inside the app — Account Settings → Delete account. This removes your account and the recipes, plans, and grocery lists tied to it.
- Ask us what data we hold about you, or to correct anything that’s wrong, by emailing support@trysorrel.com. We’ll handle the request within a reasonable time (usually within a week).
Children
Sorrel is not directed to children under 13, and we do not knowingly collect personal information from anyone under 13. If you believe a child has created an account, email us and we will delete it.
Security
Data is transmitted over HTTPS and stored in a managed Postgres database with access restricted to the app’s backend. No system is perfectly secure, but we keep our setup small and current on patches.
Changes to this policy
If we change how we handle your data, we’ll update this page and bump the effective date at the top. Material changes will be noted in the app.