Privacy Policy

1. Introduction

Welcome to Kindred. We are committed to protecting your privacy and being transparent about how we collect, use, and protect your personal data.

Kindred is an AI-powered cooking app that helps you discover recipes based on your dietary preferences and pantry contents. Our standout feature is voice cloning: you can upload a voice sample of a loved one, and we'll use it to narrate recipes in their voice, making cooking feel like a warm conversation with someone you care about.

Data Controller: Ersin Kirteke
Location: Vilnius, Lithuania (European Union)
Contact: privacy@kindred.app

2. Data We Collect

2.1 Voice Data (Biometric Identifier)

2.2 Location Data

2.3 Account Data

2.4 Analytics & Diagnostics

2.5 Advertising Data (Free Tier Only)

3. Your Rights (GDPR)

As a user in the European Union, you have the following rights under GDPR:

3.1 Access & Portability

You can request a copy of your personal data in a machine-readable format (JSON). Email privacy@kindred.app with subject "Data Export Request".

3.2 Deletion (Right to Erasure)

You can delete your data at any time:

• Voice profile: Delete from Settings → Privacy & Data → Delete Voice Profile
• Account: Email privacy@kindred.app with subject "Delete My Account"

Upon account deletion, we will:

• Delete your voice profile from ElevenLabs
• Delete your audio sample from R2 storage
• Anonymize your account data within 30 days

3.3 Withdraw Consent

You can withdraw consent for voice cloning or location access at any time:

• Voice: Delete voice profile from Settings
• Location: Revoke permission in iOS Settings → Kindred → Location

3.4 Object to Processing

You can object to analytics or advertising by:

• Disabling analytics in iOS Settings → Privacy & Security → Analytics & Improvements
• Upgrading to Pro (removes ads entirely)

3.5 Lodge a Complaint

If you believe we've violated your privacy rights, you can file a complaint with your national Data Protection Authority (DPA). In Lithuania: State Data Protection Inspectorate.

4. Third-Party Services

Kindred uses the following third-party services to provide core functionality:

• ElevenLabs (AI voice cloning): Privacy Policy
• Clerk (authentication): Privacy Policy
• Firebase Analytics & Crashlytics (Google): Privacy Policy
• Google AdMob (ads): Privacy Policy
• Mapbox (geocoding): Privacy Policy
• Cloudflare R2 (voice sample storage): Privacy Policy

These services are bound by their own privacy policies and may process data in the United States. ElevenLabs and Cloudflare are GDPR-compliant and use Standard Contractual Clauses (SCCs) for EU data transfers.

5. Data Security

We implement industry-standard security measures to protect your data:

• Encryption in transit: TLS 1.3 for all network communication
• Encryption at rest: AES-256 for voice samples in R2 storage
• Access control: Voice samples accessible only to authenticated backend services
• Regular audits: Third-party security reviews for backend infrastructure

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Children's Privacy

Kindred is not intended for children under the age of:

• 13 years old in the United States (COPPA compliance)
• 16 years old in the European Union (GDPR Article 8)

We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at privacy@kindred.app and we will delete it immediately.

7. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in:

• Our data practices
• Legal requirements
• New features

Material changes will be notified via:

• In-app notification
• Email (if you've provided one)
• Updated effective date at the top of this page

Your continued use of Kindred after changes constitutes acceptance of the updated policy.