Privacy Policy

1. Who is responsible for your data

Tribal People Recipes is the data controller for personal data processed through the Service. For any privacy question or to exercise your rights, contact us at inparlorpk@gmail.com.

2. What data we collect

• Account data — your name, email address, and a securely hashed password (we never store your password in plain text).
• Google sign-in data — if you sign in with Google, we receive your name, email, and profile picture from Google.
• Purchase data — a record that you purchased access, the amount, and a Stripe customer reference. Card details are handled entirely by Stripe; we never see or store them.
• Technical data — IP address, browser type, and basic request logs, used for security and to operate the Service.

3. How and why we use your data (lawful bases)

• To provide the Service (accounts, access, content) — lawful basis: performance of a contract.
• To process your payment and keep purchase records — contract and compliance with legal/tax obligations.
• To send transactional emails (verification codes, payment confirmations, password resets) — contract.
• To keep the Service secure and prevent abuse — legitimate interests.

We do not sell your personal data, and we do not use it for third-party advertising.

4. Cookies

We use only essential cookies — a secure session cookie that keeps you signed in. We do not use advertising or analytics tracking cookies. Embedded YouTube videos use the privacy-enhanced (no-cookie) mode. If you click an Amazon affiliate link, Amazon may set its own cookies under its own privacy policy.

5. Who we share data with

We use trusted service providers (processors) to run the Service:

• Stripe — payment processing.
• Resend — sending transactional emails.
• Google — optional sign-in.
• Hetzner — server hosting.
• Cloudflare — DNS and security.

Each processes data only as needed to provide their service. We may also disclose data if required by law.

6. International data transfers

The Service is hosted on servers located in the United States and is operated internationally. If you are in the EU/UK, your data may be transferred outside your country. Where required, such transfers rely on appropriate safeguards (such as Standard Contractual Clauses) used by our providers.

7. Data retention

We keep your account data while your account is active. Purchase records may be kept longer where needed to meet legal and tax obligations. When you request deletion, we remove your personal data except where we must retain limited records by law.

8. Your rights

Depending on your location, you have the right to: access your data; correct inaccurate data; request erasure; restrict or object to processing; data portability; and withdraw consent at any time. EU/UK users also have the right to lodge a complaint with their data protection supervisory authority.

To exercise any of these rights, email us at inparlorpk@gmail.com. We will respond within the timeframe required by applicable law (one month under GDPR). If you are a California resident, you have similar rights under the CCPA/CPRA, including the right to know and to delete; we do not sell personal information.

9. Security

We protect your data with measures including encrypted connections (HTTPS), hashed passwords, and restricted access. No method of transmission or storage is completely secure, but we work to protect your information.

10. Children

The Service is not intended for children under 16. We do not knowingly collect data from children. If you believe a child has provided us data, contact us and we will delete it.

11. Changes to this policy

We may update this policy from time to time. The "last updated" date above shows the latest version, and significant changes may be communicated by email.