Skip to content
ZestaReal flavor. Zero guesswork.
Subscribe

Legal

Privacy Policy

Last updated: March 31, 2026

This Privacy Policy explains how Zesta ("we," "us," or "our") collects, uses, and protects personal data when you use our platform. We aim to be clear about the data we need to operate the product and the providers involved in running it.

1. Data We Collect

We collect the categories of data needed to run the product: • Account data: name, email address, and authentication identifiers when you sign in. • Profile data: language, dietary preferences, household settings, and kitchen preferences. • Usage data: recipes viewed, searches, saved items, meal plans, pantry actions, and feature interactions. • Pantry and upload data: ingredients you add manually plus any pantry photos or scans you submit for analysis. • Conversation data: messages and preferences you share while using AI-assisted features such as ChefChat. • Device and technical data: browser or device type, operating system, approximate network data, and reliability signals needed for security and diagnostics. • Payment and entitlement data: if live purchases are enabled for your platform, our payment providers process the transaction and return status information such as plan tier, renewal state, and billing history. We do not store full payment-card numbers ourselves. • Browser storage and cookies: see our Cookie Policy for the current deployment details.

2. How We Use Your Data

• To provide the Zesta service, personalize kitchen guidance, and keep your state synced. • To operate account, household, planning, pantry, and AI-assisted features. • To process memberships and entitlements when live billing is enabled. • To send service-related notifications you opt into, such as reminders or account alerts. • To monitor reliability, investigate incidents, prevent abuse, and improve the product. • To comply with legal obligations and enforce our Terms of Service.

3. Legal Basis for Processing

• Contract: processing necessary to provide you with the Zesta service. • Consent: optional analytics cookies and marketing communications. • Legitimate interest: service improvement, security monitoring, and fraud prevention. • Legal obligation: compliance with applicable laws and regulations.

4. Data Sharing

We do not sell your personal data. We may share data with service providers that help us run the platform, such as: • identity and authentication providers • hosting, storage, and infrastructure providers • operational analytics and error-monitoring providers • payment providers when live checkout is enabled • AI model providers used to power assisted product features We may also disclose data when required by law, to enforce our agreements, or to protect users and the service.

5. Data Retention

We keep data for as long as needed to operate the service, meet legal obligations, resolve disputes, and enforce our agreements. Retention periods vary by data type: • account and profile data remain available while your account is active • pantry uploads and temporary analysis artifacts may be deleted sooner once processing completes • billing and accounting records are retained for the period required by applicable law when paid transactions exist • browser storage and cookie duration depends on the specific mechanism described in our Cookie Policy

6. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, export, delete, or object to certain processing of your personal data. To make a request, contact us at info@shoutabkhin.com. We will respond within the timeframe required by applicable law.

7. International Data Transfers

Your data may be processed in countries outside your country of residence, including the United States (for cloud hosting and AI processing). We ensure appropriate safeguards are in place, including standard contractual clauses where required by GDPR.

8. Children's Privacy

Zesta is not directed at children under 16. We do not knowingly collect personal data from children under 16. If you believe we have collected such data, please contact us immediately and we will delete it promptly.

9. Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit (TLS) and at rest, access controls, and regular security reviews. No system is completely secure, and we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When changes are material, we will update the policy date and use an appropriate in-product or account notice for the release.

11. Contact & Data Protection

For privacy questions, data requests, or complaints: Email: info@shoutabkhin.com You may also have the right to contact your local supervisory authority where applicable.