Privacy Policy
Effective February 19, 2026
Who we are
Dillr is built by Bara Vara AB, a company registered in Stockholm, Sweden. We make an AI cooking assistant that helps home cooks plan meals, discover recipes, and get better in the kitchen.
When we say “Dillr”, “we”, or “us” in this policy, we mean Bara Vara AB.
What we collect and why
We only collect what we need to make Dillr work well for you. Here’s the full picture:
Account information
When you sign up, we store your name, email address, sign-in method (Apple or Google), and basic device information. This lets us create your account and keep it secure.
Your cooking profile
Dillr learns about you so it can give better suggestions. This includes your dietary preferences and restrictions, allergies, kitchen equipment, cooking skill level, household size, and goals (like cooking more vegetarian meals or saving time on weekdays). The AI may also save notes about you based on your conversations — things like “prefers one-pot meals” or “doesn’t like cilantro”. You can view, edit, or delete these notes anytime. Note that removing a note doesn’t delete the original conversation it came from — your conversation history is stored separately.
Family data
If you choose to set up a household, you can optionally share family member names, their dietary needs, and invite emails. This is entirely voluntary — you decide how much or how little to share. It helps Dillr plan meals that work for everyone.
Recipes
We store the recipes you save, import, or create — including titles, ingredients, instructions, images, source URLs, and photos you import. These are yours. Each recipe has an unlisted public link — it won’t appear in search results or be discoverable by others, but anyone you share the link with can view it. We may also feature recipes on the Dillr website or in promotional materials, as described in our Terms and Conditions.
Conversations
When you chat with Dillr, we store your messages and the AI’s responses. To generate responses, your messages are sent to Google Gemini, Google’s AI service. Google processes them under their data processing terms and does not use them to train their models. We also track conversation costs internally so we can manage our infrastructure.
Collections and suggestions
We store the collections you create to organize recipes, and any AI-generated suggestions Dillr makes for you.
Voice input
If you use hands-free mode, Dillr may process speech audio using on-device or cloud-based speech recognition to convert your voice into text. We don’t store raw audio — only the resulting text, which is treated the same as any other message in your conversations.
Subscription information
If you subscribe, we receive Apple In-App Purchase transaction IDs to verify your subscription status. We never see or store your payment card details — Apple handles all of that.
Third-party services
We use a small number of trusted services to run Dillr:
| Service | What it does | Data involved |
|---|---|---|
| Firebase Auth | Account sign-in | Email, name, auth provider |
| Cloud Firestore | Stores your data | All app data listed above |
| Firebase Storage | Stores images | Recipe photos you upload |
| Firebase Analytics | Aggregate app usage | Anonymous usage events |
| Firebase Crashlytics | Crash reporting | Device info, crash logs |
| Google Gemini | Powers the AI assistant | Conversation messages |
| Apple Sign-In | Authentication | Name, email (from Apple) |
| Apple DeviceCheck | Trial verification | Anonymous device token |
| Apple IAP | Subscription processing | Transaction IDs |
What we don’t do
Let’s be direct about this:
- We don’t sell your data. Not to advertisers, data brokers, or anyone else.
- We don’t use your data to train public AI models. Your recipes and conversations stay private. The AI processes your messages to respond to you, and that’s it.
If we send you push notifications, you’ll always be able to control them through your device settings.
Your rights under GDPR
You live in the EU (or we’re based here), so GDPR applies. You have the right to:
- Access your data — ask us for a copy of everything we have
- Rectify inaccurate data — tell us what’s wrong and we’ll fix it
- Erase your data — ask us to delete your account and all associated data
- Port your data — get your data in a machine-readable format
- Restrict processing — ask us to limit how we use your data
- Object to processing — tell us to stop processing for a specific purpose
- Withdraw consent at any time, without affecting prior processing
To exercise any of these rights, email us at hello@dillr.ai. We’ll respond within 30 days.
If you’re not satisfied with how we handle your request, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY) at imy.se.
Data retention
We keep your data for as long as your account is active. If you delete your account, we remove all your personal data within 30 days. Some anonymized, aggregated data (like total user counts) may be retained for analytics.
Children’s privacy
Dillr is not directed at children under 16 years of age (the GDPR threshold). We don’t knowingly collect personal data from anyone under 16. If we learn that we have, we’ll delete it promptly.
Changes to this policy
If we make meaningful changes to this policy, we’ll let you know through an in-app notice or by email before the changes take effect.
Contact us
Questions, concerns, or just want to say hello?
Email: hello@dillr.ai Company: Bara Vara AB, Stockholm, Sweden