Privacy Policy
Effective April 15, 2026
Who we are
Dillr is built by Bara Vara AB, a company registered in Stockholm, Sweden. We make an AI cooking assistant that helps home cooks plan meals, discover recipes, and get better in the kitchen.
When we say “Dillr”, “we”, or “us” in this policy, we mean Bara Vara AB.
What we collect and why
We only collect what we need to make Dillr work well for you. Here’s the full picture:
Account information
When you sign up, we store your name, email address, sign-in method (Apple or Google), and basic device information. This lets us create your account and keep it secure.
Your cooking profile
Dillr learns about you so it can give better suggestions. This includes your dietary preferences and restrictions, allergies, kitchen equipment, cooking skill level, household size, and goals (like cooking more vegetarian meals or saving time on weekdays). The AI may also save notes about you based on your conversations — things like “prefers one-pot meals” or “doesn’t like cilantro”. You can view, edit, or delete these notes anytime. Note that removing a note doesn’t delete the original conversation it came from — your conversation history is stored separately.
Family data
If you choose to set up a household, you can optionally share family member names, their dietary needs, and invite emails. This is entirely voluntary — you decide how much or how little to share. It helps Dillr plan meals that work for everyone.
Recipes
We store the recipes you save, import, or create — including titles, ingredients, instructions, images, source URLs, and photos you import. These are yours. Each recipe has an unlisted public link — it won’t appear in search results or be discoverable by others, but anyone you share the link with can view it. We may also feature recipes on the Dillr website or in promotional materials, as described in our Terms and Conditions.
Conversations
When you chat with Dillr, we store your messages and the AI’s responses. To generate responses, your messages are sent to Google Gemini, Google’s AI service. Google processes them under their data processing terms and does not use them to train their models. We also track conversation costs internally so we can manage our infrastructure.
Collections and suggestions
We store the collections you create to organize recipes, and any AI-generated suggestions Dillr makes for you.
Voice input
If you use hands-free mode, Dillr may process speech audio using on-device or cloud-based speech recognition to convert your voice into text. We don’t store raw audio — only the resulting text, which is treated the same as any other message in your conversations.
Subscription information
If you subscribe, we receive Apple In-App Purchase transaction IDs to verify your subscription status. We never see or store your payment card details — Apple handles all of that.
Third-party services
We use a small number of trusted services to run Dillr:
| Service | What it does | Data involved |
|---|---|---|
| Firebase Auth | Account sign-in | Email, name, auth provider |
| Cloud Firestore | Stores your data | All app data listed above |
| Firebase Storage | Stores images | Recipe photos you upload |
| Firebase Analytics | Aggregate app usage | Anonymous usage events |
| Firebase Crashlytics | Crash reporting | Device info, crash logs |
| Google Gemini | Powers the AI assistant | Conversation messages |
| Apple Sign-In | Authentication | Name, email (from Apple) |
| Apple DeviceCheck | Trial verification | Anonymous device token |
| Apple IAP | Subscription processing | Transaction IDs |
| MCP AI clients (optional) | Read/write your kitchen via the MCP connector | Tool calls + responses exchanged with whichever AI assistant you link (e.g. Anthropic Claude, OpenAI ChatGPT) |
What we don’t do
Let’s be direct about this:
- We don’t sell your data. Not to advertisers, data brokers, or anyone else.
- We don’t use your data to train public AI models. Your recipes and conversations stay private. The AI processes your messages to respond to you, and that’s it.
If we send you push notifications, you’ll always be able to control them through your device settings.
Your rights under GDPR
You live in the EU (or we’re based here), so GDPR applies. You have the right to:
- Access your data — ask us for a copy of everything we have
- Rectify inaccurate data — tell us what’s wrong and we’ll fix it
- Erase your data — ask us to delete your account and all associated data
- Port your data — get your data in a machine-readable format
- Restrict processing — ask us to limit how we use your data
- Object to processing — tell us to stop processing for a specific purpose
- Withdraw consent at any time, without affecting prior processing
To exercise any of these rights, email us at hello@dillr.ai. We’ll respond within 30 days.
If you’re not satisfied with how we handle your request, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY) at imy.se.
Using Dillr with an AI assistant (MCP connector)
Dillr offers an optional Model Context Protocol (MCP) connector that lets an external AI assistant read and update your Dillr kitchen on your behalf — so you can plan meals, update your pantry, save recipes, and build shopping lists from inside a chat with the assistant of your choice. MCP is an open standard, so any client that supports it can connect. Today that includes products like Anthropic Claude and OpenAI ChatGPT, and more clients are being added over time. Using the connector is entirely optional, and you choose which client to link.
Below we use “the client” to mean whichever AI assistant you’ve chosen to link to Dillr.
How linking works. When you connect Dillr inside the client, the client sends you to Dillr to sign in. After you sign in, Dillr issues the client a short-lived access token (1 hour) and a refresh token (revocable). No password is shared with the client. You can disconnect at any time from the client’s connector settings or by signing out of Dillr — revoked refresh tokens are rejected immediately on the next refresh attempt.
What the client can see. Only what the connector’s tools expose: your kitchens, pantry, leftovers, saved recipes, menus, shopping lists, cooking history, occasions, dietary preferences, and profile notes. The client does not see your Firebase password, payment details, device identifiers, or anything outside the tools your account has access to.
What flows where during a tool call. Your conversation with the client is processed by that client’s provider under their privacy policy — for example, Anthropic’s privacy policy if you’re using Claude, or OpenAI’s privacy policy if you’re using ChatGPT. When the client calls a Dillr tool, the tool’s inputs (e.g. a recipe to save, a pantry update) travel from the client’s servers to Dillr over HTTPS, are executed against your Firestore data, and the response is returned to the client. Dillr stores the results of those calls in the same places as the rest of your kitchen data (pantry, recipes, shopping lists, etc.) — there is no separate “MCP copy” of your data. Because your conversation with the client happens on their platform, we can’t see it and we can’t control their retention of it — review the client’s privacy policy to understand what they do with it.
OAuth metadata we store. To make the connector work, Dillr stores: the client registration record (created via RFC 7591 Dynamic Client Registration), short-lived authorization codes (deleted on first use, max 10 minutes), and refresh tokens (until you revoke them or your account is deleted). Access tokens are JWTs and are not stored server-side. No conversation content is retained outside what the tool call explicitly writes to your kitchen.
Storage and location. MCP data — OAuth client records, refresh tokens, and any kitchen data written through connector tools — is stored in Google Cloud Firestore in the europe-west1 region, the same region as the rest of Dillr.
Retention. OAuth client registrations persist until you or we revoke them. Refresh tokens persist until revoked or until you delete your account. Authorization codes expire within 10 minutes. All MCP-related data is deleted within 30 days of account deletion, the same window as the rest of your data.
Contact. Questions specific to the MCP connector? Email hello@dillr.ai — same address as the rest of our privacy queries.
Data retention
We keep your data for as long as your account is active. If you delete your account, we remove all your personal data within 30 days. Some anonymized, aggregated data (like total user counts) may be retained for analytics.
Children’s privacy
Dillr is not directed at children under 16 years of age (the GDPR threshold). We don’t knowingly collect personal data from anyone under 16. If we learn that we have, we’ll delete it promptly.
Changes to this policy
If we make meaningful changes to this policy, we’ll let you know through an in-app notice or by email before the changes take effect.
Contact us
Questions, concerns, or just want to say hello?
Email: hello@dillr.ai
Company: Bara Vara AB, Stockholm, Sweden