Privacy Policy
Last updated: 02/13/2026.
This policy governs personal data processing at GroCook under GDPR and applicable Spanish data protection law.
1. Data controller
Controller: GroCook.
2. Data we process
- Account data: name, email, hashed password and signup metadata.
- Functional data: recipes, favorites, shopping lists and weekly plans.
- Technical data: aggregated usage events only with analytics consent.
3. Purposes and legal bases
- Provide the requested service and maintain your account (contract performance).
- Comply with legal obligations (legal obligation).
- Improve the product with optional analytics (consent).
- Ensure security and prevent fraud (legitimate interest).
4. Recipients and processors
We do not sell personal data. We rely on necessary technology providers under data-processing agreements.
5. Data retention
We keep data while your account is active or for legally required periods.
6. Rights
You may exercise access, rectification, erasure, objection, restriction and portability rights.
7. Cookies and analytics
Cookie and consent details are explained in the Cookie Policy. Analytics/AdSense consent is managed via Google's CMP.
8. Minors and account use
Users confirm that provided data is accurate and they have legal capacity to use the service.
9. Updates
GroCook may update this policy to reflect legal or functional changes.
contacto@grocook.com. You may also file a complaint with the Spanish Data Protection Authority (AEPD).