Privacy Policy
Last updated 15 July 2026.
This policy covers the Kvali app and the websites kvalifood.com and kvalimad.dk.
The websites have no accounts and no login. You can read every recipe without telling us anything. Everything below is about the app.
Who is responsible
Kvali is run by Max Møller. For any question about your data, or to exercise any of the rights below, write to maxm@mxm.dk.
What we collect
Only what the app needs to work. There is no analytics SDK, no advertising, no tracking across other apps or sites, and no profiling.
When you create an account
- Your email address — to sign in and to send a password-reset code.
- Your password — stored only as a bcrypt hash. We never see it and cannot recover it, which is why a reset issues a new one rather than telling you the old one.
- Your display name, if you enter one.
- Your language and unit preference.
When you use the app
- The household you create or join, and your role in it.
- Your meal plans: which recipes on which days, servings, notes.
- Your shopping lists, including what you have ticked off.
- Your favourites.
- Recipes you write yourself, including any photo you attach.
- Your dietary preferences — ingredients or groups you have excluded. Depending on what you exclude, this can imply something about your health or beliefs, so we treat it as sensitive: it is used only to filter recipes, and never shared.
- If you send a bug report: your message, the platform, and the app version.
Technical
The server keeps short-lived request logs containing IP addresses, in order to apply rate limits and to see whether the service is up. They are not used to build a profile of you.
What we do not collect
- No location data.
- No contacts, no photo library access beyond the picture you deliberately attach to your own recipe.
- No advertising identifiers.
- No third-party analytics.
Sharing inside a household
A household is shared by design. Other members can see the household’s meal plans, shopping lists, favourites, and any recipe you share to it. They cannot see your email, your password, or your personal dietary preferences.
This matters if you leave: the household’s plans and lists stay with the household, because they belong to everyone in it, not only to you.
Who else sees your data
Nobody, apart from two service providers we cannot do without:
- Postmark (Wildbit LLC, USA) delivers the password-reset email. They receive your email address and the code, and nothing else.
- The server itself is hosted on our own hardware in Denmark. No cloud provider is involved.
We do not sell your data. We do not share it with advertisers. There is nobody else.
How long we keep it
Your data stays while your account exists. Delete the account and it goes — see below. Password-reset codes expire after 15 minutes.
Backups are the one place deleted data lingers. We keep a daily copy of the database for 14 days and a weekly copy for about a month, so something you delete can survive in a backup for up to roughly five weeks before it is overwritten for good. We would rather tell you that than claim deletion is instant everywhere.
Your rights
Under the GDPR you can, at any time:
- Get a copy of your data. The app has a “Download my data” button in the Household tab. It hands everything to your device’s share sheet as JSON — account, your own recipes, meal plans, shopping lists, favourites, dietary settings, bug reports — so you can save it, mail it to yourself, or open it elsewhere. It is a structured, machine-readable format, which is what the law asks for.
- Delete your account. The app has a “Delete account” button in the Household tab. It takes effect immediately: your email and name are erased, your password is destroyed, your dietary settings and bug reports are deleted, your unshared recipe drafts go, the app forgets you on that device, and you are signed out everywhere. Recipes you shared with a household stay with the household, as do the meal plans and shopping lists you made together — they belong to everyone in it, not only to you, and they are no longer attributed to your name. If you were the last admin, we either hand the household to the longest-standing member or dissolve it.
- Correct your data. Change your name, language and preferences in the app.
- Complain. If you think we have handled your data badly, you can complain to Datatilsynet, the Danish Data Protection Agency (datatilsynet.dk).
You do not need to ask us for any of this, and you do not need a reason. If something is not working, write to maxm@mxm.dk.
Legal basis
We process your data to provide a service you asked for (Article 6(1)(b) — the contract between us). Dietary preferences, where they reveal something sensitive, are processed on your explicit consent (Article 9(2)(a)) — you give it by entering them, and you withdraw it by removing them.
Children
Kvali is not aimed at children and we do not knowingly collect data from anyone under 13.
Security
Passwords are hashed with bcrypt. Traffic runs over HTTPS. Reset codes are stored only as a hash, expire in 15 minutes, work once, and are locked after five wrong attempts. The database is backed up daily to redundant storage.
We are a small operation and we would rather say this plainly than imply more: no system is perfectly secure. If you find a problem, please tell us at maxm@mxm.dk and we will fix it.
Changes
If this policy changes we will update the date at the top. If a change actually affects you, we will say so in the app rather than quietly editing this page.