← Yo Chef

Privacy Policy

Last updated: April 26, 2026

Your kitchen, your data, your family — for life.

Yo Chef ("Chef", "we", "us") is a small kitchen assistant: snap a photo of your fridge, get three dinner ideas you can actually make tonight, and let Chef remember what your household likes. It's a 6pm decision engine for people who want to cook from their own kitchen but don't have the planning bandwidth.

This policy describes what data Chef touches, where it lives, and what we do with it. It applies to yochef.ai and any subdomain we serve the app from. Chef is in an invite-only pilot. The product is small enough that this policy can be honest and specific instead of boilerplate. If something here is unclear, email team@yochef.ai.

Where your kitchen data lives

Your inventory, preferences, recipes, photos, and event log live in your own Google Drive, inside a folder named YoChef/. Chef uses the Google drive.file OAuth scope, which only grants access to files and folders Chef itself created. We cannot see anything else in your Drive.

Everything Chef writes is plain text — markdown for human-readable state (inventory.md, preferences.md, settings.md, recipes), JSONL for the event log (events.jsonl), and JPEGs for fridge photos. Chef also writes an AGENTS.md file into your folder that documents the schema, so any other AI agent you point at the folder can read your kitchen without us in the middle. This is intentional — you can take your data and walk.

You can open Drive at any time to read, edit, copy, share, or delete these files. If you stop using Chef, the data stays where it is — in your account, under your control. There's no separate Chef-side database of your kitchen to "export from" because there's nothing to export: you're already holding it.

What we store on our servers

The Chef backend (a Cloudflare Worker) holds two narrow categories of data:

  • Feedback you submit. When you tap "Send feedback", the text or transcribed voice note you send is stored in a Cloudflare D1 database along with: timestamp, the route you were on, your browser's user agent, viewport size, app version, and a short ring-buffer of the last 25 navigation events on the device. We use this to fix bugs and improve the product. We do not attach an identity to feedback records beyond what you choose to write.
  • An access-code JWT. When you enter the pilot access code, our server signs a JSON Web Token that your browser sends back to prove you're a pilot user. The token is stored in your browser's localStorage; the server only checks signatures.

We do not store your inventory, recipes, photos, voice recordings, transcripts of voice queries, or chat messages on our servers. Those flow through inference providers (below) and land in your Drive.

Third-party services we route data through

Chef talks to a small set of vendors to do the AI work. Each one only sees the data needed for the request it's handling.

  • Google (Drive API + OAuth). Stores your kitchen folder and authenticates you. Subject to Google's privacy policy.
  • OpenAI. Vision parsing of fridge and receipt photos, chat and recipe generation, and Whisper speech-to-text — when you record a voice note, the audio is sent to OpenAI for transcription. We use API keys with Zero Data Retention where available, meaning OpenAI does not retain prompts, completions, or audio for training.
  • Google (Gemini). Step-image generation for recipes and select model calls.
  • ElevenLabs. Text-to-speech only — when Chef speaks back to you, the reply text is sent to ElevenLabs to synthesize the voice you hear.
  • Cloudflare. Hosting (Workers + Pages) and the feedback database (D1).

Chef does not sell or rent data to anyone. We don't have ad networks, marketing pixels, or third-party trackers on the site.

Google API Services User Data Policy

Yo Chef's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Concretely, that means the contents of your Drive folder are:

  • used only to provide and improve user-facing features of Chef;
  • not transferred to other parties except as necessary to provide or improve those features, comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to you;
  • not used or transferred for serving advertisements, including retargeted, personalized, or interest-based advertising;
  • not read by humans, except (1) with your explicit consent, (2) for security purposes (such as investigating abuse), (3) to comply with applicable law, or (4) as aggregated and anonymized data used internally.

What's kept on your device

Chef stores a small amount of state in your browser's localStorage:

  • The Google Drive auth token Google issued for your sign-in.
  • The access-code JWT (above).
  • Your dark-mode preference.
  • Your acceptance of these terms (this page) and the Terms of Service.

Chef also keeps a 25-entry ring buffer of recent navigation events in memory for the duration of the page — if you submit feedback, these breadcrumbs are attached so we can see what you were doing when something went wrong. They are not written to disk and are discarded as soon as you close the tab.

Other preferences (voice replies on/off, onboarding state) live in your Drive folder, not on your device — see settings.md in your YoChef/ folder.

Clearing your browser's site data for yochef.ai wipes the localStorage items above. Your kitchen data in Drive is unaffected.

Data retention

  • Drive contents stay in your Drive until you delete them. Chef has a "Reset" button that deletes the YoChef/ folder on your behalf, but you can also delete it yourself in the Drive UI.
  • Feedback records are retained for as long as they're useful for product work. You can email us at team@yochef.ai to request deletion of any feedback you've submitted.
  • Inference provider logs are governed by each provider's retention policy; we use Zero Data Retention agreements where the provider offers them.

Revoking access

You can revoke Chef's access to your Drive at any time at myaccount.google.com/permissions. Doing so does not delete the YoChef/ folder — the files remain in your Drive, just no longer accessible to Chef.

Children

Chef is not directed at children under 13 and we don't knowingly collect data from them. If you believe a child has used Chef and submitted data, email us and we'll delete the relevant records.

Changes to this policy

If we change this policy in any way that affects what we collect or how we use it, we'll update the date at the top and prompt you to re-accept the new version the next time you sign in. Cosmetic edits (typos, rewording) won't trigger a re-prompt.

Contact

Questions or requests: team@yochef.ai.