AI Usage Policy

    Effective date: May 13, 2026 · Version 1.0

    1. Purpose

    This policy explains how Sue the Souschef (“Sue”) develops, deploys, and operates artificial intelligence features. It is intended to give our users, partners, and enterprise customers a clear, honest understanding of how AI handles your data inside our product.

    2. Core principles

    • We do not train AI models on your data. Sue does not train, fine-tune, or otherwise modify any AI model. All AI features are powered by third-party providers, accessed via stateless API calls.
    • Our providers don't train on your data either. We choose providers whose API terms prohibit using your inputs for model training, and we enable Zero Data Retention where it is available.
    • Data minimization. Only the data needed for the immediate AI request is sent — not unrelated profile data, identifiers, or session history.
    • Transparency. We publish the full list of AI providers below and keep it current.
    • Human accountability. AI output is a tool, not an authority. Sue's AI is not used to make medical, legal, financial, or other safety-critical decisions.

    3. Categories of AI providers we use

    Sue uses third-party providers for the AI features in the app. These providers process customer data on Sue's behalf and are bound by Data Processing Addenda where applicable. None of them train their models on your inputs.

    • Large language model providers for conversational reasoning, recipe generation, and text understanding.
    • Speech-to-text providers for transcribing your voice during hands-free cooking sessions.
    • Text-to-speech providers for synthesizing Sue's voice responses.
    • Computer-vision providers for understanding ingredient and recipe photos you take or import.
    • Public-web fetching providers for retrieving publicly available recipe pages when you import a URL (only the public URL is sent; no user PII).

    A complete and current list of named sub-processors is maintained and provided to enterprise customers and partners under a Data Processing Addendum. Individuals can request the list by contacting us at the email below.

    4. How your data flows

    When you use an AI feature in Sue, the relevant input (a question, a voice clip, an image, or a snippet of context) is sent over an encrypted connection to our backend, which forwards it to one of the providers above. The provider returns a response, which is relayed back to you.

    We do not store prompt text or AI responses in our logs. Voice audio and image bytes used for AI are discarded after the inference completes, except where you explicitly save the resulting content (for example, a recipe you generate and keep).

    5. Security controls

    • All AI traffic is encrypted in transit (TLS 1.2 or higher).
    • Provider API keys are held server-side only, in encrypted environment variables. They are never exposed to your device and never committed to source control.
    • The mobile app authenticates to our backend with a scoped bearer token, and rate limiting protects against abuse.
    • AI model identifiers are pinned to specific versions so changes are caught in testing rather than surprising users in production.
    • We monitor AI security research (including OWASP's LLM Top 10) and update our prompt-construction logic and input validation accordingly.

    6. Your rights

    • You may delete your Sue account at any time from in-app settings. Deletion cascades to all data we hold about you.
    • You may opt out of product analytics from in-app settings.
    • You may request a copy of the data we hold about you by contacting us at the email below.

    7. AI-related incidents

    If we become aware of a security incident affecting AI features — including credential compromise, a sub-processor breach, or accidental disclosure of customer data via AI output — we rotate affected credentials immediately, investigate the scope and timeline, and notify affected users within the timelines required by applicable law and our contractual commitments (typically within 72 hours for material incidents involving personal data).

    8. Updates to this policy

    We review this policy at least annually and whenever we add or remove an AI provider, change our AI architecture, or face a material AI-related incident. Material changes are reflected here with an updated effective date within 30 days.

    9. Contact

    Questions about this policy can be sent to jklin1206@gmail.com.