What we collect, and why.

Last updated: 26 April 2026

Yami is built by one person, in Sweden, who would rather not collect your data. This page explains what Yami does collect, why, and how to get rid of it whenever you want.

Who we are

Yami is operated by Adam Bergman Karlsson, a sole developer based in Sweden. For any privacy question or request, write to support@yamiapp.eu.

What we collect

Your account

When you sign up, we store your email address and a hashed password. Authentication is handled by Supabase, hosted in the European Union. We never see your plain-text password.

Recipes and collections

Anything you save in Yami — recipe links, ingredients, photos you upload, the collections you build, the recipes you mark as cooked — is stored in your account so the app can show it back to you and to anyone you've explicitly shared a collection with. Photos are stored in Supabase Storage in the EU.

Subscription status

If you subscribe to Yami Premium, Apple handles the payment. We receive only an entitlement signal that says "this account has an active subscription." We never see your card details, your full Apple ID, or your purchase history outside of Yami. Subscription state is processed via Superwall and Apple StoreKit 2.

Diagnostics

To find and fix bugs, Yami sends anonymized usage events and crash reports to PostHog (which uses PLCrashReporter under the hood). These events describe what screens were visited and what errors occurred, not who you are or what's in your recipes.

What we do not collect

Your contacts, calendar, or microphone
Your precise or background location
Advertising identifiers (IDFA) — Yami has no ads
Browser history or activity outside the Yami app
Anything from this marketing site beyond standard, anonymous Cloudflare traffic logs

How shared collections work

When you share a collection, Yami generates a single-use, 16-character invite code that expires after 24 hours. Anyone who joins your collection can see who saved each recipe and who's marked it as cooked. They cannot see the rest of your library, your email address, or anything outside that one collection. You can leave or remove members at any time from inside the app.

Where your data lives

Yami's database and file storage live with Supabase in the European Union. Recipe import and parsing run on Google Cloud Run in europe-west1 (Belgium). We do not sell, rent, or share your data with advertisers or data brokers — full stop.

Your rights under GDPR

If you live in the EU, EEA, UK, or Switzerland, you have the right to:

Access a copy of the data we hold about you
Correct anything that's wrong
Export your recipes in a machine-readable format
Delete your account and everything in it
Object to specific processing or restrict it
Lodge a complaint with your local data protection authority (in Sweden, that's IMY)

You can delete your account directly inside the app, under Settings → Account. A full data wipe completes within 30 days. For anything else, email support@yamiapp.eu and we'll respond within 30 days.

Children

Yami is rated 4+ on the App Store but is not directed at children under 13 and does not knowingly collect data from them. If you're a parent and believe your child has created an account, write to support@yamiapp.eu and we'll delete it.

Sub-processors

The third parties that help run Yami:

Supabase (Ireland / EU) — database, authentication, file storage
Google Cloud Run (Belgium / EU) — recipe import and API hosting
Cloudflare (global CDN) — this marketing site only
PostHog — anonymized analytics and crash reports
Apple — subscription billing via StoreKit
Superwall — paywall presentation and subscription state

Changes to this policy

If we make a material change to how we handle your data, we'll update the date at the top of this page and notify you by email or in-app. Continued use of Yami after a change means you accept the updated policy.

Contact

Privacy questions, data requests, or anything that feels off — write to support@yamiapp.eu. One human reads every email.