Privacy policy
Version: 1.0 Effective date: 14.07.2026 Last updated: 14.07.2026
1. Introduction
This Privacy Policy explains how personal data is collected, used, stored and shared in connection with the website available at https://muddlo.com.
It applies to visitors, Registered Users, Guests submitting ratings or comments, persons using shared shopping lists, recipe authors and persons contacting Muddlo.
2. Data controller
The controller of personal data processed through Muddlo is:
Contact email: contact@muddlo.com
Questions and requests relating to personal data should be sent to contact@muddlo.com.
3. Categories of personal data
Depending on how a person uses Muddlo, the following categories of data may be processed.
3.1 Account and authentication data
When a User registers or uses an account, Muddlo may process:
- public account name;
- email address;
- optional year of birth;
- cryptographically hashed password;
- account role;
- account-blocking status;
- account creation and update dates;
- date of acceptance of the Terms of Service;
- date of acceptance of the responsible alcohol consumption rules;
- login, logout and password-reset information;
- remember-me authentication identifiers.
Passwords are not intended to be stored in plaintext. A cryptographic password hash is stored instead.
3.2 Session and technical data
When a person uses the Service, Muddlo may automatically process:
- IP address;
- user-agent string;
- browser and device information;
- session identifier;
- CSRF security token;
- date and time of requests;
- last activity time;
- requested URLs;
- server responses and error information;
- information stored in essential cookies.
Some technical logs may contain a full IP address. Other statistics, including recipe-view and ingredient-search records, may use a truncated, pseudonymised or hashed representation of the IP address.
A hashed IP address may still constitute personal data where it can be connected with other available information.
3.3 Age declaration
Muddlo records a declaration that the visitor confirms being at least 18 years old.
The declaration is stored locally in the visitor’s browser using localStorage for up to 180 days.
This is a declaration made by the visitor. It is not a formal identity or age-verification process.
3.4 My Bar and favourites
For Registered Users, Muddlo processes:
- ingredients saved in My Bar;
- dates on which ingredients are added or removed;
- recipes added to favourites;
- links between the account and the relevant ingredients or recipes.
3.5 Shopping-list information
Shopping-list data may include:
- ingredients;
- quantities;
- units;
- purchased or unpurchased status;
- associated recipes;
- intended number of drinks;
- list owner;
- sharing status;
- public sharing token or link;
- dates of list changes.
3.6 Shared and collaborative shopping lists
A person who has a public sharing link may be able to view:
- the contents of the shopping list;
- the public name of its owner;
- the current purchased status of products.
In collaborative mode, persons with the link may also see changes made by other participants and may modify the purchased status.
Muddlo may record technical information relating to the change, such as the time, visitor identifier, session information and IP-related security data.
Muddlo does not necessarily know the real identity of a person using a public sharing link.
3.7 Individual shopping lists
In individual-list mode, the purchased status is associated with a particular browser through the cookie:
muddlo_shopping_visitor
This identifier is retained for up to 365 days, unless the User deletes it earlier through browser or privacy settings.
The identifier separates list states between browsers. It is not intended to establish the visitor’s civil identity.
3.8 Submitted recipes
When a Registered User submits a recipe, Muddlo may process:
- recipe title;
- HTML-formatted description;
- preparation instructions;
- ingredients and quantities;
- categories;
- tags;
- uploaded photograph;
- account identifier and author name;
- submission and modification dates;
- publication status;
- moderation history;
- rejection reason.
3.9 Photograph metadata
Uploaded photographs may contain EXIF or other embedded metadata, including:
- device information;
- date and time of creation;
- camera settings;
- software information;
- potentially geographical coordinates.
Muddlo does not currently guarantee that all metadata is removed from uploaded files. Where an original file is publicly accessible, its metadata may also be accessible to third parties.
Users should remove unnecessary metadata before uploading photographs.
3.10 Recipe moderation data
Administrators and authorised moderators may access:
- recipe author;
- account and email information where necessary;
- submitted content;
- uploaded files;
- publication status;
- moderation notes;
- rejection reason;
- communication concerning the moderation decision.
3.11 Ratings and comments
When a person submits a rating or comment, Muddlo may process:
- rating value;
- comment text;
- submission time;
- recipe identifier;
- Registered User account information; or
- name provided by a Guest;
- moderation and publication status;
- technical information used to prevent duplicate or abusive submissions.
Comments approved by an administrator become publicly visible together with the displayed User or Guest name.
Users should not include private, confidential or sensitive personal data in comments.
3.12 Guest rating identifier
To recognise ratings submitted without an account, Muddlo may use the cookie:
muddlo_rating_visitor
The cookie is retained for up to 365 days, unless deleted earlier.
It is used to identify a browser for purposes such as preventing duplicate ratings, maintaining rating integrity and detecting abuse.
3.13 Ingredient-search logs
When a User searches for recipes based on ingredients, Muddlo may process:
- selected ingredients;
- number of search results;
- account identifier, where the User is logged in;
- user-agent;
- search date and time;
- hashed or pseudonymised IP address.
This information may be used to provide results, improve the search engine, understand ingredient popularity, diagnose errors and prevent abuse.
3.14 Recipe-view information
When a recipe is viewed, Muddlo may process:
- recipe identifier;
- account identifier, where the User is logged in;
- date and time of the view;
- hashed or pseudonymised IP address;
- session or browser information.
View statistics may be used for analytics, abuse prevention, content ranking and features such as selecting or recommending the “drink of the day”.
These statistics are not used to make decisions that produce legal or similarly significant effects concerning an individual.
3.15 Contact messages
When a person contacts Muddlo, the following data may be processed:
- name;
- email address;
- message subject;
- message content;
- attachments, where supported;
- technical delivery information.
Contact messages are sent to contact@muddlo.com.
The message is not intended to be stored in the main application database. It may remain in:
- the Operator’s email mailbox;
- the sender’s mailbox;
- mail-server logs;
- spam and security systems;
- backup systems;
- systems of the email service provider.
3.16 Logs, security and backups
For security and maintenance purposes, Muddlo may process data contained in:
- Laravel application logs;
- web-server logs;
- database logs;
- authentication logs;
- rate-limiting records;
- error-monitoring records;
- firewall or hosting-provider logs;
- backup copies.
These records may contain full IP addresses, user-agent strings, account identifiers, URLs, timestamps and technical error information.
4. Purposes and legal bases
Personal data is processed for the following purposes.
4.1 Providing accounts and requested features
Data is processed to:
- register and authenticate Users;
- maintain login sessions;
- provide password recovery;
- provide My Bar and favourites;
- create and manage shopping lists;
- save recipes, ratings and comments;
- provide shared-list functions.
The legal basis is generally the performance of a contract or taking steps at the User’s request before entering into a contract, under Article 6(1)(b) GDPR.
4.2 Publishing and distributing User Content
Recipe and comment data is processed to review, publish, display, moderate and distribute User Content, including public recipe information made available through the API.
The legal basis is the performance of the agreement with the User and the Operator’s legitimate interest in operating and developing a community recipe service.
4.3 Operating shared lists
Data is processed to create public links, display list contents, synchronise collaborative changes and maintain separate individual-list states.
The legal basis is the performance of the requested service and the legitimate interests of the Operator and list owner in providing functional list-sharing tools.
4.4 Communication and support
Contact data is processed to respond to questions, complaints, reports, moderation appeals, security notifications and other messages.
Depending on the subject, the legal basis is:
- Article 6(1)(b) GDPR where the message concerns an agreement or a request made before entering into one;
- Article 6(1)(f) GDPR, based on the legitimate interest in communicating with Users and handling enquiries;
- Article 6(1)(c) GDPR where processing is necessary to comply with a legal obligation.
4.5 Security and prevention of abuse
Technical data, logs, browser identifiers and account information may be processed to:
- prevent unauthorised access;
- prevent spam and automated attacks;
- apply rate limits;
- investigate security incidents;
- detect rating or view manipulation;
- protect shared lists and accounts;
- establish, exercise or defend legal claims.
The legal basis is the Operator’s legitimate interest in protecting the Service, Users and infrastructure under Article 6(1)(f) GDPR and, where applicable, compliance with legal obligations under Article 6(1)(c) GDPR.
4.6 Service statistics and development
Search logs, recipe views and aggregated usage information may be processed to:
- improve search results;
- identify popular ingredients and recipes;
- develop new features;
- diagnose technical issues;
- select or recommend content;
- measure the performance of the Service.
For first-party operational statistics that do not rely on non-essential cookies, the basis may be the Operator’s legitimate interest.
Google Analytics and Microsoft Clarity are used only in accordance with the User’s analytics-cookie consent where such consent is required. The legal basis for analytics involving non-essential cookies or similar technologies is Article 6(1)(a) GDPR.
4.7 Legal compliance and claims
Data may be processed to comply with binding laws, court orders and requests from competent authorities and to establish, exercise or defend legal claims.
The legal basis is Article 6(1)(c) or Article 6(1)(f) GDPR, depending on the circumstances.
5. Requirement to provide data
Providing account information is voluntary, but an email address, account name and password are required to create and maintain a standard account.
Failure to provide required information may make it impossible to:
- create an account;
- recover a password;
- save My Bar ingredients;
- save favourites;
- submit recipes;
- use other account-dependent features.
Providing an optional year of birth is voluntary unless clearly indicated otherwise.
Providing a name and email address may be necessary for the Operator to respond to a contact message or complaint.
6. Publicly available information
The following information may be publicly visible:
- published recipes;
- recipe photographs;
- recipe descriptions and instructions;
- ingredients, categories and tags;
- public author name;
- approved comments;
- Guest names attached to approved comments;
- ratings in an aggregated or individual form;
- shared shopping-list contents and the list owner’s name.
Public information may be:
- viewed by persons without an account;
- indexed by search engines;
- copied or shared by other Users;
- accessed through the public API where applicable;
- retained in third-party caches or archives.
Users should not use their email address, full legal name or other private information as a public account or Guest name unless they intend to make it public.
7. Public API
The API is intended to provide public recipe and ingredient information.
It is not intended to disclose:
- email addresses;
- password hashes;
- account roles;
- blocked-account status;
- session information;
- private My Bar data;
- favourites;
- non-public shopping lists;
- internal moderation notes;
- private account identifiers such as
user_id.
The Operator applies data-minimisation rules to API responses. However, no technical system can be guaranteed to be entirely free from errors. Suspected disclosure of a non-public field should be reported immediately to contact@muddlo.com.
8. Google Analytics
Muddlo uses Google Analytics to understand how visitors use the Service, including information such as:
- pages and recipes viewed;
- approximate location derived from network information;
- browser and device type;
- referring source;
- session duration;
- interactions with website functions;
- pseudonymous analytics identifiers.
Google Analytics may use cookies such as:
_ga;_ga_<container-id>.
These cookies are used to distinguish visitors and maintain session state. Their default duration may be up to two years, subject to browser limitations and the User’s consent choices.
Google Analytics should not receive names, email addresses, passwords or other information deliberately identifying a Muddlo account holder through page URLs, events or custom parameters.
Muddlo uses Google Analytics only after the User has provided the required analytics consent. Consent may be withdrawn through the cookie or privacy settings available on the website.
User-level and event-level Google Analytics data is intended to be configured for a retention period of 14 months, unless a shorter period is selected.
Google may retain certain aggregated data for longer in accordance with its own service rules.
9. Microsoft Clarity
Muddlo uses Microsoft Clarity to understand how visitors interact with the Service through tools such as:
- session recordings;
- click and scroll information;
- heatmaps;
- navigation paths;
- device and browser information;
- pseudonymous visitor and session identifiers.
Clarity may use cookies including:
_clck;_clsk;CLID;ANONCHK;MR;MUID;SM.
Clarity information may include visited URLs, interaction events, approximate location, device details and pseudonymous identifiers.
Muddlo must not intentionally send passwords, contact-message content or other sensitive form content to Clarity. Sensitive fields should be masked or excluded from recordings.
Clarity cookies and full analytics functionality are activated only after valid analytics consent where consent is required.
Under Microsoft’s documented retention periods:
- standard session playback data is generally retained for 30 days;
- click and heatmap data may be retained for up to nine months;
- labelled, favourited or sampled sessions may be retained for up to nine months.
Consent may be withdrawn through Muddlo’s cookie or privacy settings.
10. Google Search Console and Bing Webmaster Tools
Muddlo uses:
- Google Search Console;
- Bing Webmaster Tools.
These services help the Operator manage indexing, identify technical website issues and review information about how Muddlo appears in search results.
The information available through these tools may include:
- search queries;
- impressions;
- clicks;
- approximate countries or devices;
- indexed URLs;
- crawling and technical errors;
- links leading to Muddlo.
Search Console and Bing Webmaster Tools are administrative search-engine services and are not used by Muddlo as substitutes for on-site session analytics.
Website ownership may be verified through methods such as a DNS record, an HTML file or a verification tag.
11. Cookies and localStorage
Muddlo uses cookies and similar browser technologies.
11.1 Essential technologies
Essential technologies are used to:
- maintain sessions;
- authenticate Users;
- protect forms against CSRF attacks;
- remember login status where requested;
- maintain shopping-list functionality;
- prevent duplicate Guest ratings;
- store the age declaration;
- remember privacy choices;
- protect the Service against abuse.
Depending on configuration, these may include:
- a Muddlo or Laravel session cookie;
- an XSRF or CSRF token cookie;
- a remember-me authentication cookie;
muddlo_shopping_visitor, retained for up to 365 days;muddlo_rating_visitor, retained for up to 365 days;- a cookie-consent preference;
- an age-confirmation value in localStorage, retained for up to 180 days.
Essential technologies are used because they are necessary to provide a function requested by the User or to ensure security.
11.2 Analytics technologies
Google Analytics and Microsoft Clarity cookies are non-essential analytics technologies.
They should not be activated before the User provides analytics consent where consent is required.
The User must be able to reject analytics cookies and later withdraw consent without losing access to essential Muddlo functions.
11.3 Managing browser data
Users may:
- change their selection through the Muddlo cookie settings;
- delete cookies through browser settings;
- delete localStorage through browser or website-data settings;
- block cookies globally or for selected websites.
Deleting browser data may log the User out, reset age confirmation, remove individual shopping-list statuses and cause Muddlo to treat the browser as a new Guest for rating purposes.
Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
12. Recipients of data
Personal data may be disclosed to the following categories of recipients where necessary:
- hosting and infrastructure providers;
- database service providers;
- backup and storage providers;
- email and message-delivery providers;
- security and anti-abuse providers;
- authorised administrators and moderators;
- professional advisers, including legal and accounting advisers;
- Google in connection with Google Analytics and Google Search Console;
- Microsoft in connection with Microsoft Clarity and Bing Webmaster Tools;
- public authorities, courts or law-enforcement bodies where disclosure is legally required;
- persons accessing public recipes, comments, API responses or shared-list links.
Service providers may process data only for the purposes connected with providing their services, subject to applicable agreements and legal obligations.
13. Administrator access
Authorised administrators may access personal data where necessary for their duties, including:
- account names and email addresses;
- account roles and blocking status;
- account activity;
- submitted recipes and photographs;
- ratings and comments;
- shopping-list or shared-link information where required for support;
- ingredient-search logs;
- recipe-view statistics;
- moderation history;
- technical and security logs.
Administrator access should be limited according to assigned roles and protected through appropriate authentication and organisational measures.
Administrators are not permitted to use personal data for private or unrelated purposes.
14. Transfers outside the EEA
Some service providers, particularly Google and Microsoft group companies, may process data in countries outside the European Economic Area.
Depending on the service, the recipient and the destination country, transfers may be based on:
- an adequacy decision adopted by the European Commission;
- participation by an eligible recipient in the EU–US Data Privacy Framework;
- Standard Contractual Clauses approved by the European Commission;
- another lawful transfer mechanism provided by Chapter V GDPR.
Where required, supplementary technical and organisational safeguards may be used.
Information about the safeguards applicable to a specific transfer may be requested by contacting contact@muddlo.com. Certain contractual or security information may be redacted where necessary to protect confidential information.
15. Retention periods
Personal data is retained only for as long as reasonably necessary for the relevant purpose, subject to legal, security and claims-related requirements.
The following retention schedule is intended to apply.
15.1 Account data
Account data is retained while the account remains active.
Following a verified deletion request:
- the active account should normally be deleted or anonymised within 30 days;
- residual copies may remain in backups for up to 90 days;
- limited records may be retained for the applicable limitation period where necessary to establish, exercise or defend legal claims or document serious abuse.
15.2 Session data
Server-side session information is retained until the session expires, the User logs out or the session is invalidated.
Remember-me identifiers are retained until their configured expiry date, logout from remembered sessions, password reset or manual invalidation.
15.3 Age declaration
The age declaration stored in localStorage is retained for up to 180 days.
15.4 My Bar and favourites
My Bar and favourite information is retained until:
- the User removes the relevant item;
- the account is deleted or anonymised;
- the feature is discontinued.
15.5 Shopping lists
Shopping-list data is retained until the list is deleted or the account is deleted, subject to backup retention and legal requirements.
A public sharing link remains active until the list or link is deleted, revoked or invalidated. It does not expire automatically unless the Service states otherwise.
15.6 Browser visitor identifiers
muddlo_shopping_visitor: up to 365 days;muddlo_rating_visitor: up to 365 days.
15.7 Recipes and photographs
Published recipes and photographs are retained until they are deleted by the Operator or removed following a justified request.
Following account deletion, public content may be:
- deleted;
- anonymised;
- retained without a direct account association where a lawful basis remains.
Rejected recipes and associated moderation information should normally be retained for up to 12 months after the moderation decision, unless a longer period is necessary for a dispute, repeated abuse or legal claim.
15.8 Ratings and comments
Ratings and comments are retained until:
- they are removed by the author where such a function is available;
- they are removed through moderation;
- a justified deletion request is accepted;
- the relevant recipe or Service is removed.
Where an account is deleted, the rating or comment may be deleted or anonymised unless continued attribution is legally justified.
15.9 Moderation records
Moderation decisions, rejection reasons, abuse reports and related correspondence may be retained for up to 24 months after the final decision.
They may be retained longer where necessary for repeated violations, security incidents or legal claims.
15.10 Ingredient-search logs
Identifiable or pseudonymous ingredient-search logs should be retained for up to 12 months.
After that period, they should be deleted or converted into aggregated statistics that no longer identify an individual.
15.11 Recipe views
Identifiable or pseudonymous recipe-view records should be retained for up to 24 months.
Aggregated recipe popularity statistics may be retained for longer where they no longer identify an individual.
15.12 Contact messages
Ordinary contact correspondence may be retained for up to 24 months after the last substantive communication.
Messages connected with a complaint, dispute, contract or legal claim may be retained for the applicable limitation period.
15.13 Security and application logs
Ordinary application and web-server logs should normally be retained for up to 12 months.
Short-term rate-limiting data may be retained for a shorter period, normally no longer than 30 days, unless connected with a security incident.
Security-incident records may be retained for longer where necessary to investigate the incident, prevent recurrence or establish legal claims.
15.14 Backups
Backup copies should normally be retained for up to 90 days.
Data deleted from active systems may remain in protected backups until the relevant backup is overwritten or expires. Backup data is not restored for ordinary operational use unless necessary for disaster recovery, security or legal reasons.
15.15 Analytics services
- Google Analytics user-level and event-level data: intended configuration of 14 months;
- Microsoft Clarity session playback: generally 30 days;
- Microsoft Clarity click, heatmap and selected session data: up to nine months.
16. Data security
The Operator applies reasonable technical and organisational measures intended to protect personal data, including, as appropriate:
- encrypted HTTPS connections;
- cryptographic password hashing;
- access controls;
- CSRF protection;
- session security;
- rate limiting;
- software updates;
- backups;
- logging and incident investigation;
- restrictions on administrator access.
No online service can guarantee absolute security. Users should use a unique password, secure their email account and report suspected unauthorised access promptly.
17. Rights of data subjects
Subject to the conditions and exceptions established by applicable law, a person may have the right to:
- obtain confirmation as to whether their personal data is processed;
- obtain access to their personal data;
- receive a copy of their personal data;
- correct inaccurate or incomplete data;
- request deletion of data;
- request restriction of processing;
- object to processing based on legitimate interests;
- receive certain data in a structured, commonly used and machine-readable format;
- transmit portable data to another controller where technically feasible;
- withdraw consent at any time;
- lodge a complaint with a competent supervisory authority;
- obtain information about applicable international-transfer safeguards.
A request may be submitted to contact@muddlo.com.
The Operator may request information necessary to verify the requester’s identity. Additional information should be limited to what is reasonably necessary for verification.
The Operator will respond within the time required by applicable data-protection law. In complex cases or where multiple requests are submitted, the response period may be extended where permitted by law, and the requester will be informed.
Rights may be restricted where processing is necessary to comply with law, protect the rights of another person or establish, exercise or defend legal claims.
18. Account deletion and data export
Muddlo does not currently provide a complete self-service account-deletion or data-export function.
A User may request account deletion or a copy of their data by emailing:
The request should be sent from the email address associated with the account and should state whether the User requests:
- account deletion;
- deletion of selected content;
- anonymisation of public content;
- access to personal data;
- a portable export of account-related data.
Before completing the request, the Operator may send a verification message to the account email address or request other reasonable confirmation.
Deletion of an account does not necessarily result in immediate deletion of:
- backup copies;
- security records;
- data required for legal claims;
- public content that may lawfully be anonymised and retained;
- copies independently retained by third parties or API users.
19. Withdrawal of analytics consent
Analytics consent may be withdrawn through the cookie or privacy settings available on Muddlo.
After withdrawal:
- Muddlo should stop activating non-essential analytics cookies for future visits;
- existing analytics cookies may be deleted where supported;
- previously collected data may remain until the relevant retention period expires;
- essential account and security functions remain available.
Users may also delete analytics cookies manually through their browser.
20. Complaints to the supervisory authority
A person who believes that their personal data has been processed unlawfully may lodge a complaint with the competent supervisory authority.
For a controller established in Poland, the supervisory authority is:
President of the Personal Data Protection Office Urząd Ochrony Danych Osobowych – UODO ul. Stanisława Moniuszki 1A 00-014 Warsaw Poland
Before lodging a complaint, the person may contact the Operator at contact@muddlo.com so that the matter can be investigated, but contacting the Operator first is not a condition for exercising the right to lodge a complaint.
21. Persons under 18
Muddlo is not intended for persons under 18.
The Operator does not knowingly seek to collect account or community data from minors through the Service.
A parent, guardian or other person who believes that a minor has created an account or submitted personal data may contact contact@muddlo.com.
22. Automated decision-making
Muddlo does not use personal data to make decisions that produce legal effects or similarly significant effects concerning an individual.
Algorithms or statistics may be used to:
- rank recipes;
- display search results;
- recommend recipes;
- select a drink of the day;
- detect duplicate ratings;
- identify possible abuse.
These activities do not determine a User’s legal rights or access to essential public services.
Account restrictions and content-moderation decisions may be supported by technical signals, but significant enforcement decisions may be reviewed by an administrator where appropriate.
23. Changes to this Privacy Policy
This Privacy Policy may be updated due to:
- changes in law or regulatory guidance;
- changes in the Service;
- introduction of new providers or analytics tools;
- changes in data retention;
- security or technical developments.
The current version will always display its effective date and version number.
Registered Users will be informed of material changes by email, an account notice or another reasonable method where required.
Version history
- Version 1.0 – 14.07.2026: Initial version.
24. Contact
Privacy questions, account-deletion requests and data-subject requests should be sent to: