Privacy Policy

CuliNect ("we", "us", "our") operates the CuliNect platform at culinect.com. For privacy questions, contact us at privacy@culinect.com.

We collect the following when you use CuliNect:

• Account information — your name, email address, and password (stored as a bcrypt hash).
• Profile information — anything you add to your CV: work history, education, skills, certifications, photos, and a public handle.
• Content you create — posts in the feed, messages sent to other chefs, trail listings, and references you submit or receive.
• Files you upload — avatar photos, cover images, and CV evidence files (stored securely in our object storage).
• Usage data — server logs including IP address, browser type, pages visited, and timestamps. We retain logs for 30 days.
• Device information — browser type and operating system, collected automatically via server logs.

We do not use third-party analytics trackers, advertising pixels, or fingerprinting scripts.

• To operate and improve the CuliNect service.
• To display your public profile to other users and anyone with the link (if your profile is set to public).
• To send transactional emails — account verification, password resets, and important service notices.
• To process trail applications, references, and seal requests.
• To detect and prevent abuse, spam, and fraud.

We do not sell or rent your personal data to anyone.

Your public profile (name, handle, work history, skills, and any information you mark as public) is visible to other CuliNect users and, if your profile is public, to anyone on the internet — including search engines.

We use the following service providers, each with access limited to what they need to function:

• Self-hosted infrastructure — all database, file storage, and email sending runs on our own servers. No data is sent to cloud SaaS providers.
• Cloudflare — used as DNS and reverse proxy. Cloudflare may log request metadata as part of its standard DDoS protection.

We keep your data as long as your account is active. When you delete your account, we anonymise your profile within 30 days — your name and email are removed, and your content is either deleted or attributed to "[deleted]". Server logs are purged after 30 days.

Certain records (references, seal decisions) may be retained in anonymised form for fraud prevention.

You can, at any time:

• Access your data — view everything you've entered in the app.
• Correct your data — edit any section of your profile directly.
• Delete your account — go to Settings → Account → Delete Account. This permanently removes your profile.
• Request a data export — email us at privacy@culinect.com and we will send you a copy of your data within 30 days.

If you are in the European Economic Area or the UK, you also have the right to lodge a complaint with your local data protection authority.

CuliNect uses a single session cookie to keep you signed in. We do not use advertising cookies, tracking pixels, or any third-party cookies. You can clear this cookie at any time in your browser settings, which will sign you out.

All data is encrypted in transit (TLS 1.2+). Passwords are hashed using bcrypt. We run regular backups. Despite our best efforts, no online service can guarantee absolute security. Please use a strong, unique password and keep it safe.

CuliNect is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe a minor has created an account, please contact us and we will remove it promptly.

We may update this policy from time to time. When we do, we will update the effective date at the top and, for material changes, notify you by email. Continued use of CuliNect after a change constitutes acceptance.

Questions or requests? Email us at privacy@culinect.com. We aim to respond within 5 business days.